McAfee: Revealed: Operation Shady RAT (2011)

“What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth — closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics and much more has “fallen off the truck” of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries.

What is happening to all this data — by now reaching petabytes as a whole — is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world, not to mention the national security impact of the loss of sensitive intelligence or defense information.

Yet, the public (and often the industry) understanding of this significant national security threat is largely minimal due to the very limited number of voluntary disclosures by victims of intrusion activity compared to the actual number of compromises that take place. With the goal of raising the level of public awareness today we are publishing the most comprehensive analysis ever revealed of victim profiles from a five year targeted operation by one specific actor — Operation Shady RAT, as I have named it at McAfee (RAT is a common acronym in the industry which stands for Remote Access Tool). ” (author)

Revealed: Operation Shady RAT: An investigation of targeted intrusions into 70+ global companies, governments and non-profit organizations during the last 5 years
White paper
by Dmitri Alperovitch, VP Threat Research, McAfee
Published 2 August 2011
14 pages

author’s blog entry
author’s tweet
further coverage (Vanity Fair)
further coverage (Security Week)
further coverage (Reuters)
further coverage (Guardian)

PDF (updated on 2017-11-24)

Mathieu O’Neil: Cyberchiefs: Autonomy and Authority in Online Tribes (2009)

People are inventing new ways of working together on the internet. Decentralised production thrives on weblogs, wikis and free software projects. In Cyberchiefs, Mathieu O’Neil focuses on the regulations of these working relationships. He examines the transformation of leadership and expertise in online networks, and the emergence of innovative forms of participatory politics.

What are the costs and benefits of alternatives to hierarchical organisation? Using case studies of online projects or ‘tribes’ such as the radical Primitivism archive, the Daily Kos political weblog, the Debian free software project, and Wikipedia, O’Neil shows that leaders must support maximum autonomy for participants, and he analyses the tensions generated by this distribution of authority.

Publisher Pluto Press, 2009
ISBN 0745327974, 9780745327976
242 pages

publisher
google books

PDF (updated on 2013-3-3)

OSCE: Freedom of Expression on the Internet (2011)

In 2010, the Office of the Representative on Freedom of the Media of the OSCE commissioned a report to assess Internet regulation among its Member States. Considering the global nature of the Internet, as well as the lack of harmonisation at international level, many States have adopted regulation measures in order to implement national legislation also on Internet related matters.

The OSCE examined, in particular, existing laws and practices related to freedom of expression, the free flow of information and media pluralism on the Internet, which are fields potentially menaced by national Internet legislation. Indeed, member states have made commitments in regard of media freedom principles with which they should act in accordance.

OSCE’s study is based on a questionnaire given to participating members, which deals with four main subjects: a) internet access, b) internet content regulation, c) blocking, filtering and content removal and, d) licensing and liability & Internet hotlines. Because of the significant cultural diversity between Member States, national Internet legislation differs from one state to another. According to what is considered harmful in one state, for example, different content regulation has been adopted. In addition, participating states have various provisions as far as Internet access is concerned. For instance, lately many states have authorised blocking access to websites deemed illegal conforming to national legislation. Such practices are incompatible with OSCE commitments, as well as with other universal or European conventions signed by Member States and concerning media freedom, freedom of expression and free flow of information.

After having examined all the elements provided by participating states, the report made a series of recommendations which aim to ensure that the Internet remains an open and public forum for freedom of opinion and expression. Some of the aforementioned recommendations are the respect of net neutrality, refrain from mandatory blocking of content or websites, recognition of Internet access as a human right, all taking into consideration the borderless nature of Internet.

Freedom of Expression on the Internet: Study of legal provisions and practices related to freedom of expression, the free flow of information and media pluralism on the Internet in OSCE participating States
Publisher: Organization for Security and Co-operation in Europe (OSCE): The Office of the Representative on Freedom of the Media, July 2011
233 pages

publisher

PDF