Monthly Archives: November 2014

Estonian journalists discover global leak of mobile telelephone numbers

The site www.whocall.info enables to search for unlisted mobile numbers from all over the world. One can search by phone numbers: entering a number with the international dialing code (such as 372 in Estonia) will prompt the programme to produce the name of the owner of the number. The article’s author Piret Reiljan said that she found many numbers of high-ranking politicians, including Estonian prime minister Mr Taavi Rõivas.

The site does not perform the opposite search: it does not provide numbers of persons if one searches by name, so one has to previously know the number to get the owner’s name. Even so, it is scary to imagine that the search could also be made to work the other way around. It is not known how all these personal number and names might be used. All we know is that it provides numbers, which have been unlisted by their owners and which are not published anywhere.
The owner of the website is not known. The site itself does not provide any contact information besides the name Whocall Ltd.

“This domain name was registered on October 30 of this year, and its owners are not identifiable from public sources,” said RIA expert Veldre.

According to Veldre it is really possible that someone in various ways collected telephone numbers published on Internet and put them in super database. “The situation is complicated by the fact that under the law of another country may be the case that such information gathering and serving is legal activity. I believe that the Data Protection Inspectorate have their say on this issue,” said the expert.

Veldre added, however, that if it is confirmed that the database contains numbers that should not be publicly available and their owners confirm that they did not made their numbers public, them it maybe be possible to find out how these numbers were leaked.

Links:
http://www.balticbusinessnews.com/?PublicationId=ac63e73d-4922-4f28-9675-a2629bb087c7
http://www.aripaev.ee/uudised/2014/11/26/ekspert-ehk-isegionnestub-lekkimise-koht-tuvastada-
http://www.aripaev.ee/uudised/2014/11/26/uks-lekkekoht-facebook

Estonians arrested in cybercrime-related raids across Europe

cybercrime

Europol reports that at least one arrest has been made in Estonia as part of an international operation against computer highjacking by Remote Access Trojans (RATs), led by the French police and coordinated through Europol.

Apart from Estonia, people suspected of misusing remote access Trojans were also detained in the UK, France, Romania, Latvia, Italy and Norway.

The UK’s National Crime Agency (NCA) said that criminals who successfully deploy RATs, can gain complete control over target computers. RATs are often deployed to spy on people via webcams, access banking or other personal information, download new and potentially illegal content, and use the victim’s computer to launch criminal Distributed Denial of Service (DDOS) attacks.

Links:
http://news.err.ee/v/scitech/992e2269-0d18-4742-9b2b-cc96b39cd90f

Interview with TUT Center of Digital Forensics and Cyber Security co-leader Olaf Maennel

Olaf_Maennel

Tallinn University of Technology (TUT) opened a new Center of Digital Forensics and Cyber Security on November 12. The Center will offer technical advice, academic education and training programs, conduct cutting-edge research projects, and raise public awareness of cyber security risks. ERR news interviewed the center’s co-leader, Olaf Maennel, to learn more about the newly opened center and the cyber security issues, as well as about his personal connection to Estonia.

Links:
http://news.err.ee/v/scitech/f503fe99-28fa-4e1c-9738-c4af41b69c42

Tallinn International CyberCrime Conference 2014

logo_tut

Location: Tallinn, Estonia – Radisson Blu Hotel Olympia
On 12 and 13 november 2014 the Tallinn University of Technology organizes the International Cybercrime Conference of 2014. The main agenda of the conference is to announce the official opening of TUT Centre of Digital Forensics and Cyber Security and to discuss current cyber security research.

Conference CyberCrime 2014, day 1, 12.11.2014 (most of the day in estonia – english simultaneous translation, with the exception of 2 presentations in english)

