Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, September 23, 2008

For US Enterprises, Computer Crime Starts at Home

According to separate research reports published yesterday, the United States is the most common source of attacks, and that trend could continue as attackers find ways to exploit networks here at home.  This year alone, some 20.6 million attempted attacks have originated from computers within the U.S., the company says.  China ran second, with 7.7 million attempted attacks emanating from computers within its borders.  Brazil was third with about 166,987 attempted attacks.

“These findings illustrate the ineffectiveness of simply blocking incoming communications from foreign IP addresses as a way to defend your organization from cyber attacks,” SecureWorks says.

Many of the Georgian IT staff members thought that by blocking Russian IP addresses, they would be able to protect their networks.  However, many of the Russian attacks were actually launched from IP addresses in Turkey and the United States, and Georgian systems ended up being hit hard.

In a separate report by the SANS Institute, researcher Maarten Van Hoorenbeeck wrote yesterday that stolen data is increasingly being stored on networks in the U.S. and Europe.

“Certain hosts started tunneling data to the network of an Indiana based provider of anonymity services, SecureIX,” Van Hoorenbeeck writes.  Such anonymization services are not entirely safe for attackers, Van Hoorenbeeck says.

Posted on 09/23