Xbox Live is being targeted by malicious hackers

Halo 3 players are a popular target for the Xbox attacks
Hackers target Xbox Live players.The booting services are proving popular with players who want a way to get revenge on those who beat them in an Xbox Live game.

The attackers are employing data flooding tools that have been used against websites for many years.

Microsoft is "investigating" the use of the tools and said those caught using them would be banned from Xbox Live.

"There's been a definite increase in the amount of people talking about and distributing these things over the last three to four weeks," said Chris Boyd, director of malware research at Facetime Communications.

Attack tool
"The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself," he said.

He said the tools work by exploiting the way that the Xbox Live network is set up. Game consoles connecting to the Xbox network send data via the net, and for that it needs an IP address.

Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers.
"Instead," he said, "a lot of games on Xbox Live are hosted by players."

If hackers can discover the IP address of whoever is hosting a game they can employ many of the attacks that have been used for years against websites, said Mr Boyd.

One of the most popular for the Xbox Live specialists is the Denial of Service attack which floods an IP address with vast amounts of data.

The flood of data is generated by a group of hijacked home computers, a botnet, that have fallen under the control of a malicious hacking group.

When turned against a website this flood of traffic can overwhelm it or make it unresponsive to legitimate visitors.

When turned against an Xbox owner, it can mean they cannot connect to the Live network and effectively throws them out of the game.

"They get your IP address, put it in the booter tool and they attempt to flood the port that uses Xbox traffic," said Mr Boyd. "Flooding that port prevents any traffic getting out."

Skill set
The hard part, he said, was discovering a particular gamer's IP address but many malicious hackers had honed the skills needed to find them.

Some interconnect their PC and Xbox and use packet sniffing software to hunt through the traffic flowing in and out of the console for IP addresses.
Others simply use con tricks to get the target to reveal their net address.

The technical knowledge needed to hunt down IP addresses was quite high, said Mr Boyd, but many of those who had the skills were selling their expertise to those keen to hit back at their rivals on the Xbox Live network.

For $20 (£13) some Xbox Live hackers will remotely access a customer's PC and set up the whole system so it can be run any time they need it.

Some offer low rates to add compromised machines to a botnet and increase the amount of data flooding a particular IP address.

Defending against the attack could be tricky, said Mr Boyd: "There's no real easy solution to this one."

Although IP addresses regularly change, people could find it takes hours or days for their ISP to move them on to a new one.

In response to the rise in attacks, Microsoft said: "We are investigating reports involving the use of malicious software tools that an attacker could use to try and disrupt an Xbox LIVE player's internet connection."

It added: "This problem is not related to the Xbox Live service, but to the player's internet connection. The attacker could also attempt [to] disrupt other internet activities, such as streaming video or web browsing, using the same tools.

In its statement Microsoft warned: "This malicious activity violates the Xbox Live Terms of Use, and will result in a ban from Xbox Live and other appropriate action.

It urged anyone falling victim to such an attack to contact their ISP to report it and get help fixing it.



In January 2009 Microsoft announced that Xbox Live had more than 17m members.

cybercrime is rising sharply, experts have warned at the World Economic Forum in Davos.

Cybercrime threat rising stridently.
The threat of cybercrime is rising sharply, experts have warned at the World Economic Forum in Davos.

They called for a new system to tackle well-organised gangs of cybercriminals.

Online theft costs $1 trillion a year, the number of attacks is rising sharply and too many people do not know how to protect themselves, they said.

The internet was vulnerable, they said, but as it was now part of society's central nervous system, attacks could threaten whole economies.

The past year had seen "more vulnerabilities, more cybercrime, more malicious software than ever before", more than had been seen in the past five years combined, one of the experts reported.

But does that really put "the internet at risk?", was the topic of session at the annual Davos meeting.

On the panel discussing the issue were Mozilla chairwoman Mitchell Baker (makers of the Firefox browser), McAfee chief executive Dave Dewalt, Harvard law professor and leading internet expert Jonathan Zittrain, Andre Kudelski of Kudelski group, which provides digital security solutions, and Tom Ilube, the boss of Garlik, a firm working on online web identity protection.

They were also joined by Microsoft's chief research officer, Craig Mundie.

To encourage frank debate, Davos rules do not allow the attribution of comments to individual panellists

Threat #1: Crime

The experts on the panel outlined a wide range of threats facing the internet.
There was traditional cybercrime: committing fraud or theft by stealing somebody's identity, their credit card details and other data, or tricking them into paying for services or goods that do not exist.

The majority of these crimes, one participant said, were not being committed by a youngster sitting in a basement at their computer.

Rather, they were executed by very large and very well-organised criminal gangs.

One panellist described the case of a lawyer who had realised that he could make more money though cybercrime.

He went on to assemble a gang of about 300 people with specialised roles - computer experts, lawyers, people harvesting the data etc.

Such criminals use viruses to take control of computers, combine thousands of them into so-called "botnets" that are used for concerted cyber attacks.

In the United States, a "virtual" group had managed to hijack and redirect the details of 25 million credit card transactions to Ukraine. The group used the data to buy a large number of goods, which were then sold on eBay.

This suggested organisation on a huge scale.

"This is not vandalism anymore, but organised criminality," a panellist said, while another added that "this is it is not about technology, but our economy".

Threat #2: the system

A much larger problem, though, are flaws in the set-up of the web itself.

