Cisco has singed a three-party memorandum of understanding with the Dalian High-Tech Zone Administrative Committee and VanceInfo Technologies Inc. on the development of a Cisco Networking Training Center in Dalian, China. The center will cultivate high-end networking talent to meet growing global demand for skilled IT professionals, while increasing local employment opportunities.
The city of Dalian is becoming more connected as its information industry is developing, and there is a growing demand for networking talent for governmental organizations and different industries throughout the city. "We hope to leverage the Networking Training Center's advanced training resources to develop more talent suited to society's practical needs. This will lower IT training costs for employers, create more employment opportunities in Dalian and accelerate development in both industry and the wider local economy." said Luan Qingwei, director of the Administrative Committee of Dalian High-Tech Zone.
"This initiative represents another step that Cisco has taken towards contributing to innovation and sustainable development in China," said Jim Sherriff, chairman and CEO of Cisco China. "We will continue to share globally-tested best practices with Chinese companies, further strengthening our cooperation with local government, and fostering social and economic progress by developing more talent in networking technologies."
"VanceInfo has comprehensive IT service expertise and strong training operation capabilities," said Liu Junbo, executive VP of VanceInfo. "In addition to the technical, knowledge-based curriculum, the center also provides other professional development courses and hands-on operational lab training. As one of the most advanced training platforms in China, and we believe it will create more networking talent for Dalian, and help to close the gap between the existing talent pool and China's future needs."
The Dalian High-Tech Zone, Cisco and VanceInfo will each apply their unique resources to develop the most advanced networking professional training program in China. Drawing on its rich networking and IT training experience, Cisco will offer globally tested best practices and its learning curriculum, as well as advanced Cisco lab equipment. As Cisco's training partner, VanceInfo will take the responsibility for managing and operating the training center.
Cisco has worked with the Dalian High-Tech Zone in the past, establishing the Cisco Dalian Service Practice Center (DLSP) in the Dalian Software Park of High-Tech Zone. DLSP provides comprehensive and timely services for customers throughout Northeast Asia while also promoting local economic growth in Dalian. Renewed cooperation with the Dalian High-Tech Zone to develop more highly trained networking professionals will help the city provide employment opportunities, meet local demand, and promote growth in the city's information industry.
SOURCE:
Tuesday, September 22, 2009
Wednesday, September 9, 2009
Defying Experts, Rogue Computer Code Still Lurks
Like a ghost ship, a rogue software program that glided onto the Internet last November has confounded the efforts of top security experts to eradicate the program and trace its origins and purpose, exposing serious weaknesses in the world’s digital infrastructure.
The program, known as Conficker, uses flaws in Windows software to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors. With more than five million of these zombies now under its control — government, business and home computers in more than 200 countries — this shadowy computer has power that dwarfs that of the world’s largest data centers.
Alarmed by the program’s quick spread after its debut in November, computer security experts from industry, academia and government joined forces in a highly unusual collaboration. They decoded the program and developed antivirus software that erased it from millions of the computers. But Conficker’s persistence and sophistication has squelched the belief of many experts that such global computer infections are a thing of the past.
“It’s using the best current practices and state of the art to communicate and to protect itself,” Rodney Joffe, director of the Conficker Working Group, said of the malicious program. “We have not found the trick to take control back from the malware in any way.”
Researchers speculate that the computer could be employed to generate vast amounts of spam; it could steal information like passwords and logins by capturing keystrokes on infected computers; it could deliver fake antivirus warnings to trick naïve users into believing their computers are infected and persuading them to pay by credit card to have the infection removed.
There is also a different possibility that concerns the researchers: That the program was not designed by a criminal gang, but instead by an intelligence agency or the military of some country to monitor or disable an enemy’s computers. Networks of infected computers, or botnets, were used widely as weapons in conflicts in Estonia in 2007 and in Georgia last year, and in more recent attacks against South Korean and United States government agencies. Recent attacks that temporarily crippled Twitter and Facebook were believed to have had political overtones.
Yet for the most part Conficker has done little more than to extend its reach to more and more computers. Though there had been speculation that the computer might be activated to do something malicious on April 1, the date passed without incident, and some security experts wonder if the program has been abandoned.
The experts have only tiny clues about the location of the program’s authors. The first version included software that stopped the program if it infected a machine with a Ukrainian language keyboard. There may have been two initial infections — in Buenos Aires and in Kiev.
Wherever the authors are, the experts say, they are clearly professionals using the most advanced technology available. The program is protected by internal defense mechanisms that make it hard to erase, and even kills or hides from programs designed to look for botnets.
A member of the security team said that the Federal Bureau of Investigation had suspects, but was moving slowly because it needed to build a relationship with “noncorrupt” law enforcement agencies in the countries where the suspects are located.
An F.B.I. spokesman in Washington declined to comment, saying that the Conficker investigation was an open case.
The first infections, last Nov. 20, set off an intense battle between the hidden authors and the volunteer group that formed to counter them. The group, which first called itself the “Conficker Cabal,” changed its name when Microsoft, Symantec and several other companies objected to the unprofessional connotation.
Eventually, university researchers and law enforcement officials joined forces with computer experts at more than two dozen Internet, software and computer security firms.
The group won some battles, but lost others. The Conficker authors kept distributing new, more intricate versions of the program, at one point using code that had been devised in academia only months before. At another point, a single technical slip by the working group allowed the program’s authors to convert a huge number of the infected machines to an advanced peer-to-peer communications scheme that the industry group has not been able to defeat. Where before all the infected computers would have to phone home to a single source for instructions, the authors could now use any infected computer to instruct all the others.
In early April, Patrick Peterson, a research fellow at Cisco Systems in San Jose, Calif., gained some intelligence about the authors’ interests. He studies nasty computer programs by keeping a set of quarantined computers that capture and observe them — his “digital zoo.”
