News, analysis and context on enterprise technology for the CTO
Say you're chilling out at your local watering hole, enjoying burgers and beers served by waitresses who could double as extras from The Dukes of Hazzard. For many people, it might be the aftermath of a successful night out at the town or yet another post-work happy hour. For David Palmer, it was the perfect backdrop to hack defense contractor McLane Advanced Technologies and wipe the payroll files: Prosecutors say that Palmer set up a back-door user … [Read more...]
This is the second installation on my series about Computer Network Operations (CNO). The last blog explored the actions known as Computer Network Exploitation (CNE), and as always, please feel free to comment. Today, the topic switches from exploitation to defense. Computer Network Defense (CND): Includes actions taken via computer networks to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other … [Read more...]
In February 2011 we reported on a Department of Homeland Security research agenda for cyber security, providing the opinion that this was "the most mature research agenda on the topic of cyber security." That research agenda is fantastic and should help shape the future cyber ecosystem in very positive ways. Now in March 2011, DHS has produced another significant, positive, virtuous document on the topic of Cybersecurity that deserves the attention … [Read more...]
Last week, General Alexander (director of NSA and commander, USCYBERCOM) spoke at the RSA conference in San Francisco. He pointed out the the explosion of technology over the past 10 years. That users went from an average of 250MB of personal files, to over 128GB. The fact that 70% of Americans online are on Facebook - that 600M users worldwide are as well. This, mixed with the huge advances in programming (Watson and Deep Blue) lets us know that we do … [Read more...]
Opinion: the most mature research agenda on the topic of cyber security is the one established by our nation's Department of Homeland Security. I'm keeping an open mind, and would love to learn of other cyber security research agenda's that might be as well defined. But I have to tell you I have seen research programs associated with cyber for years and this one is impressive. The details of the topic areas of this research activity are embedded in a … [Read more...]
This July, the Ponemon Institute performed a benchmark study of US companies to identify the cost that companies can attribute to cyber incidents. There are a whole host of different ways in which a company can be targeted by a cyber attack, including corporate espionage. To complete their research, Ponemon examined 45 organizations, examining thousands of independent cyber attacks. They found that attacks varied between $1M and $52M, averaging … [Read more...]
Bright Side of News recently wrote an article reporting on ElcomSoft's GPU computing attempts. They used various GPUs to hack WPA-PSK passwords. Check out the results here. ElcomSoft leverages the immense computing power of latest generation graphics cards. Cards such as ATI's Radeon HD 5970, and nVidia's GTX 295. The HD 5970 is ATI's latest offering, it has 2 GPUs, with 3200 stream processing units, and 2 GB of DDR5 RAM. Stream processors … [Read more...]