|
Cyberwar has been a popular topic on Internet Evolution lately, with two writers -- Kenneth Geers, US representative to the cyber center in Tallinn, Estonia (whose systems were attacked three years ago over a dispute with Russia); and Ira Winkler, a former NSA analyst -- weighing in on the threat.
Meanwhile, in Washington last week, an FBI official -- Steven Chabinsky, deputy assistant director of the FBI's cyber division -- warned of cyberterrorists
who "exploit our weaknesses" and "challenge our country's very existence."
And earlier this month, an economist in San Francisco warned that cyberthieves are stealing entire US industries, along with their high-paying jobs. "This is way beyond trade secrets -- this is not the formula for Coke," said Scott Borg, director and chief economist of the US Cyber Consequences Unit at the RSA Conference. "It's all the settings for pressures, valves, and switches; templates for production and operation; schematics for equipment so plants can be replicated in another part of the world."
Despite all the bad news, though, there are some signs that the US government and companies nationwide are finally taking cyberwar seriously enough that we may not always be caught in an ever-escalating battle between the Internet good guys and bad guys:
- For the first time in my memory, a big public company -- Google (Nasdaq: GOOG) --- revealed in January that its systems were attacked. It was a move that was hotly debated inside Google, I was told, but it got a lot of people in Washington talking about cybercrime, and a few other companies followed suit. Intel Corp. (Nasdaq: INTC), for instance, disclosed in its annual report last month that it was attacked around the same time as Google.
The report said Intel faces regular attempts to gain unauthorized access to its systems that are "sometimes successful" and the company may not always be aware of the attacks. Intel disclosed them -- and listed them as a material risk -- because Google's disclosure got so much attention, according to Intel spokesman Chuck Mulloy. "[These incidents] may have been present before now, but they're front and center in the minds of many people," he says. "Our reporting folks thought it was prudent."
- Members of the Internet community from several countries worked together this month to cripple the notorious Zeus botnet, whose creators have been stealing online banking credentials from small businesses, as Jart Armin reported.
One of the botnet's chief service providers -- Troyak, an ISP in Kazakhstan -- was de-peered again and again by other service providers who are trying to stamp out Zeus and keep the Internet clean, according to Mary Landesman, a researcher at Cisco Systems Inc. (Nasdaq: CSCO)-owned security SaaS provider ScanSafe. "This shows that other governments and legitimate providers in other countries are taking cyberthreats seriously," she said.
- There is new legislation in Congress. Yes, we know legislation is not always good, but because of the attacks on Google -- attacks that Google said originated in China -- a bipartisan bill has been introduced in the Senate that would require President Obama to cut off assistance to countries that don't take responsibility for cybercrime and to deliver assistance to those that fight it.
Mastercard, Visa, and several big tech companies -- including Microsoft Corp. (Nasdaq: MSFT), Cisco, PayPal, and Facebook (Nasdaq: FB) -- all support the bill.
Certainly, there's a lot of work left to be done. According to ScanSafe, encounters by the energy and oil industries with sophisticated data-theft Trojans -- malware that infiltrates computers through compromised Websites and then sends forensic information about the machines back to the attackers -- were up 366 percent last year, more than double the year before.
"Every time we look at this, we come back with the same picture," Landesman says. "Companies with the most sensitive intellectual property are being hammered the hardest."
But Google's honesty about the attacks on its systems and the spontaneous takedown of the rogue ISP Troyak in Kazakhstan have given her -- and me -- hope.
"I'm personally frustrated -- we should have acted on this two years ago," she says. "Politicians ignored it -- they assumed we were crying wolf. But at least there's more action-oriented awareness now. It's not just those of us down in the trenches screaming, 'Hey!'"
— Deborah Gage is an award-winning journalist who has covered business and technology from Silicon Valley for 15 years.
IQ Crew
Thursday April 22, 2010 8:35:03 PM
No I totally agree with you everything is in place it just needs to be impamented. The security levals have to be montored by someone, Shat my suggetion is, and its just my suggestion. Just build an application to automate the process.
Rank: Cyborg
Thursday April 22, 2010 2:26:44 PM
one thing I would not put any stock in at all is the NY Times.
at CanSecWest hackers failed to take down Chrome -- this year - or last. that is because Chrome properly runs the web-program in restricted mode
Remember: there is no such thing as a web "page". what you think of as a page is a program composed of java, flash, codec, silverlight, worms, adware, virus codes, xss, sql-injection, trojans, drug dealers, moles, insurance agents, gun runners, politicians, rogue av software offers, lawyers, crisis scams, ad men, bootleggers, con men, bankers, agents of the Russian Business Network, derivitive-traders. i could go on but you get the point
Rank: Cyborg
Thursday April 22, 2010 2:03:20 PM
I wouldn't take TOO much stock or have TOO much faith in a Google OS: http://www.nytimes.com/2010/04/20/technology/20google.html , although, it will be very interesting to see what they come up with (Chrome OS); and any competition they can bring to the ring (RINGS, get it? Ha ha) against MSFT can only be a good thing and benefit the computing customer.
Rank: Cyborg
Thursday April 22, 2010 6:50:51 AM
it's not so much that we need to come up with a solution; the tools already exist
the trouble in getting security is to convince the O/S builders they must put security first*
remember this paragraph?