He discovered that the Conficker authors had begun distributing software that tricks Internet users into buying fake antivirus software with their credit cards. “We turned off the lights in the zoo one day and came back the next day,” Mr. Peterson said, noting that in the “cage” reserved for Conficker, the infection had been joined by a program distributing an antivirus software scam.
It was the most recent sign of life from the program, and its silence has set off a debate among computer security experts. Some researchers think Conficker is an empty shell, or that the authors of the program were scared away in the spring. Others argue that they are simply biding their time.
If the misbegotten computer were reactivated, it would not have the problem-solving ability of supercomputers used to design nuclear weapons or simulate climate change. But because it has commandeered so many machines, it could draw on an amount of computing power greater than that from any single computing facility run by governments or Google. It is a dark reflection of the “cloud computing” sweeping the commercial Internet, in which data is stored on the Internet rather than on a personal computer.
The industry group continues to try to find ways to kill Conficker, meeting as recently as Tuesday. Mr. Joffe said he, for one, was not prepared to declare victory. But he said that the group’s work proved that government and private industry could cooperate to counter cyberthreats.
“Even if we lose against Conficker,” he said, “there are things we’ve learned that will benefit us in the future.”
SOURCE:
The program, known as Conficker, uses flaws in Windows software to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors. With more than five million of these zombies now under its control — government, business and home computers in more than 200 countries — this shadowy computer has power that dwarfs that of the world’s largest data centers.
Alarmed by the program’s quick spread after its debut in November, computer security experts from industry, academia and government joined forces in a highly unusual collaboration. They decoded the program and developed antivirus software that erased it from millions of the computers. But Conficker’s persistence and sophistication has squelched the belief of many experts that such global computer infections are a thing of the past.
“It’s using the best current practices and state of the art to communicate and to protect itself,” Rodney Joffe, director of the Conficker Working Group, said of the malicious program. “We have not found the trick to take control back from the malware in any way.”
Researchers speculate that the computer could be employed to generate vast amounts of spam; it could steal information like passwords and logins by capturing keystrokes on infected computers; it could deliver fake antivirus warnings to trick naïve users into believing their computers are infected and persuading them to pay by credit card to have the infection removed.
There is also a different possibility that concerns the researchers: That the program was not designed by a criminal gang, but instead by an intelligence agency or the military of some country to monitor or disable an enemy’s computers. Networks of infected computers, or botnets, were used widely as weapons in conflicts in Estonia in 2007 and in Georgia last year, and in more recent attacks against South Korean and United States government agencies. Recent attacks that temporarily crippled Twitter and Facebook were believed to have had political overtones.
Yet for the most part Conficker has done little more than to extend its reach to more and more computers. Though there had been speculation that the computer might be activated to do something malicious on April 1, the date passed without incident, and some security experts wonder if the program has been abandoned.
The experts have only tiny clues about the location of the program’s authors. The first version included software that stopped the program if it infected a machine with a Ukrainian language keyboard. There may have been two initial infections — in Buenos Aires and in Kiev.
Wherever the authors are, the experts say, they are clearly professionals using the most advanced technology available. The program is protected by internal defense mechanisms that make it hard to erase, and even kills or hides from programs designed to look for botnets.
A member of the security team said that the Federal Bureau of Investigation had suspects, but was moving slowly because it needed to build a relationship with “noncorrupt” law enforcement agencies in the countries where the suspects are located.
An F.B.I. spokesman in Washington declined to comment, saying that the Conficker investigation was an open case.
The first infections, last Nov. 20, set off an intense battle between the hidden authors and the volunteer group that formed to counter them. The group, which first called itself the “Conficker Cabal,” changed its name when Microsoft, Symantec and several other companies objected to the unprofessional connotation.
Eventually, university researchers and law enforcement officials joined forces with computer experts at more than two dozen Internet, software and computer security firms.
The group won some battles, but lost others. The Conficker authors kept distributing new, more intricate versions of the program, at one point using code that had been devised in academia only months before. At another point, a single technical slip by the working group allowed the program’s authors to convert a huge number of the infected machines to an advanced peer-to-peer communications scheme that the industry group has not been able to defeat. Where before all the infected computers would have to phone home to a single source for instructions, the authors could now use any infected computer to instruct all the others.
In early April, Patrick Peterson, a research fellow at Cisco Systems in San Jose, Calif., gained some intelligence about the authors’ interests. He studies nasty computer programs by keeping a set of quarantined computers that capture and observe them — his “digital zoo.”
He discovered that the Conficker authors had begun distributing software that tricks Internet users into buying fake antivirus software with their credit cards. “We turned off the lights in the zoo one day and came back the next day,” Mr. Peterson said, noting that in the “cage” reserved for Conficker, the infection had been joined by a program distributing an antivirus software scam.
It was the most recent sign of life from the program, and its silence has set off a debate among computer security experts. Some researchers think Conficker is an empty shell, or that the authors of the program were scared away in the spring. Others argue that they are simply biding their time.
If the misbegotten computer were reactivated, it would not have the problem-solving ability of supercomputers used to design nuclear weapons or simulate climate change. But because it has commandeered so many machines, it could draw on an amount of computing power greater than that from any single computing facility run by governments or Google. It is a dark reflection of the “cloud computing” sweeping the commercial Internet, in which data is stored on the Internet rather than on a personal computer.
The industry group continues to try to find ways to kill Conficker, meeting as recently as Tuesday. Mr. Joffe said he, for one, was not prepared to declare victory. But he said that the group’s work proved that government and private industry could cooperate to counter cyberthreats.
“Even if we lose against Conficker,” he said, “there are things we’ve learned that will benefit us in the future.”
SOURCE:
Subscribe to:
Posts (Atom)
