Interesting profile — in which he discusses Second Life’s economy and the challenge of law enforcement (or not) in a globalized virtual word operating across legal jurisdictions. Worth a read:
Announcement of new Linden Lab CEO, Mark Kingdon here.
Posted in News, Uncategorized | No Comments »
Link here to Yaniv Berman’s article.
Ignore the silly avatar!
Posted in Uncategorized | No Comments »
COUNTER-TERRORISM agents have launched an investigation into a multi-national terror threat made against an Australian using internet social networking website Facebook.
The first investigation of its kind was prompted by a death threat emanating from the Middle East against a Jewish woman and her family from an alleged member of the Iranian-backed terror outfit Hezbollah.
The woman received the death threat from the self-proclaimed terrorist through the website after she declined the man’s online “friendship request”.
The Weekend Australian understands the man - who described himself as Ibrahim Dirani and a member of a Lebanon-based Facebook group - was banned by the network after police launched their investigation this week. The victim - who lives in Melbourne and is a member of an Israeli-based Facebook group - told police the alleged Lebanon-based Hezbollah operative promised to kill her and her family.
According to police documents, the man wrote: “I am Hezbollah and I am going to kill you and all of your family - promise you.”
The investigation comes as security agencies question their ability to address serious online threats made against Australian citizens by foreign culprits.
“The international nature of the website makes it very hard for agencies to … physically track down those involved,” a security source said.
“People on those website often set up their pages under false details.”
Counter-terrorism expert Anthony Bergin yesterday warned Facebook users that terrorist networks might also be using the website to attract recruits, “inthe same way a pedophile might look at those sites to potentially groom would-be victims”.
Melbourne University’s information technology senior lecturer Shanton Chang said Facebook members often left themselves exposed to being targeted by terrorists and urged against indiscriminately inviting anyone to be an online friend. “The issue with having friends on Facebook, whether you know them or not, is once they’re your friend, they can access and have a look at anything about you listed on there,” Dr Chang said.
“And a lot of these people … they actually haven’t met in real life.
“And so it becomes easier, whether you’re a terrorist group, a marketing group, whether you’re spying on people, to actually look through people’s profile because there’s just a lack of understanding of who may be looking at your profile.”
Dr Chang’s comments follow reported warnings by the Canadian Defence Department in February that al-Qa’ida operatives were monitoring Facebook.
Dr Chang said Facebook and social networking sites users would over time become more savvy in identifying genuine members from troublemakers.
Posted in Extremism/Terrorism | No Comments »
Posted in Extremism/Terrorism | No Comments »
Mitch Wagner makes some very good points in this piece
Posted in Extremism/Terrorism | No Comments »
Remarks from the event will be published on the Counter Terrorism Blog soon!
In the meantime the presentation I wasn’t able to show at the event is below:
Posted in Uncategorized | No Comments »
The Australian Institute of Criminology last year published a rather large risk assessment document looking at very near-future directions of technology enabled crimes which is available on the Australian Government Website. Though the entire document itself makes for a fascinating read, of interest to myself in particular was this section discussing virtual worlds:
———————————————————————————————–
Online gaming and gambling
Online gaming, typically played via local area networks and the internet, is a growing industry. Major online gaming vendors include Microsoft (Xbox) and Sony (Playstation). Broadband connection, technological innovations and a reduction in the price of electronic data storage devices continue to lower entry barriers for new entrants into the gaming industry and contribute to the richness and diversity of gaming content. Games, particular MMOG and MMORPG, are increasingly gaining popularity with the digital generation. MMOG and MMORPG allow players to compete with and against each other on a grand scale in real-time.
Not only do MMORPGs appeal to a broad age range (M age = 26.57, range = 11-68), but the appeal is strong (on average 22 hours of usage per week) across users of all ages (r = -.04) … MMORPGs are not simply a pastime for teenagers, but a valuable research venue and platform where millions of users interact and collaborate … on a daily basis (Yee 2006:309).
