Spam and virus trends in Q3'10 confirm that spammers are still hard at work distributing malicious content in new and creative ways, according to the latest reports. The latest spam and virus trends report is produced by Postini, Google's email security and archiving service that, according to the company, processes more than 3 billion email messages per day and more than 50,000 businesses. more
The U.S. became the top attack traffic source in the second quarter of 2010, accounting for 11% of observed attack traffic in total, reports Akamai in its State of the Internet Report released today. According to the report, China and Russia held the second and third place spots, accounting for just over 20% of observed attack traffic. Attack traffic from known mobile networks has been reported to be significantly more concentrated than overall observed attack traffic, with half of the observed mobile attacks coming from just three countries: Italy (25%), Brazil (18%) and Chile (7.5%). more
According to recent news reports, the administration wants new laws to require that all communications systems contain "back doors" in their cryptosystems, ways for law enforcement and intelligence agencies to be able to read messages even though they're encrypted. By chance, there have also been articles on the Stuxnet computer worm, a very sophisticated piece of malware that many people are attributing to an arm of some government. The latter story shows why cryptographic back doors, known generically as "key escrow", are a bad idea. more
In his keynote yesterday at the RSA Security Conference, former U.S. top chief counter-terrorism adviser, Richard A. Clarke, said cyberwar defence efforts need to focus on re-architecting networks not buying more technology. more
A recent study released today suggests 53 percent of critical infrastructure providers have experienced what they perceived as politically motivated cyber attacks. According to Symantec's 2010 Critical Information Infrastructure Protection (CIP) Survey, participants claimed to have experienced such an attack on an average of 10 times in the past five years, incurring an average cost of $850,000 during a period of five years to their businesses. more
The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for businesses and organizations to use as they craft strategies to protect the modernizing power grid from attacks, malicious code, cascading errors, and other threats. more
A report, released today by McAfee, Inc., titled "Security Takes the Offensive," says that traditionally, security technology companies and computer users have taken a defensive posture, putting the cyber equivalent of body armor on computers, networks and in the cloud. The report's authors say it is now time to avoid enemy strikes altogether by taking a more aggressive stance, aligning forces and involving law enforcement. more
Garth Bruen writes: A report in LegitScript takes a look at Russian rogue Internet pharmacy hacking US government website. "As rogue Internet pharmacy networks become more sophisticated, even US government websites are at risk. Today, we're taking a look at how a rogue Internet pharmacy linked to a criminal network operating out of Russia and Eastern Europe has hacked into a US government website. The Millennium Challenge Corporation, a US foreign aid agency, utilizes a ".gov" top-level domain, which is assigned to the control of the US government. Domain names ending in .gov are typically administered by the General Services Administration." more
A study conducted by the Verizon Business RISK team in cooperation with the United States Secret Service has found that breaches of electronic records in 2009 involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. more
J. Nicholas Hoover reporting in InformationWeek: "The White House on Wednesday issued an update of the Obama administration's ongoing cybersecurity work, detailing some of the steps being taken in an effort to secure the nation's networks against cyber attacks and in the process offering some new insight into the administration's future plans. The progress report, issued immediately after a meeting held by White House cybersecurity coordinator Howard Schmidt with agency secretaries, cybersecurity experts..." more
M86 Security today released it's bi-annual security report for the first half of 2010, highlighting the evolution of obfuscation through combined attacks. From the report: "This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for 'covering their tracks' are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language - built into Adobe flash - and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today." more
I just finished reading Richard Clarke and Robert Knake's book Cyberwar. Though the book has flaws, some of them serious, the authors make some important points. They deserve to be taken seriously. I should note that I disagree with some of my friends about whether or not "cyberwar" is a real concept. Earlier, I speculated that perhaps it might be a useful way to conduct disinformation operations, but it need not be so limited. more
Security expert Bruce Schneier in a blog post today writes: "It's about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top. ... General Keith Alexander, the current commander of the U.S. Cyber Command, hypes it every chance he gets. This isn't just rhetoric of a few over-eager government officials and headline writers; the entire national debate on cyberwar is plagued with exaggerations and hyperbole." more
There is a classic scene in the movie, "Jaws," when Roy Scheider gets a look at the size of the shark circling his fishing vessel and says, "We're going to need a bigger boat." The same case can be made for CIOs dealing today with application security. Hackers from all over the world are circling business and government like great whites looking for vulnerabilities in Internet-facing applications. The growth of applications is great for doing business but they have become chum in the water for predators. more
A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more