An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano's comments that 'cybercrime represents the "greatest threat and actual activity that we have seen aimed at the west and at the United States" in addition to "or other than Al Qaeda and Al Qaeda-related groups."' ..."Napolitano cited a study commissioned by Symantec that put the total worldwide cost of cybercrime at $388 billion -- higher than the global market for heroin, cocaine and marijuana combined." more
In a blog post, Stewart Baker proposed restricting access to sophisticated anti-virus software as a way to limit the development of sophisticated malware. It won't work, for many different and independent reasons. To understand why, though, it's necessary to understand how AV programs work. The most important technology used today is the "signature" - a set of patterns of bytes - of each virus. Every commercial AV program on the market operates on a subscription model... more
There has been a lot of discussion lately about the potential for IPv6 to create security issues. While there are definitely some security risks of IPv6 deployment, a carefully considered implementation plan can help mitigate against security risks. As we approach World IPv6 Launch tomorrow, I thought it prudent to share the below described incident that iDefense recently observed. more
Here we go again; another instance of really sophisticated spyware has been reported, a system that is "so complex and sophisticated that it's probably an advanced cyber-weapon unleashed by a wealthy country to wage a protracted espionage campaign on Iran". I won't get into the debate about whether or not it's really more impressive than Stuxnet, whether or not it's groundbreaking, or whether or not Israel launched it; let it suffice to say that there are dissenting views. I'm more interested in the implications. more
The world is abuzz this week with some flaming malware - well "Flame" is the family name if you want to be precise. The malware package itself is considerably larger than what you'll typically bump into on average, but the interest it is garnering with the media and antivirus vendors has more to do with the kinds of victims that have sprung up - victims mostly in the Middle East, including Iran - and a couple of vendors claiming the malware as being related to Stuxnet and Duku. more
Talking technical is easy. Distilling technical detail, complex threats and operation nuances down to something that can be consumed by people whose responsibility for dealing with cybercrime lays three levels below them in their organizational hierarchy is somewhat more difficult. Since so many readers here have strong technical backgrounds and often face the task of educating upwards within their own organizations, I figured I'd share 4 slides from my recent presentation that may be helpful in communicating how the world has changed. more
As anyone who's been in the DDoS attack trenches knows, large multi-gigabit attacks have become more prevalent over the last few years. For many organizations, it's become economically unfeasible to provision enough bandwidth to combat this threat. How are attackers themselves sourcing so much bandwidth? more
Communications will be one of the most critical areas during the London Olympic Games. The industry is working to establish shared access networks -- would it not be nice if they did this everywhere, all the time? They are also working very closely with British Olympic Association, London Transport, the broadcasters and content providers. Mobile coverage will be the biggest shared infrastructure in the world. more
The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector. In an advisory issued last week, ICS-CERT said it has received information about targeted attacks and intrusions into multiple organizations over the past several months. more
The sixth annual Counter-eCrime Operations Summit (CeCOS VI) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals who protect consumers and enterprises from the ecrime threat every day. This year's meeting will focus on the shifting nature of cybercrime and the attendant challenges of managing that dynamic threatscape. more
The Wall Street Journal has an interview with the outgoing head of the FBI's cyber crime investigation Shawn Henry. In it, he has a blunt assessment of the US's capabilities when it comes to combatting online crime, especially data theft and hacking... The more I read around the Internet, the more clear it's becoming at how cyber security is becoming a central focus. This has pretty big implications for the cloud. more
The King is dead. Long live the King! Or, given this week's events, should the phrase now be "Kelihos is dead. Long live Kelihos"? It is with a little amusement and a lot of cynicism that I've been watching the kerfuffle relating to the latest attempt to take down the Kelihos botnet. You may remember that a similar event ("Kelihos is dead") occurred late last year after Microsoft and Kaspersky took it on themselves to shut down the botnet known as Kelihos (or sometimes as Waledac 2.0 or Hlux). more
Network security experts from across the U.S. government told a U.S. Senate Armed Services Subcommittee on Tuesday that federal networks have been thoroughly penetrated by foreign spies, and that current perimeter-based defenses that attempt to curb intrusions are outdated and futile. more
The Online Trust Alliance (OTA) joined a unanimous vote at the Federal Communications Commission's (FCC) Communications Security, Reliability and Interoperability Council (CSRIC) meeting today, approving the voluntary U.S. Anti-Bot Code of Conduct for Internet Service Providers (ISPs), also known as the ABCs for ISPs. As a member of the CSRIC appointed by FCC Chairman Julius Genachowski, the OTA has been working with the FCC and leading ISPs to develop this voluntary Code. more
ICANN has appointed IID President and CTO Rod Rasmussen to its Security and Stability Advisory Committee (SSAC). An area that Rasmussen's work and recent SSAC reports have both covered in-depth is domain name hijacking. Recent hijackings against UFC.com and Coach.com, and similar past attacks against CheckFree, Comcast and Twitter have heightened awareness about the security dangers with the Internet's infrastructure. more
A World-Renowned Source for Internet Developments. Serving Since 2002.