NASA computer servers vulnerable to attack

WASHINGTON — NASA's inspector general warned Monday that computer servers used by the US space agency to control spacecraft were vulnerable to cyber attack through the Internet.

"We found that computer servers on NASA's agency-wide mission network had high-risk vulnerabilities that were exploitable from the Internet," NASA inspector general Paul Martin said in an audit of NASA's network security.

"Specifically, six computer servers associated with IT assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable," the report said.

It said a cyber attacker who managed to penetrate the network could use compromised computers to exploit other weaknesses and "severely degrade or cripple NASA's operations."

The inspector general's audit of NASA's computer security found "network servers that revealed encryption keys, encrypted passwords, and user account information to potential attackers.

"These data are sensitive and provide attackers additional ways to gain unauthorized access to NASA networks," the report said.

UK PC users hit by huge fake antivirus attack

UK Internet users were on the receiving end of a large drive-by web attack at the end of February, which attempted to push fake antivirus at least 750,000 times on a single day alone, security company AVG has said.

According to a company analysis, on Sunday 27 February, detection levels for the previously obscure Russian 'Blackhole' exploit kit suddenly spiked to 900,000 globally from a few tens of thousands that would be typical for such kits, before dropping back again.

Unusually, almost 750,000 of these detections were for UK PCs, which offers a baseline for what must have been a sustained attack several times that size against mainstream web servers frequented by users in the country.

Why relatively well-protected UK Internet users was chosen is not clear, but the campaign does appear to have been successful, compromising 600 servers, and serving nine different Java, Adobe and Microsoft exploits, including the MS-MDAC flaw from 2006. The exploit servers were based overwhelmingly in Estonia with some in the US.

AVG managed to compromise one of the servers used to control the Blackhole attack, which reported a 'load' (execution) rate for bogus antivirus software of nearly eight percent. This only shows the number of machines that ran the Fake AV alerts based on successfully serving any one of the exploits, and not how many of these users fell for the scam and paid up in the end.

Estonia sees first conviction for internet pirate

TALLINN - An  Estonian court has passed down it's first sentence for illegally downloading material from the internet and selling it on. 

Ott Speek was sentenced to one year and three months in prison for copyright infringement after he was caught downloading popular video games, movies and business software.

The case has been ongoing for more than six years. The maximum possible sentence was 3 years in prison.

Estonia continues to embrace technology

The introduction of e-billing continues to showcase the acceptance of modern technology across Estonia.

With a population of 1.3 million, the Baltic state has introduced a number of e-technology initiatives in recent years and now the government is focusing on the implementation of e-billing to help reduce costs and improve efficiency.

"The e-billing environment will make state accountancy more transparent and will also improve the work of state accountants, freeing them from the need to type all the data from bills into the system," finance minister Jurgen Ligi told AP.

Starting next month, Estonia's finance and justice ministers will switch completely over to e-billing, with the rest of the government's departments following the initiative by the end of 2011.

Finance ministry spokeswoman Sigrid Laev believes the new plans could help to reduce the cost of paper billing from around 13 euros per bill to 40 cents.

Estonia's government made internet access a basic human right in 2000.

Parties demand delay of Dot-ee registration deadline

On the final day before Estonia deletes its free-of-charge websites, political parties raised their voices in protest, asking to postpone the deadline.

Website operators had more than six months to re-register their accounts, but many administrators procrastinated, and only half of the websites have been re-registered, according to Internet Foundation chairman Marek-Andres Kauts.

In July 2010, it was announced that Estonia's online environment would be reformed. The biggest change is that dot-ee websites have to pay an annual 18.2-euro fee to the country's Internet Foundation. Sites that do not register under the Internet Foundation are to be removed on February 7. Reforms also allow citizens to register more than one website and give foreign nationals the right to register dot-ee websites.

The Estonian Internet Community - an NGO founded in October 2010 to protest the controversial dot-ee domain reform – has criticized the deletion of the 12,000 pri-dot-ee domains which gave citizens free dot-ee websites. The major political parties have recently expressed support to the NGO, demanding that the Internet Foundation put off its changeover and rethink some its policies.

Altogether, 40,000 websites will be dropped, according to Estonia's largest web-hosting company, Zone Media.

Looking for a few good hackers

Quite familiar with invasion (from both the Soviets as well as the Nazis through much of the 20th century), Estonia didn't take the cyber attacks likely. It formed the Cyber Defense League, a volunteer group of programmers, computer scientists and software engineers that in wartime would function under a unified military command. The league has become a global model for how a company should defend itself in the case of a cyber attack, such as China's attack on Google and US government websites a couple of years ago or attacks on Iran's computer systems earlier this year.

