Glamour At InfoSec 2009

InfoSec started today and that can mean only one thing… our Marketing Director, Sara, gets to dress up and provide a little glamour for the Symantec stand.

infosec2009-1

As for the show… well there are a lot of companies there, lots of old friends and customers. The content of the sessions seems to have been both entertaining as well as informative… let’s see what tomorrow brings… (apart from my session in the Business Theatre – which is not to be missed!)

April 28, 2009 | Filed Under Speaking, announcements, security | Leave a Comment 

Jumping On The Bandwagon

Swine fever hits the world and the spammers and phishers are taking advantage of peoples’ fear around the situation. At this point the scam seems to solely be after confirming email addresses and gathering other simple information – this is probably part of a multi-stage attack. So, if you receive a request to click on a link and fill out information – don’t.

Current ‘headlines’ for the phishers are being culled from news agencies around the globe and include the following:

  • Mexico on edge as reports of swine flu cases climb    
  • British Airways cabin-crew member has “flu-like” symptoms: officials    
  • UK monitoring swine flu outbreak
  • UK probes ‘17 swine flu reports’
  • Global panic as swine flu spreads to Europe
  • US declares emergency as Mexico flu death toll rises
  • Probable Mexico swine flu death toll – 103: minister
  • Swine flu case confirmed in Spain
  • Are you worried about flu outbreak\?
  • World moves to contain flu spread
  • U.S. tries to get a handle on flu outbreak
  • World ‘well prepared’ for virus
  • World flu epidemic fear rises, Mexicans take refuge
  • Twenty swine flu cases confirmed in U.S.
  • Mexico flu sparks worldwide fear
  • Suspected Mexico flu toll hits 81
  • Mexico flu ‘a potential pandemic’
  • 81 feared dead from swine flu in Mexico
  • Swine flu epidemic fear grows, world on alert
  • U.S. acts swiftly to contain swine flu outbreak
  • Family alert to swine flu illness

Rapid reaction by cyber-criminals to world events is not unusual, what is this time is that the scam can run across the globe as the story is being run by every news agency rather than just one or two regions.

April 28, 2009 | Filed Under Phishing, Spam | Leave a Comment 

David Blunkett At InfoSec

Infosec starts tomorrow and David Blunkett will be giving the opening keynote - the emphasis is going to be on cyber-attacks and the London Olympics.

In the article he says that there is a “woeful lack of awareness” and would like everybody to work together to combat the potential attacks. There is definitely a lack of awareness, but we all need to be involved not just governments and security professionals. It would be great to see a government backed education program to build on what they have already to increase people’s understanding of the risks. We need to start with the ’small stuff’ such as why bots are bad and to to protect information (be it individuals or customers or citizens). Using the Olympics as a headline to catch the attention of the public is great – and if people help by becoming more cyber-security savvy then this is great. OK, so it’s not just about the small stuff, but it’s a start – fewer bots, better understanding of phishing, less people falling for scams. As for the larger stuff, well, that’s where the security professionals and government can work together to watch for threats and mitigate against them.

I look forward to hearing his talk tomorrow.

April 27, 2009 | Filed Under security | Leave a Comment 

One, Zero, One, One, Zero…

So your machine is locked down, no USB access, DLP you have them all, printing and FAXing disabled, full disk encryption… is there any way to get the data off? Well, the answer is yes… just when you thought you had all the possible leaks possible someone comes up with a new means to transfer data… sound. OK, so sound has been used forever to transfer data, modems and all that – but this is slightly different, you just have to have speakers and and a microphone to make it happen. A little bit fiddly and I wouldn’t like to have to transfer a lot of information like this, but hey, it works.

What does this mean for IT security… it means that there is another hole that needs to be plugged if you want to keep ultra-sensitive data under your control and not floating around the network. Disabling the audio or preventing the transfer program from running, or full blown eDRM are possibilities to prevent this potential data leak from happening.