The virtual worlds in MMOG and MMORPG, representing the persistent social and material world, provide a synthetic environment in which people communicate with each other using a virtual persona - avatar - and allow strangers who do not necessarily speak the same language to establish relationships (in the virtual worlds). Players are also able to receive education, to purchase virtual properties, acquire virtual accommodation and trade in virtual merchandise, and to inflate their virtual status using physical cash in the virtual worlds. A study by Chen et al. (2004) suggested that, as at March 2003, an exchange rate was estimated to be 10,000 in virtual cash unit to US$1. It was also reported on LindeX, the official Second Life currency exchange (http://secondlife.com/whatis/currency.php), that an exchange rate was estimated to be L$250 (Linden Dollars in Second Life) to US$1 as at January 2007.The availability of a market for virtual currency exchange has attracted the interest of individuals and multi-national corporations. In November 2006, the first self-proclaimed virtual world millionaire, Anshe Chung, announced that she had accumulated virtual assets worth more than US$1 million in physical currency (Hutcheon 2006). Multi-national corporations such as IBM, Toyota, Adidas, Telstra, the Australian Broadcasting Corporation and MTV have established or intending to establish a presence in these virtual worlds. In 2007 Sweden announced establishment of a diplomatic presence in Second Life (AAP 2007b) and in 2006 popular music band Duran Duran announced purchase of a luxury island (Wallace 2006a). On the island, live concerts and media appearances will take place alongside the band’s media, public and live engagements in the physical world.The availability of a market for virtual goods trading (e.g. http://www.itembay.com.tw/) provides criminals with financial incentives to offend. Organised criminal groups and hackers are targeting MMOG and MMORPG sites to steal gamers’ usernames, passwords, credit-card numbers, and virtual game pieces and accessories. Stolen virtual characters are then ‘sold’ to the original owners or to other players (Ortega 2006). Examples include:
In December 2006, 44 suspects were arrested in China for stealing more than 700,000 Yuan (approximately A$112,000) worth of virtual items by selling properties belonging to compromised Tencent QQ users’ accounts (Zhu 2006).The future will see the continued development of malicious code targeting the online gaming community such as:
Risks of money laundering will also increase as MMOG and MMORPG sites emerge as a vehicle transferring value online. For example, money launderers can purchase virtual currency using illicit cash and exchange the virtual currency back to physical cash. Alternatively, colluding avatars (controlled by criminals) can also launder illicit proceeds in the form of gifts or mutually beneficial economic exchanges in the virtual worlds. A 2007 report pointed out that a criminal could purchase virtual properties in the virtual world worth 1000 Linden dollars, but actually pay A$2 million in cash (Palmers 2007). Although online gaming site operators are required to monitor and report any suspicious transactions under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) since they provide the facility to exchange real cash for virtual currency, such privately-conducted transactions are unlikely to be captured by the operators (and authorities). Existing avenues of money laundering, such as online gambling, a multi-billion dollar industry, will continue to be used. Criminals will be able to establish online accounts with offshore casinos using stolen identities and transfer funds anonymously. To avoid detection, small numbers of transactions will be carried out and then requests made for repayment from offshore casinos. Although offshore casinos may not be required to maintain transaction records, payments can be deposited into bank accounts belonging to money mules to obscure the money trail.
Countermeasures
Criminal threats in an environment in which Internet International Funds Transfer Instructions (IIFTIs) and e-currencies exist are likely to increase, as regulators fail to capture many transactions. IIFTIs may also aid money-laundering activities. Possible countermeasures include: Regulating online payment systems and internet payment intermediaries (including offshore banking services and financial entities) through international collaboration and legislative efforts; for example, the recommendations in the Financial Action Task Force report (FATF 2006) and enacting of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.Regulating virtual currency in online gaming through legislative efforts. For example, South Korea was reportedly considering introducing legislation to ban commercial trading in virtual currencies (Burns 2006). It was also recently reported that the People’s Republic of China is considering regulating the use of virtual money, QQ’s coin, to combat money-laundering activities in China (AP 2007).Technical assistance and open exchange of control solutions among banking services and financial entities and governments to less capable or advanced jurisdictions on detection techniques against money laundering and other crimes.Unified approach to security standards; for example, the Payment Card Industry Data Security Standard (PCI DSS) developed jointly by Visa and MasterCard.
