[SecurityRatty] tag: cyber-warefare

Online safety is a science, dont get infected!

Tue, 02 Dec 2008 13:17:11 +0000

Ran across this great article, its written with a touch of science applied to the threats that are out there online.
A must read.

clipped from www.sciencenewslive.com

Antispyware Software Helps Stop Cyber Intruders

One of the key weapons effective in fighting the battle against these despicable internet threat security trends that are so widespread these days is to have a robust and dependable antispyware software package installed on your system. But, it must be noted that installing internet security software is simply the first step, since it must be actively used and continually updated.

Speaking of Security Podcast #130

Sun, 23 Nov 2008 21:00:00 +0000

Click to Download/Listen (08:53)

Now that the 2008 US Presidential and Congressional elections are behind us, what can we expect from the new Administration and the 111th Congress on Cyber Security? The Speaking of Security podcast has a report direct from Washington, DC.

I was right!

Fri, 21 Nov 2008 06:15:00 +0000

Allen does the dance-of-I-was-right...

*ahem*

In my blog in July, I predicted that we would be seeing a perfect storm as cyber criminals start to see diminshing returns on PII (credit card info, mothers maiden names and the kind of things they have been going after up until now) and thus start looking at the business information that they have been ignoring.

According to usatoday, internet thieves are making big money stealing corporate info.

"Elite cybergangs can no longer make great money stealing and selling personal identity data. Thousands of small-time, copycat data thieves have oversaturated the market, driving prices to commodity levels. Credit card account numbers that once fetched $100 or more, for instance, can be had for $10 or less, says Gunter Ollmann, chief security strategist at IBM ISS, IBM's tech security division."

As I said in my original article - the only problem with this is the establishment of a market. The cyber-criminals have established a very viable underground trading system but they now need businessed to want to dip their toes in something that is highly illegal. It seems this is happening.

The scary thing is how much information is actually being pulled out of the organisation. The criminals are literally dumping everyone's My Documents directory with no real aim to a storage facility outside of the organisation and yet the companies are not aware of this.

My advice? Take measures now while the enemy are just getting established. How you manage to protect your employees' and customers' PII will determine how well you survive the next part of the battle - your company secrets.

Also, don't be tempted to get information on your competitors from shady people. They may just be doing the same thing to you.

PS1: (PII = personally identifiable information - anything that can be linked to a person and is usually stuff you don't want the public to know like your credit card details, address, salary, health, etc)

PS2: Thank you to TaoSecurity for the story. Read Richard Bejtlich's post for more information. His take on the story is that it is all to do with money. Of course it is, if you think information security is about antivirus and firewalls then you are truely wrong.

The DDoS Attack Against Bobbear.co.uk

Wed, 19 Nov 2008 05:35:01 +0000

When you get the "privilage" of getting DDoS-ed by a high profile DDoS for hire service used primarily by cybercriminals attacking other cybercriminals, you're officially doing hell of a good job exposing money laundering scams.

The attached screenshot demonstrates how even the relatively more sophisticated countersurveillance approaches taken by a high profile DDoS for hire service can be, and were in fact bypassed, ending up in a real-time peek at how they've dedicated 4 out of their 10 BlackEnergy botnets to Bobbear exclusively.

Perhaps for the first time ever, I come across a related DoS service offered by the very same vendor - insider sabotage on demand given they have their own people in a particular company/ISP in question. Makes you think twice before considering a minor network glitch what could easily turn into a coordinated insider attack requested by a third-party. Moreover, now that I've also established the connection between this DDoS for hire service and one of the command and control locations (all active and online) of one of the botnets used in the Russia vs Georgia cyberattack, the concept of engineering cyber warfare tensions once again proves to be a fully realistic one.

Related posts:
A U.S military botnet in the works
DDoS Attack Graphs from Russia vs Georgia's Cyberattacks
Botnet on Demand Service
OSINT Through Botnets
Corporate Espionage Through Botnets
The DDoS Attack Against CNN.com
A New DDoS Malware Kit in the Wild
Electronic Jihad v3.0 - What Cyber Jihad Isn't

Dont get a lump of coal this season!

Tue, 18 Nov 2008 14:46:21 +0000

Make sure your online protection products are working and updated, or you may get a lump of coal this Holiday season.

clipped from www.marketwatch.com

Webroot Threat Advisory: Online Threats to Increase This Holiday Season

To protect themselves during any online
shopping experience, consumers need to be aware of the security
risks and necessary precautions they should take to avoid being a victim
of cyber crime. Since the October to December timeframe will be a key
money-making season for today’s financially
motivated cyber criminals Webroot is recommending that consumers follow
these five steps:

National Security Perspectives A Post-Election Insider View

Tue, 18 Nov 2008 11:13:25 +0000

Recently I participated in an event entitled National Security Perspectives held at the famous Congressional Country Club in Maryland. The featured panelists had impressive credentials from the NSA, DHS and the CIA. The topics of discussion ranged from Current Geopolitical Threats and Evolving Technology Demands to predictions about the New Administrations Intelligence, Defense and Homeland Security focus.