Moderator Aare Tammemäe, FinanceEstonia, Chairman of the Board
09.00 – 10.00 Registration and welcome coffee
10.00 – 10.15 Conference Opening Address: Prof Erkki Truve, Vice rector of Tallinn University of Technology
10.15 – 10.25 Mr Hanno Pevkur, Minister of the Interior, Republic of Estonia
10.25 – 11.10 Plenary Session 1
Key note speaker: Mrs Heli Tiirmaa-Klaar, Cyber Security Policy Advisor, European External Action Service.
EU Cyber Security Strategy and Capacity Building to Fight Cybercrime.
11.10 – 11.20 Mr Üllar Lanno, Estonian Forensics Science Institute.
The beginning of IT forensics in Estonia or how the 2CENTRE Estonia started
11.20 – 11.50 Coffe-break
11.50 – 12.20 Plenary Session 2
Mr Gert Jervan, Dean of Faculty of Information Technology, Tallinn University of Technology; Mrs Anu Baum, 2CENTRE Estonia; Rain Ottis, TUT Centre of Digital Forensics and Cyber Security. TUT Cyber centre – past, present and future
12.20 – 12.25 The importance of the establishment of 2CENTRE Estonia. Welcoming word by Minister of the Justice of the Republic of Estonia, Andres Anvelt
12.25 – 12.50 Signing the memorandum of association of TUT Centre of Digital Forensics and Cyber Security
12.50 – 13.30 Panel Discussion – Erkki Truve, Heli Tiirmaa-Klaar, Andres Anvelt, Priit Pärkna, moderated by Gert Jervan, Dean of IT faculty of TUT
13.30 – 14.30 Lunch
14.30 – 14.50 Ms Ann Mennens – B-CCentre (Belgium). The B-CCENTRE, establishing exchange and cooperation between academia, public and private sector in Belgium: a major challenge
14.50 – 15.10 Ms Cheryl Baker – University College Dublin (Ireland)
Success story of the university (UCD), IT-forensics in Ireland, Irish experience and challenges in the global forensics market
15.10 – 15.40 Coffe-break
15.40 – 16.00 Mr Tanel Tammet, Mr Rain Ottis, Mr Jüri Vain. Introduction of the Four Projects (e-Crime, ECESM, SEREIN, IT-Akadeemia)
16.00 – 16.30 Mr Andres Kütt – Advisor at Estonian Information System’s Authority. E-state, e-governance & e-citizen or why we need experts in digital forensics.
16.30 – 17.00 Conclusions of the Day 1
19.00 – 22.00 Reception hosted by prof Erkki Truve, Vice rector of Tallinn. University of Technology (admittance based on earlier registration). House of Brotherhood of the Blackheads
Pikk str 26, 10133 Tallinn
Phone: +372 631 3199

Conference CyberCrime 2014, day 2 (all day in English), 13.11.2014

Moderator Olaf Maennel
08.45 – 09.15 Registration
09.15 – 10.00 Gorazd Božič, Slovenia
Incident Response and CERT Cooperation in the Modern Age
10.00 – 10.15 Coffee break
10.15 – 11.00 Varis Teivāns, Deputy Manager of CERT.LV
“Role of Digital Forensics in Fight Against Cybercrime in Baltic States”
11.00 – 11.15 Coffee break
11.15 – 12.00 Matthew Sorell, Australia
Beyond metadata: non-cooperative provenance tracing of digital photography
12.15 – 13.15 Lunch
13.30 – 14.15 Nickolas Falkner, University of Adelaide, Australia.
Security and Automated Configuration: Where Standards and Policy Fail, Complexity Will Not be Enough to Save Us.
14.15 – 15.00 Pavel Laptev, Estonia
Cyber Forensics view from the Estonian Forensic Science Institute
15.00 – 15.15 Coffee break
15.15 – 16.00 Gergely Toth, Deloitte Cyber Security Team
An Industry perspective on cyber security challenges
16.00 – 16.40 Olaf Maennel, Professor, Tallinn University of Technology.
Summarizing the 2’nd day of the conference

Links:
http://www.conference-expert.eu/en/cybercrime-conference-2014/162-event-programme
https://www.b-ccentre.be/12-13-november-tallinn-international-cybercrime-conference-2014/

Mobile Pwn2Own 2014: Estonian hacked Nexus 5 using Wi-Fi attack

PacSec2014_pwn20wn

Researchers hacked several of the latest popular smartphones during the Mobile Pwn2Own competition that took place alongside the PacSec Applied Security Conference in Tokyo on November 12-13.

The competition, organized by HP’s Zero Day Initiative (ZDI) and sponsored by BlackBerry and the Google Android Security team, targeted the Amazon Fire Phone, iPhone 5s, iPad Mini, BlackBerry Z30, Google Nexus 5 and Nexus 7, Nokia Lumia 1520, and Samsung Galaxy S5.

Jüri Aedla of Estonia used a Wi-Fi attack against a Nexus 5, but failed to elevate his privileges, HP said.

Links:
http://www.securityweek.com/mobile-pwn2own-2014-iphone-5s-galaxy-s5-nexus-5-fire-phone-hacked

PacSec 2014: Internet voting and signing legally binding documents over the Internet

PacSec

“Internet voting and signing legally binding documents over the Internet”
Harri Hursti, Margaret MacAlpine,

Internet Voting initiatives are discussed around the world and the common claim made is that no successful attack against an Internet Voting system have ever been demonstrated. This is not the case anymore.

