It’s not the red carpet, it’s not what [or rather who] people are wearing, because I don’t enjoy all the other celebrity at home or in rehab programmes that are available, its something else. I think its the bits where they talk about what it was like to make the movie/album/website that I like. You get a sense of something else behind the “thing” that your familiar with. You get a feeling that it took more than just the artist with his tools, that it didn’t just happen in 5 minutes, and that those that were involved actually stuggled to achieve the output. I like that feeling.

The 2002 The International Law Enforcement Cybercrime Award

NetSafe have won a few awards in our time. Awards for the schools programme, awards for our websites, we even got The International Law Enforcement Cybercrime Award in 2002 from the Mounties……well actually it was from The Society for the Policing of Cyberspace, but they are based in Canada and I always called it the Mounties award. It feels good to be on the receiving end of an award.

Its because of this that we have decided that its about time that we started to officially recognise some of the amazing work that goes on here in New Zealand to build confident and capable Internet users. There are so many occasions that we work with organisations and individuals that are making a real and significant difference to the cybersafety, cybersecurity or digital citizenship equations in this country where the only way we can recognise the work that they do is to write a blog, or put an article in a newsletter.

To this end, we have decided to inaugurate [a very official awards sounding kind of word] the NetSafe “Love Your Work.” awards.  Love Your Work is a chance to recognise individuals or organisations for programmes, events, ideas, products, services or just about any singular “thing” that makes a significant contribution to improving cybersafety, cybersecurity  or digital citizenship in New Zealand. We will be presenting the first of the awards at our AGM in December. You are cordially invited to come along.

We would love to hear from you if you would like to nominate someone for a Love your Work award, but there are a few rules that we should set out;

• You can’t nominate yourself.
• A nomination should be in the form of a name (Individual or organisation) with a brief summary of why you are making the nomination, and what contribution they have made
• The judges decisions are final, no correspondence will be entered into regarding the awards.
• No cash substitutions are available
• No animals will be harmed in the making of the awards.

If you want to find out more, or you’d like to make a nomination, drop us a line at feedback@netsafe.org.nz

Are computer security experts just justifying high incomes by positioning computer security beyond the realms of the average home user, or are they fundamentally right? If consumer security products don’t work, should people even bother to purchase and install them?

There’s no point in sugar coating it. The computer security gurus are essentially correct. If you are specifically targeted by cyber criminals, and you are reliant on consumer security – you’re in trouble. The good news for most people reading this blog is that they are not “high value targets” and are not going to be targeted by dedicated cyber criminals. Simply put, they’re not worth the investment in hacking time.

All security is about risk management. The level of investment we make in security should be appropriate for the risk we face. For most consumers and small businesses, the main threats they face are from non targeted malware. So the real question is – how well do consumer security products protect you against these threats.

The answer is – surprisingly well. This US PC Mag test shows the results from a range of 2012 security products. I was surprised how well they did. The results more than justify the relatively minor investment in these products. Even some of the free products do well.

But if you follow that link, you will see that no product was 100% effective in every test.

At any given time, each product will have malware that it misses. This is why it is important for people to remain vigilant. It is possible for your computer to become infected even if you have security software. If you think this might be you, run one (or better still – more than one) of the remote scanners listed on NetSafe’s website.  

And importantly, computer security isn’t just about security software. This is another area where security experts despair – because consumers are more often tricked by simple ruses than “hacked” in traditional terms. For this reason, NetSafe developed the NetBasics which looks at both the technical and non-technical aspects of security.

Before looking at how we can help more people benefit from e-commerce opportunities, I’d just like to mention a couple of things from the research that stood out for me.

Across the board, use of online auctions seems pretty low. Students led the charge at 23%, meaning nearly three quarters haven’t participated in an online auction in the last six months. I’d be surprised if New Zealanders didn’t score much higher in this category thanks to Trademe. I’m not sure if New Zealanders often think about just how well Trademe has done in creating such a reliable and trustworthy auction space. We just know its a good place to buy and sell items online. I’ve completed 150 trades on Trademe, and had one go bad (and it didn’t cost me money, just time). I wish I could acheive that same ratio with purchases made in tradition offline environments!

