View From The Bunker
A blog about security and availability from some of the folk at Symantec

• Home
• About
• RSS
• Get in contact

• Search

  Search for:

• Pages

  • Anyone need help with their VCR? Thought not.
  • Keep Your Data Safe Tool
  • About
  • Get in Contact
  • Books
  • Internet Security Threat Report – Podcast
  • Symantec Fast Response TV Widget
  • Contributers:
    • Darren Thomson
    • Dominic Cook
    • Gareth Fraser-King
    • Guy Bunker
    • John W. Turner

• Recent Posts

  • And the Academy Award for the most dangerous search term goes to…
  • Importance of end-to-end encryption in the retail space
  • Lock Up Your Code
  • Storage Goes Wild…
  • UK ID fraud cases jump a third as malicious insiders turn to cybercrime
  • The Butterfly effect – Mariposa
  • The RSA Conference – Cloud, devices & social changing the game?
  • Financial Data and the Mobile Generation
  • Is online security hindered by computer jargon?
  • 2010s Top 25 Most Dangerous Programming Errors…

• Tags

  backup book bot botnet business continuity Cloud CNI conficker cyber-criminal data-loss Denial of service Downadup Education email encryption fraud Get Safe Online Identity impersonation InfoSec ISTR Las Vegas legislation Malicious insider passwords Phishing policy Privacy Ransomware Reputation RSA Conference security SMB SNIA social networking Spam Speaking StorageExpo underground economy USB Vision vulnerability website whaling wireless

• Blogroll

  • Bruce Schneier’s Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Security Bloggers Network
  • Toby Stevens’ Data Trust Blog

• Multimedia

  • Symantec Guide to Scary Internet Stuff – Botnets
  • Symantec Guide to Scary Internet Stuff – Drive-by downloads
  • Symantec Guide to Scary Internet Stuff – No 5 Rogue AV
  • Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks
  • Symantec Guide to Scary Internet Stuff – No7 Pests on your PC
  • Symantec Guide to Scary Internet Stuff – No8 Losing your Data
  • Symantec Guide to Scary Internet Stuff – Phishing
  • Symantec Guide to Scary Internet Stuff – Underground Economy

• SYMC Blogs

  • Ask Marian Consumer Security Blog
  • Con Mallon’s Symantec Consumer Blog
  • Gareth’s BE Blog
  • Symantec French contributor
  • Symantec podcast channel
• 
• 

Who Are You?

The spammers have been out in force once more with the deaths of Michael Jackson and Farrah Fawcett providing the bait for unwary consumers – cyber-criminals just love celebrity gossip as a hook for phishing. Additionally, Twitter accounts have also been hacked with the Britney Spears rumours being one of the high profile ones. I even heard on the radio this morning that one of the presenters was being impersonated on Twitter (he didn’t have an account and so someone had set one up in his name and started sending derogatory Tweets)… it seems that silly season has come early this year.

I have written in the past about opening accounts on popular social networking sites in order to preserve your identity and (to some extent) your reputation. I would still recomend that you do this – if you are concerned.

In the mean time, just be wary of what you are doing on the web – especially when it comes to current news stories. If you do go in search of latest and greatest pictures or videos and it asks you to download a new codec… just say no! If it asks you to make a donation… think twice… are you sure you know who you are donating to?!?!

Guy Bunker

ENISA Cloud Computing Meeting

Today is the first day of the ENISA (European Network & Information Security Agency) face-to-face meeting on cloud computing security. There is an eclectic set of people in the room, from across Europe. One thing everyone agrees on is that the cloud is coming and security is the biggest issue.

It is interesting to hear the different perspectives – technology, legal and ‘customer’. The good news is everyone is driving towards the same outcome! The report, due out later in the year, will focus around best practices along with some case studies.

Guy Bunker

Don’t let the recession blind you to disaster

A year after the UK’s worst floods on record, it is clear that businesses, as well as consumers, cannot take potential risks such as natural disasters lightly. In the same week we have seen the Government unveil its National Security Strategy. The news agenda is all about protection and prevention. The question is, has the recession blinded organizations to disaster recovery at a time when it has never been so important? The misconception is that DR should cost the earth, an all encompassing strategy. What it should be seen as is a see-saw, as you spend on DR plans your operational efficiency should benefit. If you are smart you will not be going hell for leather on DR, you will be taking a structured approach, protecting your most crucial assets and tier the rest in order of their mission critical status. This multiple layer approach means that you are protected without breaking the bank. It does however mean you need to make sure you have asked the right questions of your business and are testing regularly!

