Infosec Newsletter - April 2012
Embedded system security much more dangerous, costly than traditional software vulnerabilities
George V. Hulme
"One of the biggest challenges in security today is how the software in our operating systems and applications are so full of holes. And while traditional software makers have made (some) headway in developing more resilient applications, experts say embedded device and systems makers -- from those who create implanted medical devices to industrial control systems -- are eons behind in secure system design and development maturity."
Self-Development for Cyber Warriors
Gregory Conti, James Caroland, Thomas Cook, Howard Taylor
"Today, most personnel are drawn from career fields with varying degrees of intersection with cyber warfare including: signals intelligence, all source intelligence, and telecommunications, as well as from the larger kinetic warfighting community. While this diversity brings much to the table, every donor group has its own blind spot"
US and China run cyber war games to test response capabilities
"IT specialists from the Pentagon have been engaged in a series of cyber war games with counterparts from China, as the countries look for ways to diffuse the growing online tensions between the two world powers."
Battle for the internet
"Although British strategy is still evolving, the UK is trying to force the pace both here and internationally. People in Whitehall aren't "running around with their hair on fire" as they are in the US, but the present and future dangers have come into focus – and they don't like what they see."
Time to protect against dangers of cyberattack
John O. Brennan
"While it's impossible to put a monetary value on the impact of these daily intrusions, it's undeniable that cybertheft is costing U.S. jobs and undermining our economic competitiveness in the global economy. As serious as these intrusions are, they are only the tip of the iceberg."
Internet Crime on the Rise in Turkey
"Three out of four business crimes in Turkey are conducted online, and national and international regulations to address the problem are urgently needed, according to Transportation Minister Binali Yildirim."
With so much at stake, companies turn to hired hackers
"Aerospace industry firms such as Boeing are looking beyond traditional recruiting outlets for savvy techies as they try to fend off more coordinated and complex threats from hackers."
Hackers step up war on security services
"The ability of Britain's security institutions to fight off the threat from online activists was cast into doubt after hackers penetrated Scotland Yard's anti-terrorism hotline and leaked conversations between staff online."
London 2012 prepares for cyber-attacks
"When it comes to Olympics security, the chief information officer for London 2012 is quite clear: "We will get cyber-attacks, for sure. Previous Games have always been attacked, so we will be attacked. We are working with partners and government to make sure we have the right defences," Gerry Pennell said. Speaking in January 2011, he insisted it was "inevitable" that there would be attempts to bring the systems down."
DDOS attacks on financial services firms explode
"The financial services industry saw nearly triple the number of distributed denial-of-service (DDOS) attacks during the first three months of this year compared to the same period last year, according to a report released…"
Iran To Shut Down Internet Permanently; 'Clean' National Intranet In Pipeline
"Millions of Internet users in Iran will be permanently denied access to the World Wide Web and cut off from popular social networking sites and email services, as the government has announced its plans to establish a national Intranet within five months."
The Top 9 Most Costly Financial Services Data Breaches
"Despite the focus on other industries, though, financial services continues to be a top target for data breaches, caused by hacks, card scams, insider data theft, and the loss of a portable device that contains financial or private information."
Tracking DDoS Attacks: Insights into the Business of Disrupting the Web
"Known for a long time, Distributed Denial-of-Service (DDoS) attacks are still prevalent today and cause harm on the Internet on a daily basis. The main mechanism behind this kind of attacks is the use of so called botnets, i.e., networks of compromised machines under the control of an attacker. There are several different botnet families that focus on DDoS attacks and are even used to sell such attacks as a service on Underground markets."
Laman web KDN Britain digodam
"Laman web Kementerian Dalam Negeri Britain semalam terjejas dipercayai dilakukan kumpulan penggodam antarabangsa dikenali sebagai Anonymous yang sebelum ini turut mensasarkan serangan sama ke atas Vatican."
"This month we explore this new front of cyber warfare and we aim to awaken people. People on the front line of the cyber war and those who are innocently living life through their PC's must educate themselves on how government and hacktivists have declared war on the world and how they are doing it."
Experts Ponder Which Security Threats May Gain Speed
"Some financial IT consultants insist that, although online banking is 20 years old and mobile is younger, maturity has not necessarily produced a safer banking platform when users log into their accounts, typically via a Windows PC or laptop. Windows claims about 92% of computers versus 6% for Apple and 2% for all others."
Dutch too laid back to risk of cybercrime
"The Netherlands does not focus enough on the risks of cybercrime. Be it confidential information leaks, industrial espionage of hack attacks, the Dutch tend to turn a blind eye to the dangers. That's the conclusion of the annual report on digital safety issued by security firm Hoffmann Bedrijfsrecherche. For better or for worse, other countries take a far tougher line."
From Hibernation file to Malware analysis with Volatility
"In many malware related cases, the systems are still up and running and perfect for creating a memory dump before starting any investigation regarding the other volatile data and interesting files. In some cases the customer already took the machines from the network and shut them down. From an investigator's perspective, valuable volatile data could be lost caused by this shutdown."
Warned of an Attack on the Internet, and Getting Ready
"… in mid-February, something curious attracted the attention of the behind-the-scenes engineers who scour the Internet for signs of trouble. There, among the ubiquitous boasts posted by the hacking collective Anonymous, was a call to attack some of the network's most crucial parts."
World War 3.0
"When the Internet was created, decades ago, one thing was inevitable: the war today over how (or whether) to control it, and who should have that power. Battle lines have been drawn between repressive regimes and Western democracies, corporations and customers, hackers and law enforcement."
SCADA Security & Deep Packet Inspection – Part 1
"I have talked repeatedly about something called Deep Packet Inspection (DPI) and why it is so important for SCADA / ICS security (for example, see Air Gaps won't Stop Stuxnet's Children). The trouble is, I have never described what DPI actually is. So in today's blog I will back up and explain what DPI firewall technology is all about."
Cybersecurity legislation roundup, 2012 edition
"Cybersecurity legislation within Congress once again is proliferating at a rapid pace, with a number of bills representing contending views on how involved the federal government should be in private sector cybersecurity and the degree to which the White House and the Homeland Security Department should have direct involvement in other agencies' cybersecurity efforts."
Organised Crime In The Digital Age: The Real Picture
Digital crime is evolving, fast. As the real and online worlds converge, both the frequency and the variety of offences are increasing. Serious offences can now be committed with minimal physical resources. The spectrum of activity and players is broad, bewildering, and constantly changing: from hack attacks on banks, through online gambling rings and black markets, to old-fashioned, real-world violence for control of hi-tech digital tools.
Expert insights 2: Cyber threats and security in the Caribbean
"In our inaugural cyber threats and security "Expert insights", featuring Niel Harper from Barbados, he confirmed that online threats are far more prevalent in the Caribbean than we might have realised. Moreover, organisations rarely report intrusions, and in Barbados, there is insufficient capacity for cyber security response."
Viewpoint: How hackers could decapitate the internet
Prof Alan Woodward
"A recent threat, purportedly from the hacker group Anonymous, stated boldly that its members would stop the internet on 31 March. The term "Operation Blackout" was coined and it caused much discussion in all the usual forums. Those issuing the threat even stated how they would do it.They claimed they could disable the Domain Name Service(known by engineers as the DNS) and that would stop the internet. How so?"
In the cloud, your data can get caught up in legal actions
Thomas J. Trappler
"With cloud computing, data from multiple customers is typically commingled on the same servers. That means that legal action taken against another customer that is completely unrelated to your business could have a ripple effect. Your data could become unavailable to you just because it was being stored on the same server as data belonging to someone else that was subject to some legal action."