From Vintage to Modern Threats

Just wanted to share this short video captured of vintage fighter planes flying over the Washington Monument in D.C. on Friday, May 8.



This was in commemoration of 70th anniversary of Victory in Europe Day. 



My father (A’H) used to tell me about when he was in England during the war and the Nazi bombers would fly over and carpet bomb them in a blitzkrieg.



This happened night after night, and so adaptive as people are, they sort of got used to the bombardment, if that is possible to say. 



After a while, instead of taking safety behind closed doors at home, people returned to go to the movies and dancing at night, even while the buildings next door were still being blown up–to the right and the left of them. 



In the morning, those who survived would get up, and see what was knocked down and what still standing. 



Hard to imagine living that way!



Now with new more destructive weapons (WMD, ICBMs, EMPs, etc.), we can only imagine that the destructive aftermath of WW II would be nothing in comparison to what a round III would be like.



It is crucial that we maintain our innovativeness and military superiority and not only offensively to defeat the enemy, but defensively so that we can stop whatever is coming at us whether a dirty bomb in suitcase, an ebola-type virus in an infected person or food, a drone carrying anthrax, or malware over the network.



We have come a long way in the last 70 years technologically, but the risk and stakes have also never been higher. 😉



(Source Video: Minna Blumenthal)

Data 4 Ransom

Data 4 Ransom

The future of cybercrime will soon become the almost routine taking of your personal and corporate data as hostage. 


Once the hacker has control of it, with or without exfiltration, they will attach malware to it–like a ticking time bomb.


A simple threat will follow:


“I have your data. Either you pay for your data back unharmed OR your data will become vaporware! You have one hour to decide. If you call the authorities, you data is history.”


So how valuable is your data to you?  


– Your personal information–financial, medical, legal, sentimental things, etc.


– Your corporate information–proprietary trade secrets, customer lists, employee data, more.


How long would it take you to reconstitute if it’s destroyed?  How about if instead it’s sold and used for identity theft or to copy your “secret sauce” (i.e. competitive advantage) or maybe even to surpass you in the marketplace? 


Data is not just inert…it is alive!


Data is not just valuable…often it’s invaluable!


Exposed in our networks or the cloud, data is at risk of theft, distortion, or even ultimate destruction. 


When the time comes, how much will you pay to save your data?


(Source Comic: Andy Blumenthal)

Shining A Light On Your Privacy


Check out this special report…



~Half a billion~ downloads of the top 10 Flashlights Apps–the ones we all have on our smartphones–and guess what?



All/most are malware/spyware from China, India, and Russia that are spying on you!



Your contacts, banking information, even your location, is being intercepted by hackers abroad,



The cybersecurity experts Snoopwall (that conducted this study and are offering a free opensource “privacy flashlight”) are recommending that you don’t just uninstall these flashlight apps, because they leave behind trojans that still are functioning behind the scene and capturing your information.



So instead doing a backup of key information and then a factory reset of the smartphone is advised.



Pain in the you know what, but these flashlight apps are shining a light and compromising your personal information.



Snopes points out that the flashlight apps may be no more vulnerable to spyware than other apps you download and that perhaps the screening process from the app stores help to protect us somewhat.



When the cyber hackers decide to exploit those apps that are vulnerable, whether for political, military, or financial gain, it will likely be ugly and that flashlight or other app you use may prove much more costly than the download to get them. 😉



(Thank you Betty Monoker for sharing this.)

Safely Detonate That Malware

I like the potential of the FireEye Malware Protection System (MPS).

Unlike traditional signature-based malware protections like antivirus, firewalls, and intrusion prevention systems (IPS), FireEye is an additional security layer that uses a dynamic Multi-Vector Virtual Execution (MVX) engine to detonate even zero-day attacks from suspicious files, web pages, and email attachments.

According to Bloomberg Businessweek, Target’s implementation of FireEye detected the malware attack on Nov 30, 2013 and it alerted security officials, but allegedly “Target stood by as as 40 million credit card numbers–and 70 million addresses, phone numbers, and other pieces of personal information–gushed out of its mainframes”over two weeks!

In fact, FireEye could’ve been set to “automatically delete [the] malware as it’s detected” without human intervention, but “Target’s team apparently “turned that function off.”

FireEye works by “creating a parallel computer network on virtual machines,” and before data reaches its endpoint, they pass through FireEye’s technology. Here they are “fooled into thinking they’re in real computers,” and the files can be scanned, and attacks spotted in safe “detonation chambers.”