While it was an early design goal of Windows Vista to use elevations with the secure desktop, Windows Integrity Mechanism, and UIPI to create an impermeable barrier—called a security boundary—between software running with standard user rights and administrative rights, two reasons prevented that goal from being achieved, and it was subsequently dropped: usability and application compatibility.
Read Original article in Technet
Computers should be sold in a locked and secure condition. If the customer wants to un-lock his computer and run "Brand X" on it -- that's OK -- but that must be the customer's choice and he should be advised of the risk
there has also been some discussion of revoking his certification if he does that meaning he would no longer have network access.
~~
*there are two possibilities
- free markert competition. when the Chrome O/S hits I think we will see secure Netbooks available. My friend Greg just went through a nasty virus issue; you would not be able to get him to look at an un-secure computer under any circumstances.
- government regulations. I think this approach will be needed to get any attention from MSFT. I'm not a fan of government regulations; they have trouble getting anything right.
IQ Crew
Wednesday April 21, 2010 8:36:19 PM
I agree with you totally, The cost should not be a dertermining factor. It should just be done. we have come a long way and those doors that remain open for the hackers to get in should be closed by policy. Weather it be Corperate Policy of Internet Policy We know how they get in. And should shut them out Period. I am actually attending a class on internet Security.
For the sake of progression. Technogogy Progression lets come up with a plasable soluion.
Rank: Cyborg
Wednesday April 21, 2010 7:23:01 AM
one of the errors we make is in viewing the hackers as the problem
the hackers are out there, that is true. it is also true that they always will be out there and that they will always take advantage of any weakness in security. they observe only one rule: "Because I can"
the software industry acts as their enabler, refusing to lock the doors "in the interest of convenience, compatibility, and ease of use"*1
and we all suffer the consequences of their foolishness
~~
the tools i have described in this thread:
- execute applications in the sanbox
- authenticate software updates with digital signatures
- provide software auditing tool*2
-- are all within our reach. all we need is a GSKIA.
*1 concept should be quarantined in the XP/Emulator.
*2 I think it entirely appropriate for firms now offering AV products to begin to offer these audit/repair tools. as security improves the AV tools will no longer be needed but the software audit and repair will always be an essential part of Best Practice Security
IQ Crew
Tuesday April 20, 2010 6:25:20 PM
Not only is it costly but it is frustrating for the IT prfessionals and teh end user as well. SOmeone should design a program that will address this and will end up a rich person.
Rank: Cyborg
Tuesday April 20, 2010 2:50:45 PM
when you combine key defense elements you may have a pretty good result
One element is insisting on signatures and a deliberate procedure for receiving, reviewing and applying software updates -- as described in my previous post.
The second key element is User Account Control, or UAC. Privilege escallation must not be allowed*. An application program of un-known composition (such as a web page ) must run in a "Sandbox" (as in Chrome ) or in "Problem State" (RACF) or "RING3" ( x86 chips ) . This prevents the unknown program from updating anything without your permission (update permission was discussed in element one).
Finally: Audit. we need an audit program on a read-only bootable CD that can be used to inventory the software on a system and audit same to be sure that all programs that are supposed to be there are there and that their CRCs check with OEM specifications and -- nothing un-expected is found.
MALWARE AFFECTS EVERYONE
stop and think: Jart's estimates aside: how much time and money is being used preventing/cleaning up malware and the effects of malware?
it's a lot more than any direct losses.
~~
*we need that "impermeable" barrier between application programs and the system software that was described by Microsoft as an original objective for UAC in Vista.
IQ Crew
Tuesday April 20, 2010 12:47:09 PM
You are absolututly correct. Malware affects everyone and corperations as a whole. When On a network you will either have to rebuild if it gets to deep in to the registry. just to have a clean image. SOme even just allow window to create a new profile. But thats just aband aid fix. There is software out here that claim to completely wipe out any Malware. But teh registry is a tricky Demon. And it runs deep. So yes using the mentioned zip formula would save a lot of time, effort and frustration.
Thinkernetter
Tuesday April 20, 2010 12:43:37 PM
I like your solution, Mike. Yes, it would involve a few extra steps, but they are simple ones that would truly reduce the risk of malware. You've sold me.
DHagar
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose. |
|
|
|
previous posts from Deborah Gage
More and more, our lives are controlled by computers in ways we rarely notice. Software doesn’t just run our PCs any more -- it powers our cars, our appliances, our toys, our medical devices, the Internet itself... yet accidents continue to happen. Toyota’s recall of its Prius hybrid this month for faulty brakes was due to a software problem.
IETV: the thinkerNet on film
Brian Baron
How Edmunds.com Collects Customer Information
3|18|13 | 1:15 | No comments
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
an IBM information resource
sponsored content
big blue blog
It's been 17 years since I've visited the city of Dublin, but I still have some very distinct impressions from my one and only visit.
an IBM information resource
sponsored content
Expert Integrated Systems: Changing the Experience & Economics of IT
In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator.
READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE!
REGISTER HERE
Wanted! Site Moderators
Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
Please email: moderators@internetevolution.com
|
Email This
