Cybersecurity |
Sponsored by |
|
At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more
Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more
Over the last ten years, Andrew Odlyzko has been writing about a pricing algorithm that would assure reasonable service levels at reasonable prices. If you're going to F2C, you might want to read that brief article or this slightly more complex one to learn (or refresh your sense of) PMP -- Paris Metro Pricing models to deal with network congestion. You'll also get a sense of why throwing bandwidth at the network will not be sufficient. Here's a great article from 1995... more
The pace of generative AI development has been astonishing to the degree that the normative space has been unable to keep up. As governments start looking into some implementations of the technology, such as ChatGPT, more advanced techniques and products continue to emerge by the day. Society is changing in irrevocable ways, and it is paramount that the Internet Governance community turns its attention to this question. more
A report from Verizon Business's 16th annual Data Breach Investigations Report (DBIR) reveals a startling surge in the frequency and cost of cyberattacks. It analyzed 16,312 security incidents and 5,199 breaches, showing a sharp uptick in the cost of ransomware. more
Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more
The Biden administration has issued a stark warning to the nation's governors about the increasing threat of cyberattacks on the United States' water and wastewater systems. more
Seventy-five years ago today, on May 29th, 1934, Egyptian private radio stations fell silent, as the government shut them down in favor of a state monopoly on broadcast communication. Egyptian radio "hackers" (as we would style them today) had, over the course of about fifteen years, developed a burgeoning network of unofficial radio stations... It couldn't last. After two days of official radio silence, on May 31st, official state-sponsored radio stations (run by the Marconi company under special contract) began transmitting a clean slate of government-sanctioned programming, and the brief era of grass-roots Egyptian radio was over... more
Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. more
The web performance and security company, Cloudflare has shared one of the methods it uses to ensure randomness when generating encryption keys. more
Majority of U.S. Federal agencies using .gov domains have not signed their DNS with DNSSEC (Domain Name Security Extensions) despite a December 2009 Federal deadline for adoption, according to the latest report by IID (Internet Identity). IID analyzed the DNS of more than 2,900 .gov domains and has released the results in its "Q3 State of DNS Report". more
U.S. Internal Revenue Service Commissioner (IRS) testified before the Senate Finance Committee stating the agency has discovered fraudsters could use someone's personal data to fill out a financial aid application, and the "Data Retrieval Tool" would populate the application with tax information. more
Cyber espionage group targets South American and Southeast Asian governments using custom Felismus malware. more
Today, the Biden Administration released the National Cybersecurity Strategy, which outlines the use of all available resources to protect the United States' security, safety, and economic prosperity. more
If you read this blog, you've probably heard by now about the massive Twitter hack. Briefly, many high-profile accounts were taken over and used to tweet scam requests to send Bitcoins to a particular wallet, with the promise of double your money back. Because some of the parties hit are sophisticated and security-aware, it seems unlikely that the attack was a straightforward one directly on these accounts. more
A World-Renowned Source for Internet Developments. Serving Since 2002.