———————————————————————————————————
This government research paper makes a number of very interesting points and just to draw attention to one again:
Alternatively, colluding avatars (controlled by criminals) can also launder illicit proceeds in the form of gifts or mutually beneficial economic exchanges in the virtual worlds. A 2007 report pointed out that a criminal could purchase virtual properties in the virtual world worth 1000 Linden dollars, but actually pay A$2 million in cash (Palmers 2007). Although online gaming site operators are required to monitor and report any suspicious transactions under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) since they provide the facility to exchange real cash for virtual currency, such privately-conducted transactions are unlikely to be captured by the operators (and authorities).
I believe this goes to the heart of the issue regarding virtual worlds operating as vast storehouses of economic value with their virtual currencies. Simply put; they are NOT banks, they are not regulated like banks, they do not have the same safeguards as banks…. and yet they are, in many ways, fully intergrated with our banking system as I’ve alluded to in prevoius posts. Perhaps gaming company’s should be acting on this, after all, it is better to be a self regulating industry which examines the issues before the government forces them too. I’ll repeat again my view of: If it acts like a bank, it feels like a bank, and it operates like a bank….. Then it needs to be treated like one by regulators.Some virtual worlds allow for the storage of value, the transfer of value and the eventual physical extraction of that value into hard cash. It strikes me that most laymen and reasonable individuals would qualify them as banks… why aren’t they regulated like one then?
David Grundy
Posted in Crime, Money Laundering | 1 Comment »
A report to congress from the ODNI outlines research being conducted into virtual worlds.
Posted in Extremism/Terrorism | 1 Comment »
remember where you heard it first…..
Spies’ Battleground Turns Virtual
Intelligence Officials See 3-D Online Worlds as Havens for Criminals
By Robert O’Harrow Jr.
Washington Post Staff Writer
Wednesday, February 6, 2008; D01
U.S. intelligence officials are cautioning that popular Internet services that enable computer users to adopt cartoon-like personas in three-dimensional online spaces also are creating security vulnerabilities by opening novel ways for terrorists and criminals to move money, organize and conduct corporate espionage.
Over the last few years, “virtual worlds” such as Second Life and other role-playing games have become home to millions of computer-generated personas known as avatars. By directing their avatars, people can take on alternate personalities, socialize, explore and earn and spend money across uncharted online landscapes.
Nascent economies have sprung to life in these 3-D worlds, complete with currency, banks and shopping malls. Corporations and government agencies have opened animated virtual offices, and a growing number of organizations hold meetings where avatars gather and converse in newly minted conference centers.
Intelligence officials who have examined these systems say they’re convinced that the qualities that many computer users find so attractive about virtual worlds — including anonymity, global access and the expanded ability to make financial transfers outside normal channels — have turned them into seedbeds for transnational threats.
“The virtual world is the next great frontier and in some respects is still very much a Wild West environment,” a recent paper by the government’s new Intelligence Advanced Research Projects Activity said.
“Unfortunately, what started out as a benign environment where people would congregate to share information or explore fantasy worlds is now offering the opportunity for religious/political extremists to recruit, rehearse, transfer money, and ultimately engage in information warfare or worse with impunity.”
The government’s growing concern seems likely to make virtual worlds the next battlefield in the struggle over the proper limits on the government’s quest to improve security through data collection and analysis and the surveillance of commercial computer systems.
Virtual worlds could also become an actual battlefield. The intelligence community has begun contemplating how to use Second Life and other such communities as platforms for cyber weapons that could be used against terrorists or enemies, intelligence officials said. One analyst suggested beginning tests with so-called teams of cyber warfare experts.
The IARPA paper concurred: “What additional things are possible in the virtual world that cannot be done in the real world? The [intelligence community] needs to ‘red team’ some possible scenarios of use.”
The CIA has created a few virtual islands for internal use, such as training and unclassified meetings, government officials said.
Some veterans of privacy debates said they believe that law enforcement and national security authorities are preparing to make a move, through coercion or new laws, to gain access to the giant computer servers where virtual worlds reside.
Jim Dempsey, policy director at the Center for Democracy and Technology, a nonpartisan group that monitors privacy issues, said he heard the same worries from the government when cell phones became popular in the 1980s and again when mainstream American logged on to the Internet in the 1990s.