Also, there has been a drive from Estonia to Taiwan to deploy national ID cards enabling paperless legal document systems. Important lessons are now learned about how not to do that.

Two countries in the world have been deploying Internet Voting larger scale : Estonia and Norway. In Norway the deployment of Internet Voting was always labeled as a trial, leaving Estonia as the only prominent country to perform general elections deployment, in the last election, over 31% of all votes were cast over the Internet.

After the recommendation of Mr. Hursti in October 2013, the Centre Party of Estonia invited an independent team of security researchers as election observers, a team of 4 international experts: Margaret MacAlpine, Jason Kitcat, Alex Haldermand and Harri Hursti. As a result, a variety of deficienies and vulnerabilities were discovered. Partially as result of publishing these discoveries, Norway announced the termination of their Internet Voting experiments, stating that the risks are outweighting the benefits.

Estonia published a partial source code of their election system, namely they have published most of the server-side code, but without the client. This allowed the researchers to build a fully functional copy of the Estonian election system into a laboratory environment to develop and test fully-functional attacks.

The Estonian government has also announced a new initiative: E-Citizenship. Under Estonian law, any document cryptographically signed with a National ID card is legally as binding as if the document were signed and notarized. Under the Estonian E-Citizenship initiative, non-residents and non-citizens can apply for E-Citizenship and enjoy various benefits for handling their business and lives as virtual EU citizen. The heart of this initiative is legal document handling with an ID card issued.

Client-side attacks developed and demonstrated against the Estonian Internet Voting system have extremely far reaching implications towards the heart and core of the Estonian E-government, and global implications as almost anyone can become an Estonian E-Citizen.

Links:
https://pacsec.jp/speakers.html?language=en

Estonian Banking Association publishes new technical specification for Banklink

eesti-pangaliitbanklink_authentication

Press Release 09.10.2014 Banks will raise the banklink service security

Estonian banking association managing director Katrin Talihärmi said the most important changes concern the comfort and security. “Merchants now have much easier way to set up e-services. In the the past banks used a variety of solutions. Now you can use banklink service to accept payments from customers with similar technical solutions,” explained Talihärm. According to her, the banklink service is made even more secure, since widely implemented digital signatures allow to determine whether the customer uses for authentication ID card, Mobile-ID, PIN-calculator or code card. The new service allows for merchants to use also the IBAN format account numbers.

During the transition period, which lasts until the end of 2015, banks will support both the old and the new banklink protocol format.

The renewed specification is supposed to fix protocol level security flaws discovered previously.

Links:
http://pangaliit.ee/et/uudised-list/356-pressiteade-pangad-tostavad-pangalingi-teenuse-turvalisust
http://math.ut.ee/~arnis/bankauth/

SK Annual Conference 2014

sk_conference_2014

SK Annual Conference 2014 took place in November 6, 2014.

9:00-9:45 Registration and coffee
9:45-9:55 Drone presentation, Jaan Kronberg
10:00-10:05 Opening remarks by SK CEO Kalev Pihl
10:05-10:30 SK overview of the 2014 and NutiKaitse 2017, Kalev Pihl​​, SK
10:30-10:45 e-Residence, Kaspar Korjus, Estonian Development Fund
10:45-11:20 What will happen in January 1, 2015? (BDOC and Mobile-ID), Liisa Lukin, SK
11:20-11:45 Coffee break
11:45-12:20 eIDAS, Mait Heidelberg, MKM
12:20-12:45 International DigiDoc client, Jaan Murumets, SK
12:45-13:30 Lunch
13:30-14:30 Online Arms Race, Mikko Hyppönen, F-Secure
14:30-15:00 Coffee break
15:00-15:30 New Generation of eID Smartcard, Andreas Lehmann, Trüb Baltic AS
15:30-16:00 eID future trends, Tarvi Martens, SK
16:00-16:20 Questions and Answers
16:20-16:30 Closing remarks and prize lottery
16:30-17:00 Scandinavian experience, Alev Ström
17:00-17:30 Evening snack

Links:
https://sk.ee/ettevottest/aastakonverents-2014/

EVOTE2014: Verifiable Internet Voting in Estonia

estonian_internet_voting_protocol

Abstract
This paper introduces an extension to the Estonian Internet voting scheme allowing the voters to check the cast-as-intended and recorded-as-cast properties of their vote by using a mobile device. The scheme was used during the 2013 Estonian local municipal elections and the 2014 European Parliament elections. 3.43% and 4.04% of all Internet votes were verified, respectively. We will present the details of the protocol, discuss the security thereof and the results of implementation.

Links:
http://www.e-voting.cc/en/portfolio-item/proceedings-evote2014/