Anonymous Philippines Hacks Bangko Sentral ng Pilipinas

Bangko Sentral ng Pilipinas' website (www.bsp.gov.ph) has been hacked yesterday by people who claims to be part of Anonymous Philippines.

It is transparent as evidenced by the statement left by the hacking group on BSP's website (screen shot below) that the act was intentionally done as a way to protest against the signing of the Cybercrime Prevention Act of 2012. Hackers claim that the law really intends to limit people's freedom of expression masquerading in a facade of an act against cybercrimes. 

Photo Credits to http://ow.ly/e1OH9 

Hackers said that the law is “cunningly designed to make you think it only applies to individuals who are deep in cyber-technology and doesn't apply to everyone…”. Even adding that “some part of the bill basically says it can imprison anyone who commits libel either by written messages, comments, blogs, or posts in sites such as Facebook, Twitter, or any other comment-spaces of other social media in the Internet.”

Apart from BSP, the following websites were also compromised:

• Metropolitan Waterworks and Sewerage System (MWSS)
• Department of Environment and Natural Resources - Region III
• Smokefree Philippines of the Department of Health
• Pilipinas Anti-Piracy Team (PAPT)
• American Chamber of Commerce in the Philippines (Amcham) 
• Institute for Development and Econometric Analysis (IDEA)

Luckily, the technical department of Bangko Sentral ng Pilipinas were able to promptly response and restored the site at 2:00 am. 

--

This event should be an eye opener that for everyone to start reviewing their security protocols and employing the necessary security tools so as to mitigate risks of being compromised. 

We will be glad to assist you on your security concerns. Feel free to send us an inquiry at sales-apac@globalsign.com. Visit our website at www.globalsign.com.sg for the full range of products and services. 

First-in-the-Market Security Feature Guarding Against Phishing Attacks

GlobalSign, through its partnership with NetCraft, maximizes customers' investment by providing another first in the market solution giving customers additional security against phishing attacks. The GlobalSign NetCraft Phishing Alert Service allows GlobalSign to provide its customers real-time alert should their websites be used in hosting phishing attacks.

Photo credits to http://ow.ly/e1IbL 

A continually updating phishing feed is generated by NetCraft which has successfully blocked 5 million phishing attacks. NetCraft will abruptly send GlobalSign a notification, which is then relayed by GlobalSign to either the site owner or the hosting company which applied for the SSL certificate on behalf of the customer. Should it be proven that the site was intentionally created for malicious intents, their SSL certificate will be revoked.

“Phishing attacks which make use of SSL certificates are especially dangerous as people have been taught to associate the presence of a valid SSL certificate with an increased level of assurance,” said Mike Prettejohn, Director of Netcraft. “We are delighted that Globalsign has decided to partner with us and lead the way for Certificate Authorities to take greater responsibility for the sites that they certify."

The partnership between GlobalSign and Netcraft will reduce the risk of GlobalSign’s customers being victimized by such attacks and causing unaware site owners disruption to their otherwise legitimate business.

---
Visit www.globalsign.com.sg for more information. You may also send us an inquiry at sales-apac@globalsign.com

Philippine Cybercrime Prevention Act of 2012, Signed

Cybercrime Prevention Act 2012, (Senate Bill 2769) a bill which allows authorities to examine and investigate people for internet-related crimes, was signed last Monday, September 12, 2012, by the Philippines Senate.

To this date, criminals are rampant not only on sidewalks, streets, and dark places, but also in cyberspace. People can easily hack accounts and steal identities and intellectual properties. The high risk this poses to government, enterprises, and individuals served as the catalyst for Philippine authorities to draft a bill ensuring prevention of unwanted cyber theft.

The bill contains a number of punishable offenses including, but not exclusive to (a) illegal access to a computer system (b) illegal interception of data (c) data interference (including international alteration or damaging of data) (d) system interference (including damaging or altering computer data or programs) (e) use, production, sale, procurement, importation, distribution or making it available without right of malware, passwords or codes, and (f) all computer-related forgery, fraud or identity theft.

There have been global government-initiated efforts to combat cybercrimes. Even the United States, District Court of Virginia commissioned Microsoft to start the move towards reducing, and possibly having zero-cybercrime rate*.

Philippine government allotted an annual budget of Php50 million for the implementation of the law. With the bill about to be executed, it is expected cybercrimes will diminish in number, though understandable that it’s near to impossible these malicious intents come to a complete stop. Even with the bill, people are still not hundred percent sure and guaranteed of their security online. What’s good about the new law is that it will require enterprises, and individual businessmen running their electronic commerce business to follow stringent security rules. The bill does not specify which security features are to use and which technology to employ. It uses ‘tools’ as the words to describe them, but these can understandably be the SSL certificates, and digital signatures.

GlobalSign, being one of the world's largest SSL and client certificate provider, has just the right solutions for different needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL. The latter would be the best choice should you want to give your customers the best and most secure surfing experience. Moreover, GlobalSign also offers cost efficient solutions for those having a number of domains and subdomains to secure – SANs and Wildcard SSL, respectively. Subject Alternative Name (SAN) is utilized by multi-domain SSL certificates from GlobalSign to enable you the flexibility to secure up to 40 different domain names, subdomain, and public IP addresses using only one SSL certificate and IP address.

