Slashdot Mirror

← Back to Stories (view on slashdot.org)

Taiwanese Police Give Cyber-security Quiz Winners Infected Devices (bbc.com)

Posted by msmash on from the oops-they-did-it-again dept.

Taiwan's national police agency said 54 of the flash drives it gave out at an event highlighting a government's cybercrime crackdown contained malware. From a report: The virus, which can steal personal data and has been linked to fraud, was added inadvertently, it said. The Criminal Investigation Bureau (CIB) apologised for the error and blamed the mishap on a third-party contractor. It said 20 of the drives had been recovered. Around 250 flash drives were given out at the expo, which was hosted by Taiwan's Presidential Office from 11-15 December and aimed to highlight the government's determination to crack down on cybercrime.

37 comments

  1. Yeah by nospam007 · · Score: 3, Funny

    "The virus, which can steal personal data and has been linked to fraud, was added inadvertently, "

    They always say that.

    1. Re:Yeah by Anonymous Coward · · Score: 0

      They need to at least hang a scapegoat to appease me.

    2. Re:Yeah by Anonymous Coward · · Score: 0

      You mean an escape goat.

    3. Re:Yeah by hey! · · Score: 3, Insightful

      No, if you refuse the infected device you receive immunity for the next round.

      You see, in the game of cybersecurity nobody, technically speaking, "wins". The object of the game isn't to win, it's to play indefinitely while accumulating the fewest possible losses.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  2. Who is... by Anonymous Coward · · Score: 1

    watching the watchers?

    This looks more like the CIB wanted to investigate people who were knowledgeable than just an accident

  3. Wow by Anonymous Coward · · Score: 0

    Slashdot is speechless! That's something...

  4. In related news... by swm · · Score: 2

    firehouse burns down.

  5. Well well by volodymyrbiryuk · · Score: 2

    The quiz winners weren't so smart after all if they accepted electronic devices from a police agency.

    --
    sudo rm -r -f --no-preserve-root /
    1. Re:Well well by Anonymous Coward · · Score: 0, Insightful

      This. Nobody who takes cyber security seriously trusts the government.

    2. Re:Well well by TheRaven64 · · Score: 4, Informative

      We'll always accept them. We have a couple of machines specifically set up for this kind of thing, one with a USB analyser to look for low-level attacks and a RPi to look for software attacks. It's always interesting to see what you get on a free USB stick (police agency or otherwise).

      --
      I am TheRaven on Soylent News
    3. Re:Well well by Anonymous Coward · · Score: 0, Insightful

      weren't so smart if they used the flash drives in a Windows OS.

    4. Re:Well well by Anonymous Coward · · Score: 0

      >>This. Nobody who takes cyber security seriously trusts ANYBODY.

      FTFY

    5. Re:Well well by Anonymous Coward · · Score: 0

      Ha ha ha, yes that's right, we did this because we were certain winners would have testing sandboxes, were confident that our payloads would only touch controlled inspection environments. No waaaaay we thought our payload would touch anything real, noooo~
       
      ....it was a joke?

    6. Re:Well well by Anonymous Coward · · Score: 0

      Just to start. Do you put them in faraday cage as soon as got them also?

    7. Re:Well well by Anonymous Coward · · Score: 0

      sound waves can still pass through those! Google 'airgap hacks with sound'

  6. Final challenge by Translation+Error · · Score: 4, Insightful

    It was the secret final challenge. To win it, people had to refuse the offered flash drives.

    --
    When someone says, "Any fool can see ..." they're usually exactly right.
  7. Surely... by Arab · · Score: 2

    Surely this was just part of the test?

  8. smell the coffee by AndyKron · · Score: 1

    This has GOT to be a wake up call, people. WAKE THE FUCK UP!

    1. Re:smell the coffee by skovnymfe · · Score: 1

      Coffee? There's no coffee where these people are going.

    2. Re:smell the coffee by Anonymous Coward · · Score: 0

      Oh, but there is... They are rounded up and forced into Java coding instead.

  9. Government Honeypot by Anonymous Coward · · Score: 0, Insightful

    The British were complaining "oh no! we're behind in CYBER! We need more CYBER talent!" and they proposed something like this. Hold some CYBERHACK challenge to recruit TALENTED CYBERS. Terribly sad and stupid.

    The real purpose of these things (like DEFCON) is to draw all the lonely aspergs who do gay shit (like XSS "exploits") into revealing themselves en masse. Anybody who attends these CYBER events is a lonely dumbass who apparently can't detect a phishing attack in plain sight. Never hire these people.

    1. Re:Government Honeypot by Anonymous Coward · · Score: 0

      Didn't some "Dark Market" retard get arrested at a US airport on his way to a Beard Contest in Texas? I mean, how stupid do you have to be to run an international black market and deliver yourself in person to a place where you are either wanted or under investigation? Very stupid indeed.

    2. Re:Government Honeypot by SScorpio · · Score: 1

      Hey now, he just grew this epic beard. Nobody should have been able to recognize him.

  10. Of course not... by Anonymous Coward · · Score: 1

    To win it they had to repurpose the malware on the flash drive to point to THEIR servers, and then drop it back in the Taiwanese Police's parking lot to be picked up by an unwitting officer, whereup plugging it into his computer the Quiz Winner is given access to government databases they can use to thwart their rivals, or nosy police officers getting a bit too close to convicting them :)

  11. We have met the enemy ... by PPH · · Score: 1

    .... and he is us.

    - Walt Kelly

    --
    Have gnu, will travel.
  12. Impressive honesty by Anonymous Coward · · Score: 0

    do you think America's CIA and NSA are as honest?

  13. With Love from China by Anonymous Coward · · Score: 0

    "accident" my ass.

    this is how those dirty chinks roll.

    1. Re:With Love from China by Anonymous Coward · · Score: 0

      It's Taiwan, not China. Different country and different government. But being the uncultured, untravelled person you are, I can't hold your ignorance and racism against you.

      As a person who is Chinese-Taiwanese and has lived in Taiwan, I find it unlikely that the police infected these drives themselves. They were probably infected at the factory they were produced at in China.

    2. Re:With Love from China by Stormwatch · · Score: 1

      It's Taiwan, the LEGITIMATE China. Not the fake commie one.

      --
      Circumcision is child abuse.
  14. Bullshit by Anonymous Coward · · Score: 0

    When you win something at a conference full of hackers, you take whatever prize they give you with a smile and then chuck it in the trash.

    1. Re: Bullshit by Anonymous Coward · · Score: 0

      Or give it to Good Will and really mess with their heads.

    2. Re:Bullshit by Wulf2k · · Score: 1

      Way to play into their hands and place the surveillance device directly into a cantenna.

  15. This is amusing by kilodelta · · Score: 1

    Years ago I had worked for the RI Sec. of State's office. It was housed in the sub-basement of the RI State House. We used to always think of ways to test information security - like getting a few USB sticks and printing the state seal on them and scattering them in the parking lots.

    But of course cops being cops - they would pass out infected USB sticks to info-sec quiz winners.

    1. Re:This is amusing by Anonymous Coward · · Score: 0

      Forget the seal, just put "2017-PAYROLL / MICP / MGMT BONUS"

      People are insanely curious about what other people around them are making, and even more interested in how much their boss is getting especially if they are getting a bonus!

  16. Booby prize! by Anonymous Coward · · Score: 0

    I doubt this was deliberate: Don't blame malice on what can be explained as incompetence. This doesn't bode well for the state of the Taiwanese government's security though.

  17. ME SO SOLLY!! by Anonymous Coward · · Score: 0

    n/t