Target may have been way off target in the way they bungled their security breach, but using FireEye properly, it is good to know that attacks like this potentially can be thwarted in the future. 😉

[Note: this is not an endorsement of any product or vendor]

Beware of Botnets

Interesting video demonstration of how botnets work and can literally take over your computer.

In essence, your computer becomes a zombie under the command and control of the botnet sender.

Computers get infected through a trojan or worm, and then the sender has you–they control your computer and information.

Generally, they do this to send spam, steal information, or send out other malware, all under anonymity.

Once infected, the sender has complete control over your computer and can exfiltrate, delete, or change your data, turn on the keyboard lights, add a tail to your mouse, and even format your hard drive.

The malware often can even disable your firewall.

The sender can turn on a keylogger and log your keystrokes, and capture your user ids and passwords to banking and financial institutions, and draw out your money.

The video demos an example of botnets with a variant of the Zeus trojan.

Worth a watch.

Makes me wonder whether our adversaries are infecting more and more computers, until they have almost everyone–eventually a virtual army.

Then at the time of their choosing, they can conduct one big massive attack, or incremental ones, logging into peoples accounts, stealing their identities and savings, sending out misinformation, destroying data and computers en masse.

We need to be aware of what’s possible, maybe even probable.

Is your computer infected and you don’t even know it yet?

Remodulate The Shields For Cyber Security

I really like the concept for Cyber Security by Shape Security.

They have an appliance called a ShapeShifter that uses polymorphism to constantly change a website’s code in order to prevent scripted botnet attacks–even as the web pages themselves maintain their look and feel.

In essence they make the site a moving target, rather than a sitting duck.

This is like Star Trek’s modulating shield frequencies that would prevent enemies from obtaining the frequency of the shield emitters so they could then modify their weapons to bypass the shield and get in a deadly attack.

In real life, as hackers readily change their malware, attack vectors, and social engineering tactics, we need to be agile and adapt faster than the enemy to thwart them.

Changing defense tactics has also been used by agencies like Homeland Security to alter screening methods and throw potential terrorists off from a routine that could be more easily overcome.

I think the future of IT Security really lies in the shapeshifter strategy, where the enemy can’t easily penetrate our defenses, because we’re moving so fast that they can’t even find our vulnerabilities and design an effective attack before we change it and up our game again.

And hence, the evil Borg will be vanquished… 😉

Insuring Against Cyber Attacks

Insuring Against Cyber Attacks

More and more, our technology is at risk of a cyber attack.

In fact, just today the Wall Street Journal reported that Iran has hacked into the Navy’s unclassified network.

While we can fix the computers that were attacked, the damage done in terms of data exfiltration and malware infiltration is another matter.

To fix the computers, we can wipe them, swap out the drives, or actually replace the whole system.

But the security breaches still often impose lasting damage, since you can’t get the lost data or privacy information back or as they say “put the genie back in the bottle.”

Also, you aren’t always aware of hidden malware that can lie dormant, like a trojan horse, nor can you immediately contain the damage of a spreading computer virus, such as a zero-day attack.

According to Federal Times, on top of more traditional IT security precautions (firewalls, antivirus, network scanning tools, security settings, etc.), many organizations are taking out cybersecurity insurance policies.

With insurance coverage, you transfer the risk of cybersecurity penetrations to cover the costs of compromised data and provide for things like “breach notification to victims, legal costs and forensics, and investigative costs to remedy the breach.”

Unfortunately, because there is little actuarial data for calculating risks, catastrophic events such as “cyber espionage and attacks against SCADA industrial controls systems are usually not covered.

DHS has a section on their website that promotes cybersecurity insurance where they state that the Department of Commerce views cybersecurity insurance as an “effective, market-driven way of increasing cybersecurity,” because it promotes preventive measures and best practices in order to lower insurance premiums and limits company losses from an attack.

Moreover, according to the DHS Cybersecurity Insurance Workshop Readout Report (November 2012) cybersecurity insurance or risk transfer is the fourth leg of a comprehensive risk management framework that starts with risk acceptance, risk mitigation, and risk avoidance.

I really like the idea of cybersecurity insurance to help protect organizations from the impact of cybersecurity attacks and for promoting sound cybersecurity practices to begin with.

With cyber attacks, like with other catastrophes (fire, flood, accident, illness, and so on), we will never be able to fully eliminate the risks, but we can prepare ourselves by taking out insurance to help cover the costs of reconstituting and recovery.

Buying insurance for cybersecurity is not capitulating our security, but rather adding one more layer of constructive defense. 😉

(Source Photo: Andy Blumenthal)