Paying bills and banking online score pretty well across the board. That’s no real surprise. In my opinion, banking online is better than banking at a bank branch. You can more easily access information and manage your money with online banking. Interestingly, the home duties sub-group scores lowest in these categories. I’d have thought being able to sort these things out from home would have really appealed to this audience. Then again, people in the home duties category might just enjoy the excuse to get out that going to the bank creates!

As I scan across the list of e-commerce activities, I can’t help but look at the percentages of people who are not doing each activity. You may know people in this category, or be one of those people yourself. Now, I understand that many people are happy with the traditional commerce options, but the truth is these e-commerce activities will save them time and money – and open up access to a wider range of products and services.

From my own experience, talking to friends and family – there seems to be two main reasons for the reluctance. It is perceived as too complicated, and too dangerous. With reference to the ”too complicated”  objection, people just need to be encouraged to give them a go. They will almost always find the experience positive.

If you are trying to help friends and family mitigate the risks of conducting commerce online – the good news is that there is an incredible amount of information and support available on these topics. A good place to start would be this NetSafe page on making a computer secure, then a quick read of this page on understanding online scams and fraud. Most e-commerce sites will also provide safety advice. For example Trademe has great information pages providing Safe Buying Advice and a Safe Computing Centre.

The reason for this is a combination of State sponsored cyber attacks – and computerised Industrial Control Systems (ICS). Countries have worked out that they can attack  another country using malware that targets ICS. The most publicised attack of this type was Stuxnet which targeted, and apparently damaged, the uranium enrichment infrastructure in Iran.  The Stuxnet virus was such a sophisticated attack that security specialist agreed it could only have been conducted with state level support.  It is widely speculated that Stuxnet is the work of Israel and the US. But it might not be. Countries can now hide behind the same online anonymity that has empowered criminals and offenders.

That’s right – on the internet, nobody knows you’re a dog that specialises in cyber warfare.

Stuxnet apparently has a relative – called Duqu. Duqu is a Remote Access Trojan (therefore having the fantastic acronym - RAT) that is designed to probe ICS and send data back to enable highly targeted attacks (like Stuxnet). The problem is that “highly targeted” is a phrase I’ve borrowed from traditional warfare – like “smart bombs”, and we all know how smart they are! Which brings us to another traditional warfare term – “collateral damage”. One of the amazing things about Stuxnet was how targeted it was (attacking a specific device operating in a very specific way). But what if the coders weren’t so careful, or just made a mistake?

People often tell me that in New Zealand we have no enemies, and therefore we have nothing to worry about. The problem with that logic is that with so many Industrial Control Systems using similar technologies to control the utilities upon which we depend, I don’t think it is such an outrageous prediction that we will soon see one of these state sponsored malware products create collateral damage. And there is no reason to suggest it could not be here in New Zealand.

Hopefully that won’t occur with the National Cyber Security Centre (NSCS) keeping watch. But with cyber attack malware being produced with big budget state sponsorship – they’ll have to be at the top of their game!

In the 21st century, where hordes of paparazzi and every citizen with a mobile phone can scoop an embarrassing night club exit you’d think the rich and famous would be a little more cautious about how they controlled their digital footprint.

And yet news reaches us this week that starlet Scarlett Johanssen has called in the FBI over leaked nude photos taken from her mobile phone.

The star of one of my favourite films, Lost in Translation, is apparently just the latest in a long line of celebs being literally exposed online through theft or data loss and will likely not be the last to have cellphone photos passed around.

How does this impact on New Zealand teens?

If taking or sharing nude photos is good enough for Hollywood stars, then the technology within reach of most teens can often be put to use in a modern romantic relationship and sexting – the texting of naked images – is thought to be widespread in New Zealand.

It’s a cybersafety issue many groups globally have tried to persuade teens is a bad idea. Once that photo is taken and shared with your current partner there’s nothing stopping them sending it on to friends or enemies if you break up (or even if you don’t).

It has in fact also been the downfall of many adults too, including the recent high profile fall of US politician Anthony Weiner.