If disaster strikes and leaves a company’s databases, application servers and web servers out of action, it means a loss of £4,300 an hour. The global results of Symantec’s fifth annual Disaster Recovery survey demonstrates that executive involvement in disaster recovery activities has more than doubled in the past year (up to 67% from 33%) which is great. According to the study, the increase in involvement by executives is likely due to the significant cost of downtime and the importance of IT to business – as proven by the increase in the percentage of applications considered mission critical and their more stringent IT service level requirements.

However, with 93% of companies having to execute on their DR plans, testing has never been such an important issue and it is here where the figures get scary. With the median cost of executing/implementing disaster recovery plans for each downtime incident worldwide standing at $500,000, it is clear that testing has to be a priority, but this year, 35% of respondents reported that they only test their DR plans once a year or less! However, with one in four tests failing, it is clear there is a dramatic need for improvement. Reasons most respondents cited for why organisations they were not testing included:

• Lack of resources in terms of people’s time (48 percent)
• Disruption to employees (44 percent)
• Budget (44 percent)
• Disruption to customers (40 percent)

 While the research identifies a significant improvement in terms of executive involvement, shorter recovery times and increased successful testing, we are troubled that some areas – including the impact of testing on customers and the backing up of virtual environments – have not improved or have even worsened. Organizations shouldn’t let DR testing cause significant downtime, especially when there are solutions available to address this.

Darren Thomson

Microsoft and free security

Recently Microsoft released a BETA of its ‘Morro’ free anti-virus product. They also announced the name for the product, hence forward, it will be called Microsoft Security Essentials.

Microsoft Security Essentials is a slightly modified and stripped down version of the OneCare product it pulled from the shelves recently.  At a time when we face more threats online and our PCs are being deluged by malware, consumers don’t need less protection – they need more.  Referring to Microsoft’s basic antivirus and antispyware product as an essential security solution could be misleading.  Consumers need firewall protection, Web protection, antispam and identity safeguards – these are among the essentials when it comes to security, and you can only get them through a full Internet security suite provided by security experts.

The reality is that shareware and freeware vendors have been in the market for 20-plus years, it’s a crowded space and Microsoft is just joining the fray.  In addition, early reviews of the beta are showing that it underperforms when compared to existing freeware products, and well below paid solutions such as Norton AntiVirus.

Con Mallon from his own consumer blog – http://itsnotacon.co.uk/

Businesses unclear on how to handle cloud computing

What was most interesting from the Security of the Future event which Symantec ran yesterday was that businesses are unclear on how to handle cloud technology. The event brought together security and privacy experts from across Europe at a roundtable discussion to debate the benefits of cloud computing to businesses worldwide, its potential global impact and resulting responsibilities and the next steps in the cloud race.

Looking at both the opportunities and challenges associated with cloud computing that were aired, it is clear that prevention and protection against cyber threats are key and there is a need to match solutions to a new and ever morphing cyber environment. However, while cloud computing is clearly the biggest buzzword this year, the panel all agreed that confusion around how to handle the technology reigns – different definitions and dueling perceptions of cloud computing are muddling expectations about its benefits.

The confusion extends to companies not understanding what data they hold, what is private or otherwise, and as a result there is concern about how to protect it. Before companies jump onto the bandwagon, it is imperative that they are familiar and comfortable with the term cloud computing – and how they can adopt and implement it in line with business objectives. The discussion also highlighted that the uncertain economic climate has two disparate effects on business leaders: businesses who realise the cost benefit of cloud computing are being spurred on, while many other leaders turn a blind eye to the potential business benefits of cloud computing. They seem to be unwilling to switch from internally owned and managed IT systems to cloud computing technologies due to fears of security threats and loss of control over company systems and data.

Another big challenge in the world of the cloud is changing business plans, according to those attending the event. As business plans change and evolve, so will companies’ cloud computing requirements. On the other hand, as cloud computing is delivered by service providers, any change in their business plans will have an impact on how the cloud is delivered and offered to businesses. It is important to note that cloud computing is a global opportunity – and therefore a global issue with global concerns and responsibility.

UK businesses should therefore recognise that issues and challenges associated with the cloud needs to be addressed from a global, and not just a UK or European, perspective. Legislation will therefore be driven from a global point of view. While it is clear we have some homework to do as far as cloud computing is concerned, there is not getting away from the fact that it is here to stay and grow. Having said this, much still needs to be invented and done before the sky will become truly cloudy.