It is organised around the principle of trust, which can have unexpected knock-on effects.

Nearly a year ago, Pakistan tried to ban a YouTube video that it deemed to be offensive to Islam.

The country's internet service providers (ISPs) were ordered to stop all YouTube traffic within Pakistan.
However, one ISP inadvertently managed to make YouTube inaccessible from anywhere in the world.

But in cyberspace, nobody is responsible for dealing with such incidents.

It fell to a loose group of volunteers to analyse the problem and distribute a patch globally within 90 minutes.

"Fortunately there was no Star Trek convention and they were all around," a panellist joked.

Threat #3: cyber warfare
Design flaws are one thing, cyber warfare is another.

Two years ago, a political dispute between Russia and Estonia escalated when the small Baltic country came under a sustained denial-of-service attack which disabled the country's banking industry and its utilities like the electricity network.
This was repeated last year, when Georgia's web infrastructure was brought down on its knees during its conflict with Russia.

"2008 was the year when cyber warfare began.. it showed that you can bring down a country within minutes," one panellist said.

"It was like cyber riot, Russia started it and then many hackers jumped on the bandwagon," said another.

This threat was now getting even greater because of the "multiplication of web-enabled devices" - from cars to fridges, from environmental sensors to digital television networks.

The panel discussed methods that terrorists could use to attack or undermine the whole internet, and posed the question whether the web would be able to survive such an assault.

The real problem, concluded one of the experts, was not the individual loss.

It was the systemic risk, where fraud and attacks undermine either trust in or the functionality of the system, to the point where it becomes unusable.



What solution?

"The problems are daunting, and it's getting worse," said one of the experts. "Do we need a true disaster to bring people together?," asked another.

One panellist noted that unlike the real world - where we know whether a certain neighbourhood is safe or not - cyberspace was still too new for most of us to make such judgements. This uncertainty created fear.

And as "the internet is a global network, it doesn't obey traditional boundaries, and traditional ways of policing don't work," one expert said.

Comparing virus-infected computers to people carrying highly infectious diseases like Sars, he proposed the creation of a World Health Organisation for the internet.

"If you have a highly communicable disease, you don't have any civil liberties at that point. We quarantine people."

"We can identify the machines that have been co-opted, that provide the energy to botnets, but right now we have no way to sequester them."

But several panellists worried about the heavy hand of government. The internet's strength was its open nature. Centralising it would be a huge threat to innovation, evolution and growth of the web.

"The amount of control required [to exclude all risk] is quite totalitarian," one of them warned.

Instead they suggested to foster the civic spirit of the web, similar to the open source software movement and the team that had sorted the YouTube problem.

"Would a formalised internet police following protocols have been able to find the [internet service provider] in Pakistan as quickly and deployed a fix that quickly?" one of them asked.

How Soon Will Cybercrimes Be Punished?
In criminal offenses, there would be no crime when there is no law punishing it. That explains why various crimes done through the internet still persist these days. In cases where the offenders are caught, court proceedings won't go so well because only the part of the offense which is governed by the Revised Penal Code (RPC) is being litigated. The main bulk of the offense, the cybercrime, is usually left untouched. This is the main issue; yet, the current RPC is still inadequate to deal with such matter. Hence, the government's highest monitoring body for the conditions and status of Information Technology in the Philippines is now putting pressure on the legislature to propose a bill against cybercrimes.
The Commission on Information and Communication Technology (CICT) define cybercrimes as those offenses done in the realm of the internet which, just like usual offenses, have grave and concrete effects to the ones who are affronted. The crimes identified are hacking, identity theft, phishing, spamming, website defacement, denial-of-service (DoS) attacks, malware or viruses, child pornography, and cyber prostitution. Such crimes are not yet punishable under the country's criminal law. That is why there is a need for a legislative action to eventually make each of the aforementioned offenses become a felony in order for perpetrators to be punished in accordance with the law.
CICT is very hopeful that increased awareness and support will push the Congress to finally pass a bill against cybercrimes. The commission endorsed the "Cybercrime Prevention Act of 2008" wherein four cyber-related bills authored by different lawmakers are consolidated. A representative from the Council of Europe, an organ of the European Council, also joined the technical working group in refining the bill a year prior to the endorsement. Such representation is meant to "harmonize" the bill with European standards on cybersecurity. It has to be considered that such crimes are not solely confined to one nation but rather that they traverse territorial boundaries considering that the crimes are committed in the World Wide Web..
Currently, CICT feels that there is an increasing support from private sector groups. The Business Process Association of the Philippines (B/PAP) which represents the outsourcing industry is an example. The said umbrella organization supports such bill because it infers that once the country is secured from different forms of cybercrimes through existing and enforceable laws, it would be easier to sell the services that are done in the country to foreign investors. The bill would ensure that the clients are well covered when we speak of cybersecurity in the Philippines.
With these, it can be said that the current conditions the country is facing calls for progressive and up-to-date legislations. Neighboring countries like Singapore and Malaysia have already adopted such measure. Unluckily though, the bill is hampered by the other so called "more important" considerations discussed in both Lower and Upper House of the Congress in the Philippines. It is already five years since the bill was endorsed, yet, the Congress still fails to accommodate it. While increased support and awareness regarding cybercrimes becomes more apparent, hopefully ,the legislature will finally act on this issue.