Sexting safety advice:

• Think carefully before you use that cameraphone to snap a private pic – even if you don’t send the photo on to anyone else, if your mobile is lost or stolen there’s every chance a thief will be able to access the digital images stored – install mobile security software that lets you find, lock or wipe your phone
• Sharing a digital file with a loved one means the loss of control over that picture – think about where it may end up if you argue or split up
• If you’re sent images of a school or classmate don’t forward them on to others – bystanders can help in situations like this by deleting images, not becoming part of the problem by spreading personal images further
• If you’ve taken a photo and shared it on Facebook (even if you think you’ve locked down your privacy settings) you’ve also lost control of the data – deleting pictures from websites is almost impossible

We’re fortunate in New Zealand that the Police treat sexting among minors with sensitivity and common sense – in many American states these images are associated with child pornography and can result in those involved being registered as sex offenders.

If you’re concerned about sexting get in touch with NetSafe. And have a look at this video ‘Megan’s Story’ from ThinkUKnow Australia which explains the issue in a simple and emotional way:

Now Facebook has certainly been in the news lately and does indeed generate a lot of ‘business’ for NetSafe – if you can consider gossip sites, slander, abuse and bullying a positive business effect for NetSafe!

Over the last year we have probably expended up to 20% of our effort on dealing with Facebook ‘issues’ be they worried school principals, stressed out parents or anxious teenagers. There’s a whole range of problems we deal with connected with Facebook: stranger danger, anonymous threats to harm, group bullying, peer pressure, cyber bullying, imposter profiles and more.

That’s not to say it’s Facebook’s fault or responsibility this stuff happens – the company has simply created a networking tool that has become part of many people’s lives and in doing so has become a reflection of human behaviour in general (and that includes all the bad bits).

Becoming a social media ‘guru’ and riding the revolution

At NetSafe we use Facebook to push out status updates to our ‘fans’, little cybersafety related news stories and links. For many companies Facebook has become a great new way to engage with and have two ways conversations with your customers (with all the community generated content risks that brings).

Any New Zealand company can register for Facebook and have a page live in 5 minutes. For small business owners there has undoubtedly been a lot of hype about Facebook and ‘viral’ social media in general.

It’s now evident that there’s been a whole range of companies looking to profit off this interest and that’s what brings me back to Christchurch and the ‘Social Outbreak: Total Media System’.

As a cynical ex-journo I looked at the site and saw a product being promoted as the ultimate Facebook marketing tool when it’s quite easy to get something up and running yourself for free. There are lots of Facebook app builders and page creation tools you can test out on your page without being a programmer.

Dig deeper and it appears the offer is in fact a multi level marketing style company where signing up brings both the product and the opportunity to bring your friends and neighbours on board.

Is it a scam?

I can’t answer that question with any authority at present not having attended the presentations myself but there’s certainly a lot of internet chatter about the system being a Ponzi scheme.

There’s even an Australian Facebook page with people over the ditch discussing the downsides: https://www.facebook.com/SocialOutbreakScam. Remember: internet forums and Facebook pages are not providing the gospel truth on companies but are one way of evaluating ‘the opinion of the crowd’.

If you’re thinking of joining and have looked at the detailed compensation plan make sure your think through your reasons for handing your money over – the internet has been marketed as a great ‘get rich quick’ opportunity for the 15 years or so I’ve been working online.

It’s certainly true that many people have generated wealth with websites but when it comes to Facebook I’d suggest trying out the free tools, speaking with the developer community and evaluating the Social Outbreak offer fully before you sign on the dotted line. A quick bit of Googling can provide an insight into what others are saying.

If you’ve been to the briefing events or paid for the system do get in touch or leave a comment. The Commerce Commission website also has a handy guide to pyramid schemes in New Zealand and precautions you should take when checking out any multi-level marketing offer.

Auckland - NetSafe, New Zealand’s internet safety and security organisation, is marking the first anniversary of their ‘Online Reporting Button’ website (www.theorb.org.nz) this week.

The site received almost 1700 reports of online incidents during the first 12 months of operation with financial losses mounting up to more than three quarters of a million dollars.

The site is run in partnership with the Police, Customs Service, Commerce Commission, Department of Internal Affairs and the Office of the Privacy Commissioner. But NetSafe has seen most activity connected with internet scams and frauds which is overseen by the Ministry of Consumer Affairs and their Scamwatch programme.

