The Spamhaus Project just published a long article about the botnets they've been watching during 2014. As this chart shows, we're not making any progress. They also note that the goals of botnets have changed. While in the past they were mostly used to send spam, now they're stealing banking and financial information, engaging in click fraud, and used for DDoS and other malicious mischief. more
Every couple of years there's a new "hot threat" in security for which vendors abruptly tout newfangled protection and potential customers clamor for additional defense options. Once upon a time it was spyware, a few years ago it was data leakage, and today it's mobile malware. It's a reoccurring cycle, analogous to the "blue is the new black" in fashion -- if you fancy adopting a certain cynical tone. more
In two recent debate events I participated in, on iFreedom and privacy in the online world, mistrust of government and government's intentions and motivations on and towards the Internet were abundantly present with more than just a few people in the audiences. The emotions were not new to me, no, it was the rationality that surprised and sometimes almost shocked me. Why? Well, should these sentiments get the support of the majority of people, it would undermine all legitimacy of a government to govern. Let's try and take a closer look. more
This is a follow-up to my previous post on Cybersecurity and the White House. It illustrates an actual cyberwarfare attack against Estonia in 2007 and how it can be a legitimate national security issue. Estonia is one of the most wired countries in eastern Europe. In spite of its status of being a former Soviet republic, it relies on the internet for a substantial portion of everyday life -- communications, financial transactions, news, shopping and restaurant reservations all use the Internet. Indeed, in 2000, the Estonian government declared Internet access a basic human right... more
Arthur C. Clarke said any sufficiently advanced technology is indistinguishable from magic. Milton Friedman said there's no such thing as a free lunch. The validity of the former statement does not invalidate the later. From this we can see that even magic has a price. Hence, its application is subject to cost-benefit analysis. There are many developing technologies that may eventually qualify as magic. more
The world of Internet threats has changed continually over the years. From the time that a "worm" first showed up in the wild, or whenever someone penetrated a system without authorization for the first time, various forms of attacks and malware have presented dangers to the system and those who use it. Different vectors have received varied focus over the years... Many parts of the Internet community have been involved in addressing relevant issues and fostering efforts to combat them. more
My blog 'What PRISM, credit card hacking and Chromecast have to do with FttH' led to some very interesting discussions all around the world. One of issues that was discussed was that the sheer capacity of FttH will also allow hackers, criminals and others to use that massive capacity for the wrong reasons. Its volume will make it increasingly difficult to police. more
A couple of years ago I started a mailing list where folks not necessarily involved with the vetted, trusted, closed and snobbish circles of cyber crime fighting (some founded by me) could share information and be informed of threats. In this post I explore some of the history behind information sharing online, and explain the concept behind the botnets mailing list... we may not be able to always share our resources, but it is time to change the tide of the cyber crime war, and strategize. One of the strategies we need to use, or at least try, is public information sharing of "lesser evils" already in the public domain. more
As few as seven years ago, cyber-threat intelligence was the purview of a small handful of practitioners, limited mostly to only the best-resourced organizations - primarily financial institutions that faced large financial losses due to cyber crime - and defense and intelligence agencies involved in computer network operations. Fast forward to today, and just about every business, large and small, is dependent on the Internet in some way for day-to-day operations, making cyber intelligence a critical component of a successful business plan. more
A lot of pixels have been spilled in the last few years about "advanced persistent threats" (APT); if nothing else, any high-end company that has been penetrated wants to blame the attack on an APT. But what is an APT, other than (as best I can tell) an apparent codename for China? Do they exist? After thinking about it for a while, I came up with the following representation... more
The most interesting feature of the newly-described "Equation Group" attacks has been the ability to hide malware in disk drive firmware. The threat is ghastly: you can wipe the disk and reinstall the operating system, but the modified firmware in the disk controller can reinstall nasties. A common response has been to suggest that firmware shouldn't be modifiable, unless a physical switch is activated. more
Cyber security was a hot topic in 2014. It seemed not a week went by without details of a high profile data breach hitting the headlines. To recap, the Sony breach was one of the most notable, as was the Home Depot hack, while details of widespread security vulnerabilities such as Heartbleed, Shellshock and Poodle were also revealed. But what will 2015 bring? Will it be more of the same, or have cyber criminals got some new tricks up their sleeves? more
There's been a lot of emphasis on DNS performance lately because faster DNS contributes directly to a better user experience. There's an interesting flipside to DNS performance though, higher performance DNS servers may be better targets for cache poisoning attacks. Faster servers give attackers more opportunities to insert fake entries into the DNS - speed can kill (or at least inflict a nasty wound!) so it's important to understand the security implications if you're looking to upgrade DNS performance. more
When the domain name system (DNS) was first designed, security was an afterthought. Threats simply weren't a consideration at a time when merely carrying out a function - routing Internet users to websites - was the core objective. As the weaknesses of the protocol became evident, engineers began to apply a patchwork of fixes. After several decades, it is now apparent that this reactive approach to DNS security has caused some unintended consequences and challenges. more
We all know how easy it can be to ignore or underestimate the possibly, or even likelihood, of a terrorist attack; just remember what happened on 9-11. That seems to be just what the U.S. is doing when it comes to a possible Cyber-Attack, no not in other countries, but right here at home where targets like private sector companies, who provide vital economic and emergency services to our population using broadband infrastructure, and are woefully under-secured for such attacks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.