April 27, 2009 | Filed Under data-loss, security | 1 Comment 

1,900,000 Bots In A Network…

Some research has highlighted an enormous bot network of nearly 2 million machines. Couple that with the finding that one bot can create 600,000 spam messages a day and that gives you the potential for an enormous amount of junk to be zipping around the Internet. This number greater than we saw in the latest Internet Security Threat Report (published earlier this month), where we saw a peak of just over 100,000 machines available on a single day, but with more than 4 million unique systems being compromised in 2008. However, it is possible and if those machines infected with the Conficker / Downadup were ever to be turned into a bot network then that would become even bigger than this!

One of the things the research does highlight is that anti-malware definitions are kept up to date otherwise systems can become infected all too easily. How often should this happen… well as often as the application allows. Switching it to only update once a week will put you at risk. Symantec issued 1.6 million new malware signatures last year… on average that’s more than 30,000 a week… so if you are not up-to-date then you are asking for trouble.

April 24, 2009 | Filed Under security | Leave a Comment 

600,000 A Day…

In the latest Internet Security Threat Report published earlier this month, we saw that bots increased 31% in 2008 (and it was 47% increase in EMEA). There is now a new report that shows a top end system can crank out 600,000 spam emails a day when it has been turned into a bot!

How much does it cost to rent a bot… well, we have seen the price on the underground economy drop to a measly $0.04 per bot per day… and there were nearly 5 million unique bots available in 2008, with an average of more than 70,000 available per day! Bots are now responsible for around 90% of spam…

What does a cyber-criminal want… well two things, firstly information that they can use or sell to make money and secondly a fast machine with a good internet connection. They need the latter to rent out to to run spam, phishing and denial of service attacks and scams. So keep your PC under lock and key (from a security perspective) otherwise you could be contributing to the problem spam as well as helping to line the cyber-criminals’ pockets.

April 24, 2009 | Filed Under Phishing, Spam, cyber-crime, security | 1 Comment 

InfoSec 2009

Next week is InfoSec in London and this year it’s move to Earls Court. It’s always a good event with lots of new ideas and the usual meeting up with old friends and colleagues. My main talk this year is on Cloud Security, on the 29th April, and I will be previewing my presentation on the Symantec Stand along with a talk on compliance on both the 28th and the 29th.

See you there.

infosec-europe-2009

April 23, 2009 | Filed Under Cloud computing, Compliance, Speaking, announcements, security | Leave a Comment 

Your Money Or Your Computer…

I’ve written before on the re-emergence of Ransomware and how dangerous it can be. Well, there’s a couple of new variants which are appearing – however, if you do happen to become infected, our chaps in Symantec Research Labs have figured out the code you need to enter to unlock your machine. The solution is not for the faint of heart but it works… of course, the best thing is not to get infected in the first place…

April 17, 2009 | Filed Under security | Leave a Comment 

Bringing Clarity To The Cloud

The Jericho Forum(part of he Open Group) launched their latest initiative yesterday which is now focusing activities on establishing best practices to meet the challenges of collaborating securely in the cloud. The first part of this is the release of a paper detailing the cloud cube model. In essence this defines the variety of different cloud computing models that are available to companies and starts to address some of the key benefits and risks for each one.

For those just getting into cloud computing it works as a great primer on the different options available – and for those with some understanding it will bring some clarity to the subject. One of the problems with ‘the cloud’ is that it has been tough up until now to distinguish the different variations or even acknowledge that there are different cloud formations out there, and that one size does not fit all. So, are you after software (application)-as-a-service or a platform-as-a-service, are you thinking about in-house clouds or external ones, how about having proprietary or open API access? You see, the possibilities soon mount up. Of course, there is no single answer and different applications will be best suited to different cloud solutions. Understanding the differences will help you to make a good choice and reading the paper will remove some of the cloudiness around the cloud.

jericho-small

April 17, 2009 | Filed Under Cloud computing, security | 1 Comment 

Cloud Computing & SMEs

ENISA launched their survey on cloud computing and SMEs yesterday. The survey is nice and quick and will help gather information on what the perceived risks and issues are with adoption of the cloud in the small medium business. This in turn will help ENISA (yes, I am on the working group) to address those risks and to push vendors and solution providers into creating appropriate solutions.

To take part click here: http://www.surveymonkey.com/s.aspx?sm=CZdVubBa9LIzYlR3KNeZIQ_3d_3d

enisa

April 17, 2009 | Filed Under Cloud computing | Leave a Comment 

Next Page »