Moreover, GlobalSign also offers a range of digital certificates both for enterprise and individual use including Personal Sign, which allows customers to digitally sign emails and Microsoft office documents, PDF sign, allows digital signing of PDF documents, and code signing, which allows developers to digitally sign their applications and programs.

It is expected that the implementation of the bill and customers’ willingness to abide by the rules will significantly lower the risks of online theft. Get your security products from GlobalSign and enjoy full assistance from fully qualified local technical support.

For further inquiries about the products you may visit our website: https://globalsign.com.sg, or contact us directly at sales-apac@globalsign.com. We will be more than willing to assist you in your needs.

4M'S (MOBILE MALWARE MAKING MILLIONS)

If in marketing there is 4P's, then here's the 4M's we should all be aware about. Hackers or malware writers are increasing tremendously nationwide and they are making a profit out of it not only on your personal computers but in mobile phones as well.

We all are aware of the mobile usage of the economy to this date. And believe it or not, hackers are also into this nowadays. Since we are all users, then we all should be aware of this jeopardy. Malwares are most common in usage of phone as payment mechanism, also termed as “Toll Fraud”, which is currently widespread in Russia, the Middle East, and parts of Europe.

It has been accounted that there is an 82 percent of user detections in June 2012. Imagine the huge percentage of industry business it had become in a month that it has a record of millions of dollars successfully stolen from the people, not to mention the transactions that are not successful.

Despite the growing issue of privacy on mobile devices, a significant component of users are still having a hard time coping with aggressive advertising techniques. It has been estimated that only 5 percent of Android applications include these aggressive players but were downloaded for over 80 million times. Why do people with privacy issues still download these advertisements and how does malware writers earn? The answer is simple, these techniques include the ever famous pushing out-of-app ads and with every click thereof comes the access of personal identifiable information without the user knowing. And these information about the user can be sold to companies who need it for a lot of financial compensation.

BOTTOMLINE: People need to be aware of the danger their mobile phones might get if they won't be aware of what they are hitting in those unsafe links and download buttons. They should also know that username and password left unprotected can also be hacked immediately. As suggested by the professionals, we should always sign-out or log-out our accounts specially if we are not using our own devices. Because if this continues to happen, then eventually people will lack trust in using mobile phones for transactions due to unending fraud.

For your online and digital security needs, visit www.globalsign.com.sg.

Or send us an inquiry at sales-apac@globalsign.com

Millions of Personally Identifiable Information Exposed

Government sector reported 268 incidents of data breaches which exposed 94 million personal identifiable information records.

In less than three years, the number of exposed government records tremendously increased leaving the public documents including those with personally identifiable information more vulnerable to unauthorized access. A recent report listed 268 successful incidents of data breaches among government sectors in the US. These figures are not much of a surprise especially with the ever-increasing rate of online threats*.

Government stated that they need to examine threats carefully so as to reduce risk of being hack again. With sensitive information compromised and made available to the public eyes, protecting critical infrastructures and information has been a great challenge for the government and other big organizations.

Security Solutions for Different Needs

No one's ever safe from the malicious intents of cybercrminals. Even the powerful and technologically advanced nations and corporations are not invincible to such threats. If leading nations are already struggling to keep their records from being compromised, the probability of being at risk may be double for unsuspecting individual users, small businesses, and third-world countries.

Many people are tempted to be part of the hacking society as it has proved to be one of the most lucrative crafts today. This fact alone makes it really hard for people to guard themselves from the hazards of online threats and data breaches.

GlobalSign, one of the largest trust services providers with global presence, offers a one-stop solution for all security concerns. GlobalSign's comprehensive product line ranges from SSL certificates to client certificates (Personal Sign, Document Sign, PDF Signing, Email Authentication) for both individual and enterprise use. GlobalSign certificates are protected by the highest encryption level available leaving customers at free of security concerns, thus allowing more time to attend to their respective businesses to achieve the best ROI. By partnering with the industry's largest names, GlobalSign is able to deliver timely and reliable solutions, and is still continuously coming up with new technologies which will revolutionize way data are protected online.

The GlobalSign team will be happy to assist you on your industry/business-specific needs. Visit www.globalsign.com.sg to know more about the solutions we offer. You may request a custom quote or send an inquiry to sales-apac@globalsign.com.

Keywords: GlobalSign, SSL, SSL certificate, PDF sign, document sign, email security,

Invitation to the WHD.au 2012

As a Gold Partner, GlobalSign invites you to the first WHD.au 2012 and learn more about its newest innovations: OneClickSSL and CloudSSL

Being the world’s largest series of hosting events, WorldHostingDays is extending its scope to Australia for the first time. Following the continuous boosts in the demands for IT-related products and services in Australia, it is definitely the next region to lookout for. Thus, WHD.au is the perfect venue to meet, learn, and team up with the biggest names in the hosting, cloud, and other web-based industries. The rapidly progressing and technologically aggressive Australian market is just the right place to explore new business opportunities, generate new business leads, and exchange innovative ideas with the leaders in the industry. You can register for WHD.au now using this code: 71T2F84 courtesy of GlobalSign. Using this registration code waives the USD 199 ticket cost and grants you full access to the event.