The force regularly practices weekend exercises “to prepare for possible cyber contingencies,” Defense Minister Jaak Aaviksoo told NPR.

"[Our] league brings together specialists in cyberdefense who work in the private sector as well as in different government agencies,” Aaviksoo said.

The cyber unit is a division of the Estonia's Total Defense League, an all-volunteer paramilitary force dedicated to maintaining the country's security and protecting it against invasion.

The cyber assault in 2007 came after a controversial decision of the Estonia government to relocate a war memorial, and authorities claim to have traced the attack to Russia, which had been angered by the decision. As one of the most wired countries in the world with 80 percent of its citizens paying taxes and banking online, Estonia had a lot to lose to cyber terrorism.

Skype triggered establishment of IT start-ups in Estonia

When Skype was sold to eBay in 2005 for a little over two billion euros, about over 100 million euros circulated in Estonia. The majority of those funds went into the new investment firm owned by former Skype engineers – Toivo Annus, Jaan Tallinn, Ahti Heinla and Priit Kasesalu, Ambient Sound Investments (ASI). With ASI, true Western venture capitalism got its sea legs in Estonia, whereas before only Allan Martinson had fit the definition of venture capitalist, the TestMarket.com writes.

In four years, ASI has provided more than 17.3 million euros of funding for more than 30 technology or Web companies. At the start of 2010, ASI still had over 50 million euros of liquid assets in its accounts, some of it in term deposits. Besides that, the four men have millions of euros in personal funds. This is too much money; it is not possible to invest all of it in Estonia, informs LETA.

About one-half of Estonia's current technology or Internet businesses – the ones expected to run like gazelles or start a revolution – got their seed capital from ASI, run by the Skype engineers.

The best-known of these ambitious players are Modesat and Guardtime.

Modesat is developing a communications technology that will make it possible to introduce ultra-high-speed broadband Internet aboard jets and high-speed trains. The company is working with the world's biggest telecom giants, such as Ericsson, Nokia, Siemens and others, and recently hired a former vice-president of Samsung as their director of technology.

The other company, Guardtime, has developed a time-stamping technology for secure digital data and is now trying to find an application for it. Asian investors led by billionaire Li Ka-shing and the Singaporean government recently invested close to 6.4 million euros into the company.

The name of Skype has been used to every possible effect to promote Estonia, and many know Estonia as the land of Skype. In the Wikipedia entry on Estonia, Skype is the only local IT company mentioned.

The ultimate geek squad : Estonia trains army of computer experts to protect itself from cyber attacks

Estonia is recruiting an army of computer experts to defend itself during a cyberwar, almost four years after the country was subjected to a wave of cyber attacks.

In May 2007, computer hackers disabled the websites of government ministries, political parties, newspapers and banks, causing chaos in the small Baltic state.

In the years since the attacks, Estonia has mobilised a Cyber Defence League made up of programmers, computer scientists and software engineers.

The League is a volunteer organisation that in wartime would function under unified military command, reports NPR.

Defence Minister Jaak Aaviksoo told the radio station: 'Our league brings together specialists in cyber-defence who work in the private sector as well as in different government agencies.'

Mr Aaviksoo added that the League carries out regular weekend exercises 'to prepare for possible cyber contingencies'.

He also said that Estonians are more than willing to help strengthen their electronic defences because of their experiences of being occupied by the Soviet Army in 1939, Germany in 1931 and the Soviet Union until 1991 when Estonia broke free.

Mr Aaviksoo said: 'Insurgent activity against an occupying force sits deep in the Estonian understanding of fighting back and I think that builds the foundation for understanding total defence in the case of Estonia.'

Estonian shops started selling e-books

Several large Estonian bookstores started selling Estonian-language e-books on Monday, LETA/Postimees Online reports.

Apollo, Rahva Raamat and Krisostomus bookstore chains offer more than 120 Estonian-language e-books. Phone company Elion entered the book trade also.

Different e-reader devices have been on sale in Estonia for a while but so far, foreign literature could be read with them.

While most publishing houses do not forecast a boom of e-books in Estonia, some publishing houses like Varrak intend to publish printed and e-book version of new books simultaneously in the future.

Police bust internet banking scam - 2.5 million computers infected

Stuttgart - German police said Friday they have uncovered an internet scam that relied on a trojan virus to spy on banking transactions conducted by 2.5 million private computers worldwide and divert at least 1.65 million euros (2.3 million dollars).

The suspects in the scam, who partly worked from Estonia, are said to have released the Katusha virus on the internet last year.