“More than 60% of cases reported to us have been classic online scams,” said Martin Cocker, NetSafe’s Executive Director. “Over half the money reported lost was by individuals falling prey to phishing attacks, advanced fee fraud and romance scams.”

Over the course of the last year the not-for-profit has been able to use the website as an effective early warning system as new scams are reported in waves by people from all over New Zealand.

“Looking at the data involved, we’ve seen the most reports submitted by people living in the urban centres of Auckland, Canterbury and Wellington,” said Cocker. “But there have been incidents reported by people in every part of the country, particularly with cold calling computer experts looking to gain access to your PC.”

“As a result of this intelligence we’ve able to produce specific consumer advice, proactively warn people of the issues and also work with our law enforcement and government partners to try and get scammers shut down.”

Lowlights of the year

NetSafe’s analysis of the Orb reports shows patterns in the type of incidents reported:

• During the last 4 months of 2010 the main issues were advanced fee frauds targeting car sellers and rental scams affecting landlords and tenants.
• Later there was a rise in people reporting cold calling computer support companies which continued on into 2011.
• The next most common incidents reported were hacked email accounts being used to send spam and to request emergency funds from friends; phishing attacks on people using online banking plus fake IRD and bank fee refund offers.
• The largest individual losses reported were romance scams that may have taken many months to perpetrate.
• The infographic below details some further key statistics. A larger version of this image (658KB, 1024px resolution) is made available for media use and can be downloaded from http://blog.netsafe.org.nz/media/orb-infographic.12.08.11.jpg

Download the full 3.2MB version of this infographic

Report incidents and help others

NetSafe believes the incident reports made to the Orb are just tip of the iceberg when it comes to online scams.

Martin Cocker said “A Statistics New Zealand survey from 2009 put the number of individual victims of internet fraud at 56,000 – that would suggest that current reporting represents only a fraction of overall incidents.”

The Orb site lets you report incidents anonymously – almost one in four last year were made this way – and NetSafe is keen for people affected to submit their experiences so that it, and its partner organisations, can use the information to improve cyber safety and security programmes.

“The New Zealand government has recently released its cyber security strategy and that includes equipping individuals and small businesses with the skills to protect themselves” said Cocker. “The more people tell us about the problem via the Orb, the better we can work to help others stay safe online.”

Help and advice from NetSafe

You can report your concerns about online incidents in one central location at www.theorb.org.nz. NetSafe will direct your report through to the partner best able to investigate or advise you.

Visit www.netsafe.org.nz and find out how you can keep your computer secure and avoid the latest online challenges.

- ENDS -

Media contact: Martin Cocker, Executive Director of NetSafe, 021 790 369

About the Orb – http://www.theorb.org.nz

The orb website was launched by NetSafe in August 2010 to offer all New Zealanders a simple and secure way to report their concerns about online incidents. NetSafe works with partner agencies to direct reports through to the organisation best able to investigate or advise on various types of online incidents. These include scams and frauds, spam messages, objectionable material, privacy breaches and problems whilst shopping online.

About NetSafe – http://www.netsafe.org.nz

NetSafe is an independent non-profit organisation that promotes confident, safe, and responsible use of online technologies. NetSafe promotes cybersafety and security and champions digital citizenship by educating and supporting individuals, organisations and industry on a range of issues.

UPDATE:

- A great supportive comment from Detective Senior Sergeant John van den Heuvel of the Police National Cyber Crime Centre (NC3):

NZ Police supports the ORB as it provides a platform whereby the public have the ability to report crimes and other poor behaviour that occurs over the internet.

Having a central reporting point goes a long way towards helping determine the extent of online crime in NZ and is also an effective way to provide victims’ with useful online safety information.

Over the past 12 months NZP have supported Netsafe in the development and promotion of the ORB and see the potential it has to further provide a much needed service to the public.

- Many thanks to Waldo at Microsoft for bringing Zoom.it to our attention for making infographics more useable:

Not that long ago many people would have falllen madly in love (or lust) with a colleague at work and settled down in domestic bliss safe in the knowledge they’d found their true love so close to home.

Along comes the internet though and your perfect match could be living thousands of miles away and yet still be available to you due to the wonders of online dating.

