admini – Page 78 – CyberSecurity Institute

U.S. Air Force cadets win cyber war game with NSA hackers

Posted on April 20, 2013December 30, 2021 by admini

The annual Cyber Defense Exercise (CDX), now in its 13th year, gives students real world practice in fighting off a increasing barrage of cyber attacks aimed at U.S. computer networks by China, Russia and Iran, among others. It also allows the NSA’s top cyber experts and others from military reserves, National Guard units and other agencies hone their offensive skills at a time when the Pentagon is trying to pump up its arsenal of cyber weapons.

While the students sleep or catch up on other work, some of the NSA’s “Red cell” attackers use viruses, so-called “Trojan horses” and other malicious software to corrupt student-built networks or steal data – in this case, long sets of numbers dreamt up by the officials coordinating the exercise.

Army General Keith Alexander, who heads both the Pentagon’s Cyber Command and the NSA, stopped by to see the “red cell” hackers in action at a Lockheed Martin Corp facility near NSA headquarters on Thursday, said spokeswoman Vanee Vines. Alexander often speaks about the need to get more young people engaged in cybersecurity given the exponential growth in the number and intensity of attacks on U.S. networks.

The Pentagon’s budget for cyber operations rose sharply in the fiscal 2014 request sent to Congress, reflecting heightened concerns about an estimated $400 billion in intellectual property stolen from U.S. computer networks in recent years.

“The real payoff of this program is going to be seen 10, 15 years down the road when these individuals are admirals and generals,” he said.

Link: http://uk.reuters.com/article/2013/04/20/us-usa-cyber-academies-idUKBRE93J00T20130420

A GUIDE TO INCIDENT PLANNING AND LEADERSHIP

Posted on April 19, 2013December 30, 2021 by admini

For this reason, it is helpful to consider your role as a crisis manager in the face of a real event, such as the sudden, widespread internet interruption recently experienced across the island of Taiwan.

Though the blaze was contained quickly, this localized event caused a major national disruption. 80 percent of Internet services across Taiwan were impacted by what the Taipei Times indicates may have been the worst interruption for Taiwanese Internet users since the 921 earthquake of 1999.

Several lessons can be learned from this event about successful crisis leadership, not the least of which is that as a crisis manager, you always need to be ready for new categories of emergency. In a global economy where business operations are increasingly supported by cloud-based infrastructure, a small fire at one data center was able to impact the Internet services of most of a nation of over twenty-three million.

As a crisis manager, both before and during the event, you must consider the questions this emergency raises: What is the impact for your organization of a widespread Internet outage?

Ensuring that your IT framework and communications lines are sustainable is a key part of your role as crisis manager, and will enable you to operationalize your business continuity plans seamlessly if an event does occur?

It is also important that while planning a business continuity strategy, you establish an overarching vision of your crisis management that can be expressed in the details of your plan.

Prepare checklists of immediate action items for each type of event, and when doing so, look to a business continuity planning software platform that will allow you to streamline and automate these responses.

If testing reveals, for instance, that an emergency at one of your locations, such as a data center complex, or a network operations center, can bring your entire operation to a halt, you will have time to rethink your plans.

Even if you are executing your business continuity plan and your secondary data center is up and running, you need to know the questions to ask, both to make sure the plan runs smoothly, and to ensure you have a complete understanding of the situation.

It is likely that your initial information will be skewed or false in some way, so be prepared to revise your response one or two times in the initial moments of an emergency.

By writing during a crisis and logging all your actions, you will not only increase your clarity, focus, and decision making skills, but you will also have a record of your actions on hand for review after the incident is resolved.

Link: http://www.continuitycentral.com/feature1065.html

Java 7 Update 21 to fix bugs, change applet warning messages

Posted on April 17, 2013December 30, 2021 by admini

“The Java 7u21 release introduces changes to security messages related to running Java applets and applications,” Oracle said in a technical document that explains the changes.

In cases where the risk of an attack is lower, like when the applet is digitally signed with a CA-issued certificate, the messages displayed to users will be minimal and there will be an option to automatically trust applications from the same vendors in the future.

The company has published an overview of all use cases of signed and unsigned applets with example of how the warning dialogs will look in each case.

This new release is the result of Oracle’s plan to accelerate its patching cycle for Java and will coincide with the release of security updates for other Oracle applications and middleware products that used to be updated separately.

Link: http://www.computerworld.com/s/article/9238423/Java_7_Update_21_to_fix_bugs_change_applet_warning_messages?source=CTWNLE_nlt_pm_2013-04-16

Microsoft Says Worm Infections Declining, but Web Attacks Rising

Posted on April 17, 2013December 30, 2021 by admini

Conficker, a worm that started spreading among enterprise desktop systems in 2008, continues to wriggle through corporate networks. But the total number of infected systems shrank during 2012, according to the latest Security Intelligence Report released by Microsoft on April 17.

“In the last quarter of 2012, a person in the enterprise was more likely to encounter attacks through the Web than any of the network worms,” Holly Stewart, senior program manager with the Microsoft Malware Protection Center, told eWEEK.

Link: http://www.eweek.com/security/microsoft-says-worm-infections-declining-but-web-attacks-rising/

Symantec: Industrial espionage on the rise, SMBs a target

Posted on April 17, 2013December 30, 2021 by admini

Simply put, a “watering hole” attack uses a trusted website as a base to divert visitors to an unsafe, malicious website, where malware can then take advantage of vulnerabilities within a PC system to steal data.

The report suggests that industrial espionage is on the rise, and manufacturing is now the most attractive target for those looking to steal valuable data, accounting for 24 percent of targeted attacks.

As social media spam rises, traditional spam has declined slightly from 75 percent of all email sent in 2011 to 69 percent last year — although 30 billion are still sent every day.

“This year’s ISTR shows that cybercriminals aren’t slowing down, and they continue to devise new ways to steal information from organizations of all sizes,” said Stephen Trilling, chief technology officer of Symantec.

Link: http://www.zdnet.com/symantec-industrial-espionage-on-the-rise-smbs-a-target-7000014061/

Cloud-based security services still in high demand

Posted on April 15, 2013December 30, 2021 by admini

The services are also driving changes in the market landscape, particularly around a number of key security technology areas, such as secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM).

“Demand remains high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly,” said Eric Ahlm, research director at Gartner. “This shift in buying behavior from the more traditional on-premises equipment toward cloud-based delivery models offers good opportunities for technology and service providers with cloud delivery capabilities, but those without such capabilities need to act quickly to adapt to this competitive threat.”

Security buyers from the U.S. and Europe, representing a cross section of industries and company sizes, stated that they plan to increase the consumption of several common cloud services during the next 12 months.

Gartner believes regulatory compliance measures to comply with the Payment Card Industry Data Security Standard (PCI DSS), for example, are driving much of the growth of interest in tokenization as a service.

Much of the interest is attributed to regulatory compliance concerns and security buyers’ need to reduce costs in the area of log management, compliance reporting and security event monitoring. However, many customers in the enterprise segment will remain cautious about sending sensitive log information to cloud services, and this will continue to be an important aspect for security-as-a-service providers to address.

“The customer demand for a brokerage becomes apparent as organizations move more assets to the cloud and require multiple security services to span multiple clouds and/or mixtures of clouds and on-premises.”

Gartner is advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment.

Link: http://www.net-security.org/secworld.php?id=14748