The gang also recruited 470 people to act as conduits for the stolen funds. They are now likely to face money laundering charges.

Investigators started raiding gang members' homes in August, but kept silent as they worked to dismantle the scam. Police searched four apartments in Germany, five in Estonia and a home in Britain.

German police are now seeking to extradite four people from Estonia.

Police in the southern German city of Stuttgart said that the Katusha software managed to alter 260 genuine web transactions by bank customers so that much larger sums of money were remitted and the funds were sent to the criminals.

The software was installed on private computers either through virus-infected PDF files or when users with vulnerable internet browsers opened websites run by criminals.

Estonia’s broadband connection ranks 18th ; neighbours stand ahead

The quality of broadband service in Estonia compared to other countries has improved in the last year, but neighbors Latvia, Finland and Sweden are ahead.

Down from 19th last year, Estonia shares 18th place with Germany and the UK in the broadband rankings, according to a joint study by Oxford and Oviedo universities and the tech company Cisco. Latvia is in 15th and also had the second fastest development since last year. Finland is in 13th place.

As in 2009, the world leader was South Korea, followed by Hong Kong, Japan, Iceland, Switzerland, Malta, Holland, United Arab Emirates, Sweden and closing the top 10 was Denmark.

The study found that 14 countries out of 72 are ready for new generation internet applications, compared to only five countries in 2008. Fifty-three percent of countries have the same broadband connection in the countryside as they do inside major cities.

The average broadband download speed has increased by nearly 50 percent in the last three years and upload speeds increased by 69 percent. Wireless broadband also improved significantly, with Sweden, Denmark, US and Spain leading the way.

Estonia to host EU IT agency after deal with France

TALLINN — Tech-savvy Estonia is to host a new European Union IT agency, after a deal with France which was the only other nation in the race, Estonia's Interior Minister Marko Pomerants told AFP on Friday.

"It has been agreed between Estonian and French officials that the headquarters of the EU's future IT agency will be located in Tallinn," Pomerants said.

The 27-nation European Union's decision to set up a specific agency was made last year when member states decided that the bloc's IT systems needed some form of central management.

Under the accord with Paris, Pomerants explained, the French city of Strasbourg is to remain home to the servers of the Schengen Information System, via which countries share information on police and judicial cooperation, and EU border controls.

The new agency is expected to become operational in 2012.

The host country still has to be named officially by the EU, a move Pomerants said could come by the end of the year.

An EU member since 2004 and with a population of just 1.3 million people, Estonia is one of the world's most wired nations, earning it the nickname "E-Stonia".

Windows 7 Family Pack makes a comeback!

So now the new Windows Live Essentials has been released, you want to give it a go. But then you realize it will only run on Vista or Windows 7 and you have….Windows XP! Now what? You can of course continue to use the version of Windows Live Essentials that you already have. But if you want to upgrade to Windows 7 here is some news that might be of interest to you:

Windows 7 Family Pack makes a comeback today

Outside of the U.S., Family Pack will be available for purchase on or after Oct. 22.

Countries where Family Pack will be available are:
United States, Canada, UK, France, Germany, China, Russia, Austria, Belgium, Denmark, Finland, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland, Czech Republic, Estonia, Greece, Hungary, Slovakia, Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, UAE, Australia, Korea, New Zealand, Singapore, Hong Kong, Taiwan, Brazil, Bulgaria, Croatia, Latvia, Lithuania, Mexico, Romania, and Ukraine.

Nations and companies should prepare for Cyberwar

The world hasn't yet seen examples of true cyberwar, although governments around the world need to prepare for it, an expert in cybersecurity law from Estonia said Monday.

Many people have called the 2007 attacks on Estonian banks, media outlets and government ministries an early example of cyberwar, but using a legal definition, they were not, said Eneken Tikk, head of the legal and policy branch of the Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia. She defined cyberwar as an attack that would cause the same type of destruction as the traditional military, with military force as an appropriate response.

"That means a smoking hole in the ground," said Tikk, speaking at cybersecurity vendor ArcSight's Protect '10 conference in National Harbor, Maryland.

Tikk found some disagreement from two other cybersecurity experts speaking during the same session. While Tikk and the North Atlantic Treaty Organization (NATO) declined to define the attacks in Estonia as cyberwar, many other people saw the coordinated effort that way, said Prescott Winter, CTO for ArcSight's public sector division and a former CIO and CTO at the U.S. National Security Agency.

"If we're not at cyberwar yet, you've got me really nervous," added Blair Linville, vice president of enterprise IT at casino operator Harrah's Entertainment. "We certainly feel under attack every day, out in industry."

