News, analysis and context on enterprise technology for the CTO
Paranoia is good when it comes to cyber-security...or is it? Are we making ourselves paranoid? Like many computer security professionals, I tend to closely follow technology and security news, even though its often discouraging and depressing. It is routine to see articles disclosing general information about recent attacks and criminal successes (and sometimes criminal captures). I suppose that at this point it is fairly common to find "shocking" … [Read more...]
These days we hear a lot of terms thrown about like the “Consumerization of IT” and “Bring your own device” (BYOD), and “Network health”. This is because corporations are starting to warm up to the idea that maybe if they let you bring in your personal computing devices such as smartphones and tablets, they won’t have to pay to give you one. The flip-side of letting employees bring their consumer devices into the corporate fold is that … [Read more...]
Everything that you need to know about Duqu: Duqu was reported to antivirus vendors around the 14th of October, 2011, but it has been in the wild since November of 2010. Since then there have been varients (updated copies with additional features or upgrades to code) released. It has been billed as the next Stuxnet, the son of Stuxnet, or a Stuxnet clone. In reality, Duqu is actually more like a payload of Stuxnet rather than the entire attack … [Read more...]
Android has been plagued by malware, security vulnerabilities, and now, privacy issues. It started with HTC's logging application which over-zealously logged aspects of phone use in insecure ways which made that data accessible by any application, and more recently has come to a head with the discovery of the carrier IQ application. The Carrier IQ application is supposedly a diagnostic tool which sits on a variety of phones including Android, iPhone, … [Read more...]
As of yet, there is no definitive narrative of the virus that hit the U.S. drone fleet at Creech Air Force Base in Nevada this September. Original reports stated that drone cockpits had been infected with a keylogger virus and, while there was no indication that classified information had been stolen or that missions had been compromised, the virus has proven tenacious, resisting efforts to disinfect machines and forcing the Air Force to wipe … [Read more...]
A recent IDG interview of Bob Gourley of Crucial Point and Andrzej Kawalec of HP delved into the problem of the "traditional" method of enterprise security, a paradigm under severe challenge. We can sum up the traditional approach as less a certain tactic, technique, technology, or policy than a way of viewing the world. As Gourley has noted, traditional enterprise security can be characterized with one of these bullets: Primarily exists below … [Read more...]
The second interview for IDG on Monday, September 12, featured Andrzej Kawalec, HP's CTO of Enterprise Security along with Bob Gourley. The two first discussed changes in the enterprise threat environment, which have been dramatic. They agreed on three major emerging challenges in enterprise cybersecurity. The first is simply the nature of the threat, which is growing more sophisticated, faster, and more targeted over time. Phishing, for example, … [Read more...]
This post provides an update on the Security Innovation Network (SINET) Workshop and Showcase, and also provides an invitation for you to attend this potentially game-changing event (I serve on the SINET steering committee and would truly appreciate seeing you at the showcase). Keynotes will be delivered by: General Keith B. Alexander, Commander of the U.S. Cyber Command & Director of the National Security Agency, and His Excellency Jaak Aaviksoo, … [Read more...]
As the various intelligence agencies, computer security companies, and hackers prepare for the week of convention carnage that is Blackhat (Going on now), Defcon, and BSidesLV, it's important to remember how easy it is for security professionals to end up on the dreaded "wall of sheep" (a very public listing of usernames and partially-redacted passwords pilfered from the network and displayed to all). It's not considered a surprise to get hacked and … [Read more...]
It’s late Monday morning when your computer security department notices that a suspicious message has been emailed to most of the email addresses at your company. It contains a malicious PDF that exploits a new vulnerability that came out over the weekend. The patch hasn’t been applied to the company workstations yet, and it’s too little, too late by the time the email goes out telling everyone not to click on the links. By the time inboxes are … [Read more...]