The panelists were:
William P. Crowell – former Deputy Director of the National Security Agency
Michael P. Jackson – Deputy Secretary, Department of Homeland Security
Jose A. Rodriguez, Jr. – former Director CIA, National Clandestine Service & CIA, DCI Counterterrorist Center

Overall, it was a very nicely arranged event on a brisk fall evening with about 100 CXO attendees; mostly large but some small government contractors and a few product companies like ScienceLogic that conduct business with military, intelligence and the public sector.

No surprise, given the financial crisis the economy is suffering from that the panelists said we also have a crisis coming on the Federal budget front. This will put enormous pressure on the way Administration thinks, and how and where to spend the $$.

Obama’s tone regarding the issues he will be confronting in the world during the election was encouraging. Make the world more non-partisan and take on the threats that we have in front of us head-on!

The panel was very upfront about current threats. William Crowell said,

“It is highly imprudent to believe that there will not be another 9-11. We have to fund and support the work to stop other attacks. We can only mitigate risk but we can’t eliminate risk. We have to try to absorb the sense of urgency and wake up every day looking at the intelligence screens as if 9-11 happened within the last couple of months.”

He added,

“They (the intelligence community) need the innovation, sense of commitment and urgency that comes from the private sector – a sense of mutual commitment to that mission.”

Predicted Priorities for investment for DHS:

Cyber attack as the top issue
Nuclear threats including dirty bomb
Chemical and biological attacks
Explosive attacks against critical infrastructure with maximum # of lives and or financial disruption / loss.
Large scale natural disasters – hurricane + earthquakes
Border penetration - identity management and border management issues

An Obama administration will spend dollars around these threat vectors. They will want to spend $$ to help state and local governments. Grants to state and local governments should significantly increase with the Obama administration, so think about how you will increase your focus on the state and local government spending initiatives.

Secure border investments – the panelists believe that the new administration will feel compelled to invest here. Michael P. Jackson bluntly said, “You have to make investments in border tools to get meaningful immigration reform.”

Panelists agreed that the 1^st year will be an intense period of scrutiny about fundamental directions. We can’t afford it all at DHS; it is dramatically under budgeted. At TSA/DOT and then at DHS, we spent about $4 Billion on technology investments since 9-11; those investments are now reaching the end of the original service life.

One gripe from the panel that I found humorous: “We don’t have a group of people who think like entrepreneurs.” It is insane how long things last when you buy things in the government. As an example, we are still replacing vacuum tubes in some of the very old FAA gear… this is well beyond what any reasonable person would think these initial investments should/would last.

Final Thoughts:
I actually think that the Obama Administration will be quite favorable to COTS software products, SaaS offerings, and creative financing initiatives from the private sector. The government just won’t have the capital budget to do everything it wants to accomplish. I would say if you look at how intelligently and aggressively Obama used technology to assist his campaign, the odds are good that this new breed of IT talent (which is already really comfortable with SaaS products, blogs, wiki’s, hosted/outsourced Cloud solutions… this team really understands the latest technology trends) will quickly work to bring these new IT paradigms to the Federal marketplace. Clearly the private sector can help the Government achieve more with lower capital budgets – beginning to provide services rather than transaction-based selling. Another clear idea is to think about leasing as a better way to work with the government which going forward will have increased budgets restrictions.

They will likely be in confrontation with members of Congress that won’t change fast enough, however the future of our nation’s ability to fight terror lies in becoming more efficient and effective. It requires the government be flexible enough to figure out what jobs and IT functions to outsource in a nimble and smart way. My prediction: this is great news for Service Providers. Overall the next 4 years should be great for our business as well as the Managed Service Provider/SaaS industry!

Expert to Obama: Time to Reboot Cyber Security

Tue, 18 Nov 2008 02:45:00 +0000

With everything from businesses to the military dependent on computer networks, the Obama White House needs a coherent strategy for coping with cyberattacks. The third installment of the Danger Room Debriefs series on security issues facing the new administration features John Arquilla, professor of defense strategies at the U.S. Naval Postgraduate School.

Attacks On Banks

Mon, 17 Nov 2008 03:15:09 +0000

This article provides an overview of the methods currently used by cyber criminals to attack financial institutions and banks in particular. It reviews general trends and takes how malicious programs ...

IT security education continues to evolve

Mon, 17 Nov 2008 02:00:00 +0000

There are some areas where we lack students who graduate with expertise and focus. IT security and cyber forensics are areas with critical need.

IT security education continues to evolve

Sun, 16 Nov 2008 21:00:00 +0000

The majority of programs at colleges and universities around the country are certainly doing a good job of training people to go into positions in IT. In fact, we have a greater demand among employers for students than we have students to fill positions. That said, there are some areas where we lack students who graduate with the right amount of expertise and focus. IT security and cyber forensics are areas where we have a critical need for workers in the field.