Reuters reports that charges have been pressed by the US government against Bo Zhang, a 32-year-old China-born programmer. He is accused of illegally copying the source code of government-owned software that cost $9.5 mln to develop, to an external hard drive.

When the leak was discovered, the programmer was a part-time employee of the U.S. Federal Reserve Bank, which helped him get access to the source code of the software developed for the US Department of the Treasury.

The compromised program, called Government-wide Accounting and Reporting Program (GWA), was developed for monitoring the money transfers made by the US government and reporting to a variety of government agencies and organizations.

Once the leak was discovered, the bank initiated an internal investigation and handed the results over to the police. As the result, Bo Zhang was arrested on January 18.

The FBI did not find any signs of espionage and he was released on bail. The trial will take place on February 17 and if he is found guilty (he is being charged with the theft of government property), he may be sentenced to up to 10 years of prison.

Data mining (deep data analysis) — a collective term used for a set of methods for detecting previously unknown, unusual, interpretable and practically useful knowledge in arrays of data that can be used for making decisions in various fields of human activities.

It’s common knowledge that complete privacy in today’s world is a utopian concept: our names appear in different kinds of lists and reports on a daily basis. We pay for goods and services with credit cards, use mobile phones, buy tickets… And when it comes to the Internet, we leave a colossal number of tracks: from the addresses of visited pages to search engine queries – everything can be intercepted, logged and stored in a single database.

The primary purpose of data mining lies in the analysis of huge amounts of data in such databases (involving special analytical patterns).

For instance, there is nothing suspicious about money being transferred from one account to another. Or about somebody buying a plane ticket to a large city. Or buying a large shipment of fertilizers. Or, let’s say, buying a kitchen timer or several cheap mobile phones from an online store. However, if all of these purchases were made by a single person, the local anti-terror force should definitely take a closer look.

It would seem that combining so many heterogeneous pieces of information is an immensely complex task. However, such a system is absolutely possible and may have been in operation for some time now.

The Total Information Awareness program was developed by the Pentagon from 2002 through 2003 and was aimed at detecting suspicious behavioral patterns. Following a number of public protests, it was renamed to Terrorism Information Awareness (TIA) and became nearly completely confidential. The report of the Department of Homeland Security mentions three active programs of this type. Similar solutions are being developed by other countries as well: China, the United Kingdom, Israel and Germany.

The legitimacy of such analysis is a matter of harsh public debate and none of the parties has been able to decide whether security is more important than privacy (or vice versa). And while the debate is in full swing, data collection and analysis are booming on the Internet – the Law hasn’t fully set foot on this land yet.

We did not announce any changes we made in our programs for a long time while we were releasing new versions. Therefore, today we decided to hold a slight review and recall everything.

One of the most important updates was the development of a module for protecting financial information. This is a special script that automatically searches for lines in the program’s logs that are similar to credit card numbers, and deletes them from the monitoring journal. Screenshots made at that moment are also deleted.

These protective mechanisms work only in cases when this is possible and do not guarantee protection in absolutely all cases. The script is gradually being improved to minimize false alarms and errors. It cannot be turned off since its very existence carries out legislative norms.

For the programs Employee Monitor and Terminal Monitor, due to many requests from the users, a feature was added of configuring log storage in a local or network folder specified by the user.

A lot of work was done to improve the support of the latest versions of internet browsers (Opera, Firefox).

There was an improvement to message monitoring in Facebook, the social network.

The Turkish and Polish languages were added to the program interface.

Two of the largest private forums used by professional credit card fraudsters and spammers were hacked on 18 February.

Forum topics, information on thousands of registered users and private correspondence were all stolen and passed on to leading companies combating online fraud (RSA, Anti Money Laundering Alliance, IISFA) and to European, Russian and American law enforcement agencies.

The first forum to be hacked was the well known cybercrime forum “MAZA.la” (also known as “MAZAFAKA”). The forum members main activities and the topics discussed can be put into the following categories:

• document forgery,
• sale of stolen internet service records,
• spam,
• virus creation,
• laundering of illegally gained money.

It seemed to be impossible to enter this forum. It was completely private, and it was only possible to register if you had several authoritative backers who were already registered. The forum was protected by the most up to date security solutions: digital security certificates, an anti phishing filter and the server was located in Taiwan.

On 18 February the forum was attacked by hackers and the forum’s database (more than 2000 users) was stolen and handed over to law enforcement agencies.

Following this another similar forum, “Direct Connection”, was also successfully attacked.

Analysts now suggest that a struggle has begun between Russian carders and spammers for influence in the cybercrime world. However, there are no details or any evidence that this may be the case.

There have long been rumours that the GSM mobile phone standard (or even the devices themselves) contains undocumented features. However, up to now such technology had never been used in any country in the world by special services for collecting information.

This makes perfect sense. The technology would become useless if criminals knew about it.

However, it had to happen one day. At the beginning of this year, the first court case was held where location data obtained using undocumented GPS enabled mobile phone features was used as evidence. A secret request was sent via the mobile phone operator to the telephones, which then sent their location coordinates to the operator. Rumours of this capability can be considered to be confirmed.

As could be expected, this secret technology was not used against minor fraudsters, copyright violators or paedophiles but against a serious national security threat.

At the beginning of the year, in the Netherlands, 12 Somali illegal immigrants were arrested in seven different locations in this way. Four of them were planning a terrorist attack in the country. Access to the private data of the accused was authorised by a court order.