Dempsey said the national security fears are overblown, in part because the country already has legal and technical mechanisms in place to give the government access to digital records it needs.
“They want to control this technology and make it even easier to tap than it already is,” Dempsey said. “When the government is finished, every new technology becomes a more powerful surveillance tool than the technology before it.”
Questions about the impact of innovations in communications technology are nothing new. Criminals, terrorists and others have used Web sites for more than a decade to recruit, operate scams and trade pornography. Law enforcement and intelligence authorities responded to new technologies by repeatedly seeking out new surveillance authorities.
Intelligence officials said, however, that the spread of virtual worlds has created additional challenges because commercial services do not keep records of communication among avatars. Because of the nature of the systems, the companies also have almost no way of monitoring the creation and use of virtual buildings and training centers, some of them protected by nearly unbreakable passwords.
“Virtual environments provide many opportunities to exchange messages in the clear without drawing unnecessary attention,” the IARPA paper said. “Additionally, there are many private channels that can be employed to exchange secret messages.”
And there are the numbers. Some marketers and technology observers are predicting explosive growth in the use of virtual worlds in coming years. As more people create avatars, it will become harder to identify bad guys, intelligence officials said. As in the real world, one of the central difficulties is establishing the identity of individuals.
“The challenge that we face is to be able to distinguish the fanatics from the average person looking for some simple enjoyment,” said the IARPA paper.
One intelligence official, who spoke on condition of anonymity, said he had no evidence of activity by terrorist cells or widespread organized crime in virtual worlds. There have been numerous instances of fraud, harassment and other virtual crimes. Some computer users have used their avatars to destroy virtual buildings.
Last month, Second Life operators shut down a dozen online banks holding virtual currency worth an undetermined amount of actual dollars, after computer users raised questions about whether the banks were paying promised interest.
National security officials have begun working informally to take stock of virtual worlds. That research likely will take on more urgency this year, as companies in other countries prepare to unveil their own virtual worlds.
One such world, called HiPiHi, is being created in China. HiPiHi founders said they want to create ways for avatars to be able to travel freely between its virtual world, Second Life and other systems — a development that intelligence officials say make it doubly hard to track down the identity of avatars.
In promotional material, HiPiHi officials said that they believe that virtual worlds “are the next phase of the Internet.”
“The residents are the Gods of this virtual world; it is a world of limitless possibilities for creativity and self-expression, within a complex social structure and a full functioning economy,” the promotional material says.
“Virtual worlds are ready-made havens,” said a senior intelligence official who declined to be identified because of the nature of his work. “There’s no way to monitor it.”
The popularity of virtual worlds has grown despite the technology being in an early stage of development. The systems don’t work well on older computers or those with relatively slow connections to the Internet. Though Second Life has more than 12 million registered users, only about 10 percent of those accounts are active. About 50,000 people around the world are on the system at a given moment, according to Linden Lab, which operates Second Life.
Officials from Linden Lab have initiated meetings with people in the intelligence community about virtual worlds. They try to stress that systems to monitor avatar activity and identify risky behavior are built into the technology, according to Ken Dreifach, Linden’s deputy general counsel.
Dreifach said that all financial transactions are reviewed electronically, and some are reviewed by people. For investigators, there also are also plenty of trails that avatars and users leave behind.
“There are a real range and depth of electronic footprints,” Dreifach said. “We don’t disclose those fraud tools.”
Jeff Jonas, chief scientist of IBM Entity Analytic Solutions, who has been examining developments in virtual worlds, which have attracted some investment from the company, said there’s no way to predict how this technology will develop and what kind of capabilities it will provide — good or bad. But he believes that virtual worlds are about to become far more popular.
“As the virtual worlds create more and more immersive experiences and as global accessibility to computers increases, I can envision a scenario in which hundreds of millions of people become engaged almost overnight,” Jonas said.
Jonas said it’s almost a certainty that clandestine activity associated with real criminals and terrorists will flourish in these environments because of the ease, reach and obscurity they offer.
“With these actors there will be organized criminal planning and behavior,” he said. “The likelihood that somebody is recruiting, strategizing or planning is almost a certainty.”
Posted in Extremism/Terrorism | No Comments »
Posted in Extremism/Terrorism | No Comments »
