Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The Wall Street Journal has an interview with the outgoing head of the FBI's cyber crime investigation Shawn Henry. In it, he has a blunt assessment of the US's capabilities when it comes to combatting online crime, especially data theft and hacking... The more I read around the Internet, the more clear it's becoming at how cyber security is becoming a central focus. This has pretty big implications for the cloud.
It is great to see US and European governments undertake initiatives to promote the development of research into Big Data utilizing commercial clouds. Many cloud providers are offering free resources to support these initiatives. R&E networks will play a critical role in linking researchers to the commercial clouds and developing collaboration platforms and portals.
One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers.
The explosion in mobile communications in the developing world has created social and economic changes that have exceeded all expectations and predictions -- even those made as recently as five years ago. There are still countries lagging behind, but now is the time to move on to the next stage -- and that means broadband. Already the developed world is showing an enormous appetite for mobile broadband, so the demand is most certainly there. The rapid development of low cost Smartphone, projected to approach $50 soon...
Pinning down the number of infected computers is really, really hard. I'd go as far as saying it's practically impossible to calculate, let alone observe. Still, that's not going to stop people from attempting to guess or extrapolate from their own observations. Over the years I've heard "reliable" numbers ranging from 10% through to 60% -- and I don't trust any of them. There's a whole gaggle of reasons why the numbers being thrown out to the public are inaccurate and should ideally be interpreted with a lot of skepticism by any right-minded folks.
Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say "botnet", I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was). Rather, Zeus is a tool kit that online criminals can buy that lets them create phishing pages, perform fast fluxing, host drive-by downloads in addition to spamming. It's more like infrastructure than a botnet, although it does have a large botnet under its control.
In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers.
Another twenty five years has just zoomed by, and before you know it, it's all on again. The last time the global communications sector did this was at the WATTC in 1988, when "the Internet" was just a relatively obscure experiment in protocol engineering for data communications. At that time the Rather Grand telephone industry bought their respective government representatives... to the Rather Grandly titled "World Administrative Telegraph and Telephone Conference (WATTC) in November 1988 in Melbourne, Australia and resolved to agree to the Rather Grandly titled "International Telecommunication Regulations."
In Ian Flemming's Thunderball M sends 007 to the Bahamas on a hunch that SPECTRE is hiding something there. Well, it's been our hunch for a while that the Bahamas "office" for the Registrar Internet.BS does not exist. Now we have confirmation of such. It has been documented in an explosive undercover expose by LegitScript that Internet.BS address as stated could not be verified, could not accept mail, and that the business itself could not actually be found in the Bahamas.
Last week at RSA, Bruce Schneier gave a talk on the top 3 emerging threats on the Internet. Whereas we in the security field usually talk about spam, malware and cyber crime, he talked about three meta-trends that all have the potential to be more dangerous than the cybercriminals. Here are my notes.
A World-Renowned Source for Internet Developments. Serving Since 2002.