According to Germany’s Interior Minister Thomas de Maiziere, in the first half of this year a new department for protecting internet resources, The National Cyber Defence Centre will be created.

This centre will be run by the Department for IT Security (BSI), which already carries out similar functions.

This project was first discussed in the summer of 2010, when the Stuxnet virus was discovered. The virus’s attack on Iran did not affect Germany, but this was enough for the authorities to realise that the country’s infrastructure was not prepared for such a threat.

It is proposed that the National Cyber Defence Centre will be invested with authority by the intelligence agencies and the police, which will give it the greatest ability to combat hacker attacks. By the way, such power has already caused a large number of political arguments. For example, the Free Democratic Party of Germany argues that the creation of a body with such a range of powers is contrary to the law.

RapLeaf, a US-based company, has been successfully working in the area of social network monitoring (SMM) for several years and has accumulated significant experience in collecting and analyzing these data. In other words, the core of this business is the collection of comprehensive information about Internet users and selling it to interested third parties.

At the moment, RapLeaf’s database contains information about a huge number of uses – over one billion.

The main purpose of this information is obvious: ads and improvement of advertising efficiency through more accurate targeting. Ironically, these services are especially popular among politicians and public figures.

The company even got involved in a minor political scandal at the end of the past year when Wall Street Journal reporters noticed a rapid growth of the amount of finely targeted ads served to specific users. An investigation conducted by WSJ revealed that Jim Bender, a republican candidate, used RapLeaf’s services during his election campaign.

From a legal standpoint, RapLeaf has no right to store users’ names in its databases, but it’s not particularly important at the moment: the law does not prohibit storing the identifiers of users’ social network accounts that can be used to obtain actual users’ names.

Apparently, this data is not mined from social networks only. When a user registers on one of RepLeaf’s affiliate sites, it sets a user cookie that enables its owners to quickly and reliably collect information about this user.

Note that such monitoring activities can and are used for “positive” and “peaceful” purposes as well. For instance, there is a project that uses similar methods and aims at creating a system capable of recognizing the behavioral patterns of people with signs of depression who can potentially commit a suicide or hurt others.

It’s not a secret that a lion’s share of viruses and other types of malware are contracted on sites featuring adult content – erotic and pornographic materials. However, major publishers rarely cross this line, as the risk of losing sales and reputation is too high.

Mainstream Media International, the owner of YouPorn, a popular porn “tube”, chose another way of making money on its visitors: theft of the users’ browsing history.

These activities became the ground for a collective lawsuit against the company filed by site visitors accusing the company of eavesdropping and violation of privacy. The lawsuit specifically stated that all monitoring was intentional and that the JavaScript that copied browsing history records was obfuscated.

Obfuscation is a method of making the source code of a program unreadable and extremely hard to analyze while completely preserving its functionality.

Information collected using such methods has its price and this price is quite high. Knowing what sites users visited and what content they viewed allows companies to create better targeted paid products or services.

As a rule, such statistical data are purchased by advertising companies and ad networks interested in improving the accuracy of their campaigns and serving more relevant ads.

If the suit is satisfied, Mainstream Media International can be seriously punished for violating a number of laws, including the federal computer fraud and abuse statute, the computer crimes law of California, the competition and consumer rights laws.

Most of us see nothing criminal in a situation where one of the spouses reads the other’s email or SMS messages. Jealous and insecure types periodically peeked into their spouses’ pockets centuries before computers and cell phones were invented.

However, this situation may drastically change in the US thanks to their precedent system and a trial taking place these days.

The wife of the defendant, 33-year-old Leon Walker, used her husband’s laptop. Apparently, it wasn’t hard for him to steal the password for her Gmail account. When the wife wasn’t home, Leon periodically read her mail.

When he discovered that she was going to go back to her ex-husband, they had a fight and he told her how he got this information.

The woman called the police and accused her husband of breaking into her email account. Despite their relationship, the prosecution insisted on 5 years for the husband for violating privacy laws. Lawyers estimate his chances of clearing himself of the charge as fairly low.

If Walker eventually gets convicted, an important precedent will be created that will be used by judges in similar cases in the future. And there can be a quite a few of them.

The conflict between CyberSpy Software and the US Federal Trade Commission has been settled outside the courtroom. The conflict was caused by the developer’s violation of fair trade rules during the sales of RemoteSpy, its keylogging tool.

RemoteSpy was positioned as a comprehensive and impossible-to-detect spyware tool that was supplied with detailed installation instructions, including those for unauthorized installation.

The program is a typical keylogger with all the features of this type of programs: discreet interception of key presses, creation of screenshots, logging of IM chats and browsing history.

Despite the developers’ efforts, the program is still classified by many anti-virus tools as potentially dangerous spyware. For example, Kaspersky Labs software identifies it as riskware — a program capable of inflicting damage if used for illegal purposes.

The FTC forbade the use of provocative ad statements inciting users to use the program for illegal purposes. Consumers must be informed in advance about the responsibility for misusing this kind of software.

On the other hand, products must identify themselves in the system and have a functional installer with an option that allows the user to cancel the installation process. This will make illegal use highly problematic and won’t be an obstruction to using the program for legal purposes.

Once CyberSpy Software made the necessary changes in the product, the FTC allowed the company to resume the sales of RemoteSpy.