Being able to plug your interests and personal characteristics into an online database of potential suitors now means some clever geek could have developed an algorithm able to identify your perfect date without the nastiness of those uncomfortable first dates in loud bars or cheap restaurants.

Love, love, loved up online

A friend of a friend (honest) tells me though that online dating has just as many pitfalls as real world hooking up. There are the liars who operate under photos 10+ years (and a full head of hair) out of date.

There are also scammers out there looking to earn your trust and develop a long distance loving relationship only to go in for the kill several months down the line and hit you for cash for a plane ticket/visa/emergency operation.

As we approach the first anniversary of our Orb website – the one stop place to report cyber incidents in NZ – we’re undertaking some analysis of previous reports and discovering that romance scams, where your new love suddenly needs financial assistance, are the largest financial ‘crimes’ to have been reported through the site.

I put the word ‘crime’ in quotes there due to the vague legal and criminal status that many of these cases can end up being assigned due to the frequent cross border nature of the scam.

Once you’re asked for money via Western Union (or any other type of difficult to trace money transfer system) be sure to stop and think through your lover’s motives before sending cash out of the country.

Take a look at our scam specific website www.scammachine.org.nz to fully understand the heart-tugging hooks used by criminals to earn your trust, secure your love and then hit you where it hurts.

Dont get paranoid but do stay safe

However you seek love online do be sure to think through contact requests made by people you don’t know. Most internet dating sites will have in-depth safety sections with advice on how and where to meet, telling a friend before you meet, etc. And it pays to read that advice.

This case reported on the Sophos Naked Security blog of a Belgian supermarket manager learning a lesson the hard way after making a new Facebook friendship with a woman called ‘Katrien Van Loo’ should stay in your memory for some time to come.

I suggest you check out the video below that illustrates the case with a nice romantic video mixed with real CCTV footage of a kidnapper robbing his store. Be lucky in love and stay safe too.

On the one hand, kids growing up in this, the second decade of the 21st century, have never had it so good (despite the current recessionary GFC rumblings). Ample access to food, shelter and warmth and a distinct lack of world wars – what more can a child ask for?

On the other hand, stop to think for too long and you can list: child poverty, child abuse, climate change, the downward pressure on wages and a need to build skills and abilities to compete with schoolchildren anywhere and everywhere as globalisation takes effect on labour markets.

As the father of two primary age children I try to follow Monty Python’s advice and always look on the bright side of life. And so I’m going to launch in to a quick review of two separate but connected education related stories out there on today’s interweb.

First off, the news that one bold American state has abandoned testing cursive writing amongst schooolchildren to focus instead on keyboard skills.

How do you react to such a step change? It’s not exactly a battle on the scale of natural selection vs. creationary teachings. It does however – I think – reflect the way our world is moving. Who needs to write neatly if you spend 8+ hours a day typing and receiving emails?

One parent’s reaction: “How are they supposed to know how to sign their names?” Will children need to when everyone has their own personal digital signature?

No need for pens when we have our own personal robots!

A screenshot from the Latitude research at http://latd.tv/kids/kidsTech.pdf

Moving on then to my next piece of educational news as it applies to children’s desires for developments in Human Computer Interaction. A great study prepared by Latitude 42 entitled Children’s Future Requests for Computers & the Internet.

Interviewing 200 children around the globe, the study asks what tech changes would you like to see in years to come? Again as a parent and iPhone owner I can only confirm their finding that touch based interfaces (or anything better) wins out any day over mouse clicking.

In general I found the 12 slides – available embedded below – all very Star Trek:

• kids want computers that ‘print’ food (now almost working with chocolate)
• the ability to visit physical spaces (think the Holodeck)
• but my favourite is the slide artwork reproduced above showing any computer as a teleportation device! Gene Rodenberry was so ahead of his time…

How is this useful for educators? Well it certainly confirms for me one of NetSafe’s 4 truths of cybersafety – that technology for digital natives (terrible term) is very much normative and in fact part and parcel of everyday life.

Children no longer see their environment split into an online and offline world, they would if anything like to see those Star Trek novelties become real and so too would I.

What better way to both enhance learning with virtual field trips and save the planet from the carbon ravages of air travel than to invent a working transporter? Make it so!

Latitude 42 Study: Children’s Future Requests for Computers & the Internet