WHD.au takes place on October 09, 2012 at the Crystal Palace at Luna Park, Sydney. As a Gold Partner, GlobalSign invites you to be part of the first WHD.au and witness its very own Irena Haryono as she talks about GlobalSign’s latest innovations: OneClickSSL and CloudSSL. The hosting session will detail how GlobalSign OneClickSSL and CloudSSL provide Hosting Companies the most relevant solutions for hassle-free SSL deployment on both cloud and non-cloud environments ensuring maximum ROI.

More details about the hosting.SESSION:

Date: October 09, 2012

Topic: Reselling SSL with Ease through GlobalSign's Revolutionary Technologies

Speaker: Irena Haryono, Sales Lead, GlobalSign APAC

Stay tuned for the further details on the hosting.SESSION.

For your online and digital security needs, visit www.globalsign.com.sg.

Or send us an inquiry at sales-apac@globalsign.com

Secure Site Seal: Not Your Ordinary Website Emblem

Secure Site Seals are more than just accessories attached to web pages. Used properly, they are effective trust and revenue booster tools.

With the widespread publicity of the many cases of internet fraud, hacking attacks, identity theft, and data breaches, majority of internet users have learned to be cynical of every website they visit paying particular attention to items indicating secure server connections such as SSL certificates. In the same manner, organizations looking over online security practices have become very particular with their security practices guidelines especially for those websites where personal and sensitive information come and go.

It is this scepticism of users and the very stringent policies that pushed online security industry readers to come up with a Security Site Seal, an additional security feature easily visible on the clients’ websites. The problem is people are not fully aware of security seals’ purposes. Many even think that they are just merely website emblems incorporated by website developers to make their website have a more professional feel. But in reality, Secure Site Seals mean a lot more than emblems.

Site Seals as Trust Marks and Revenue Booster Tools

If you are running your own ecommerce business or if you wish to start one, you must be very aware that many customers are hesitant to do online business and the only way to resolve this problem is to gain their trust by providing them evidences that you are indeed an authenticated seller.

Security Site Seals are online “trust marks” proving website visitors that their transactions are fully authenticated and secured by the strongest SSL certificates issued by a trusted Certificate Authority like GlobalSign. Logically, the more details customers get about the security practices websites run, the more will they be confident in doing business online. Site seals display just the right amount of relevant information to convince users of the website’s credentials including the current security technology the website uses, identity of the website owner, and details about the issuing Certificate Authority.

Displaying Security Site Seal is also another way of letting your customer know you care of their welfare through investing on their data’s security. Not only that, displaying site seals would help mitigate the risk of customers leaving shopping carts behind because for security reasons, therefore letting you experience significant boost in business revenues.

Get your own SSL Certificate and Secure Site Seal from GlobalSign now. Visit www.globalsign.com.sg for more details or send us an inquiry at sales-apac@globalsign.com

Largest Number of Detected Malwares in Four Years

Latest report* released by a security company claims that there has been a 1.5 million increase in detected malware since Q1 of 2012. Apart from the usual malwares attached to emails, applications, websites, and other codes accessible via a personal computer, malwares today are slowly becoming rampant across a number of other platforms and devices.

The report further says that new generation malwares particularly designed for mobile devices are seen to be on the rise. What’s to note is that virtually all new mobile malwares detected in Q2 2012 were targeting Android platform and was comprised of a mixture of SMS-sending malware, mobile botnets, spyware, and destructive Trojans.

Though mobile devices seem to be the next big targets for malware writers, the use of websites as channels to spread potentially unwanted programs is still mainstream. The security company which has commissioned the report recorded an average of 2.7 million new bad URLs per month and of these, 94.2% hosts malwares or other codes which have been specifically designed to hijack computers.

Be Protected from Malicious Softwares through GlobalSign Malware Scanning

It is common knowledge that there are thousands of websites being hacked every day and used as channels to distribute malwares to site visitors. Malwares are potentially harmful not just for your visitors but also for website owners whose identity and reputation will be as well compromised. Thus, the issue of malware infection must be one of the major concerns which need immediate response especially if you are running an online business. As trust is tantamount for sales, ensuring customers that they are indeed in secure and malware-free websites is very important.

GlobalSign offers a two-in-one response to this timely issue. GlobalSign SSL comes with a malware scanning feature, HackAlert, which is a web-based service acting as an early warning system for malware detection. By using numerous non-intrusive detection techniques, including passively crawling and actively analyzing the content of each webpage, HackAlert quickly detects any signs of compromise and identifies the associated malicious code.

Do not risk your website being a host for malwares. Get your own SSL certificate now from GlobalSign. For more information, visit our website at www.globalsign.com.sg. You may also send an inquiry to sales-apac@globalsign.com.