Estonia's Elion adds 5000 IPTV subs in Q2

Estonian telco Elion added 5,200 customers to its IPTV service 'digiTV' in the second quarter of 2010, reaching a total of 113,400 subscribers by the end of June.

The telco attributes the latest gains to the nationwide transition to digital broadcasts on July 1st, and to the introduction of PVR capabilities on its IPTV service, and a promotion under which new customers could connect a second television within their home to the IPTV service for free.  Elion also operates a cable TV service which it launched in 2006.

The telco had reached 182,200 customers for its fixed-line broadband services by the end of the second quarter of this year, having added 1,660 subscribers in the three-month period, giving a 52.4% share of the country's broadband market.

Estonia hosts world's first digital song festival

Tiny IT-titan Estonia known for its long tradition of big music festivals is preparing to host the world's first ever digital song festival this week, organiser told AFP.

Choirs from 100 locations across the ex-Soviet EU Baltic state of 1.3 million will be able to link up in cyberspace on Friday, August 20, with singers at the main venue in central Estonia.

"We will be happy with 10,000 to 100,000 singers participating in the digital song festival and any number above it will be miracle," festival organiser and TV producer Artur Talvik told AFP.

Choirs are to sing eight songs beloved by Estonians at traditional song festivals held every five years since 1869.

The event, which will have its central location at the Friendship Park in Poltsamaa, between the capital Tallinn and Estonia's second largest city Tartu, marks the 19th anniversary of the restoration of Estonia's independence.

This came after the failed coup in Moscow in August 1991.

More HD for Estonia’s Starman

Estonia’s leading cable operator Starman has added the 24-hour music channel iConcerts HD to its offer.

As a result, it now provides its subscribers with a total of eight HD channels, the others being National Geographic HD, Eurosport HD, Eurosport 2 HD, History HD, Rush HD, Arte HD, and ETV HD.

Starman’s HD package costs EEK99 (€6.33) a month to receive, while HD receivers and HDV PVRs cost EEK59 and EEK299 a month respectively to rent.

Chris Dziadul

Estonian domain name registration gets "ee-sier"

The top level domain for EU member state Estonia is .ee. That country's current registration rules are quite restrictive, allowing just one domain name per Estonian citizen.
This all changes on Monday 5 July, when the only restriction will be that any person or company will be able to register a .ee domain name if he, she or it has a local administrative contact in Estonia with a personal identification number.

Skandiabanken tops ratings for online banking

Skandiabanken ranks first and Swedbank last. At Cybercom's behest, Keynote Systems, a leading US research company, investigated how Swedes experience banks on the internet. For the overall Nordic region, Skandiabanken tops the list while Jyske Bank in Denmark ranks last.

Internet today is the most common method in the Nordic countries for customers to handle banking services. In its role as a leading supplier of internet services, Cybercom asked Keynote Systems, a US research firm, to rank Nordic banks. Keynote Systems has researched American and British opinions and experiences for years of leading US and British banks on the internet.

In April and May, 2,100 Nordic test subjects attempted to open bank accounts and take out loans in various Nordic banks. For the entire Nordic region, Skandiabanken tops the overall rating, while Jyske Bank in Denmark received the lowest user score. In Sweden, Skandiabanken held the top standing, followed by Handelsbanken, Danske Bank, SEB, Nordea, and Swedbank in last position. There are big differences between the top-rated and bottom-rated banks in each country.

Mobile BankID - electronic identification launched in mobile phones

The largest infrastructure for electronic identification in Sweden, BankID, has launched a new secure electronic identification used in mobile phones - Mobile BankID.

BankID as of today (smart card and soft certificate) is used by more than 2 million active customers, who can use their BankID for electronic identification as well as signature. The services vary from online banking, e-trade to tax declaration and are provided by government, municipality, banks and companies. The future ahead, citizens will continue doing these services - and more - also with their Mobile BankID.

On April 14, Swedbank, as the first bank within the BankID infrastructure, opened up its Internet bank to Mobile BankID, in company with telecom operators TeliaSonera and Telenor.

- This is a great step forwards, now that we launch Mobile BankID, says Johan Eriksson, CEO Finansiell ID-Teknik. To be able to identify yourself and electronically sign documents using your mobile phone is a both necessary and quite natural development. We have broadened an already well established infrastructure. More banks are in turn to follow Swedbank's example, says Johan Eriksson.

One of the main reasons why Swedbank is implementing mobile BankID is to open up its Internet bank to customers, even when they have no access to the physical bank office or a computer.