The panel was chaired by Ilias Chantzos, Director Government Relations, Symantec and panel members included; Dr. Guy Bunker, Security Consultant; John Carr, Secretary, UK Children’s Charities’ Coalition on Internet Safety; Dave Evans, Senior Data Protection Practice Manager Information Commissioner’s Office, UK; Steve Purser, Head of Technical department, ENISA and Kimon Zorbas, Vice President, Interactive Advertising Bureau, Europe.

You can see some of the preliminary discussion which was filmed live on the new Symantec Fast Response TV hosted on this blog site.

Abigail Lovell

Who’s got your data in this digital world? Stay safe online

Data, data everywhere – or so it seems. It is tough to imagine living our lives without email and the internet, but that accessibility and flexibility comes with risk. It seems like hardly a day goes by without the media reporting a cybercriminal hacking into a database, or a company losing customer data.

Clearly businesses and governments need to take better steps to protect their customer data. But what is equally clear is that we, as individuals, need to be aware just when we are risking our personal data in our everyday lives, and we need to take steps to do our own bit to secure our data and lessen our risks.

Data collection is so all pervasive in our lives that often we don’t even know when that data is even at risk. To help educate people, we’ve developed this stay safe tool to give people simple tips on how to protect their personal information while going about their everyday lives. Please take a look and let me know what you think.

Dominic Cook

Roll on Digital Britain – as long as we all get educated to the risks

Later this week the UK Government is set to unveil the Digital Britain Report and at least according to some reports, at the heart of it will be a commitment to put broadband at the centre of British life, ensuring that by 2012 everyone in the country will have access to high-speed broadband services.

This is a tremendously exciting move and recognition of how the Internet has become part of most people’s everyday home and work experiences. How did we ever manage without email; online shopping and online banking? Next up we will likely think the same about how did we manage without online movies and television and who knows what else.

Of course there is one industry which has already exploited the huge potential of the Internet and is already actively making money out of the worldwide web – the Cybercrime Underworld. Organised crime has already seen the huge potential the web brings to bring together teams of experts to spread malware; buy and sell software exploits; and ultimately run a whole underground exchange for stolen credit cards and personal identities.

If we are to benefit from a wider rollout of broadband in Britain, it is vital this is matched by increased education and awareness of the risks of using the internet.

So while everyone will welcome the commitment to a wider broadband Britain, it is vital we all work harder to educate users about the risks of using the internet. No one in this day and age would ever leave home with their doors and windows left unlocked, and so equally we have to have the same security focus and awareness of the risks while using the internet. We’ve all got to ensure we have reliable and up-to-date security software on our computers, that we patch the operating system when new updates are issued, and that we make ourselves aware of the threats and scams out there. In effect that we lock the doors to our computers.

By doing that we can all enjoy the benefits a Digital Britain brings us.

Dominic Cook

Warehouse-Scale Computing

Google released their latest whitepaper on the future of the datacentre – and it lives in a warehouse. In a play on the famous Sun ‘the network is the computer’, the Google view is that ‘the datacentre is the computer’. For them, it makes sense, massive virtualization on thousands of computers held in warehouses across the globe – providing massive scalability and agility… but managed and used as a single entity from the customers’ perspective.

There are others capable of warehouse-scale computing, most notable Amazon and Microsoft – time will tell if there will be others, such as Yahoo or even Cisco, maybe Oracle (through Sun) and then whether customers will want to use them, or revert to their trusted VARs who will create their own small partner clouds and deliver a more personal service.

Guy Bunker

Welcome to @viewfromthebunk

Viewfromthebunker.com alerts are now available via Twitter, subscribe to @viewfromthebunk to get the latest posts.

Hackers going Back to the Future

It’s interesting to see the increasing threat of malicious software distributed and spread through removable devices. Just as hackers and malicious software writers of the late 80’s and early 90’s once used simple executable files on floppy discs to spread their wares, so too now they use the old malicious code exploits modified for use on removable USB devices to spread malware from unsuspecting user to user.

The Symantec Internet Security Threat Report showed that 65% of malicious code in EMEA is now spreading by shared executable files, up a third from the previous year. The reason?….removable media. These files are a propagation vector used by malware to copy themselves to removable media, and the popularity and increased use of USB-based media such as memory sticks has resulted in a resurgence of this historically successful method of distribution.

Back in the late 80’s and early 90’s the sharing of executable files by exchanging floppy disks was used by malicious code to spread from computer to computer. The goals of the bad guys were different back then, and mainly focused on disruption and proof of concept. However what hasn’t changed is using human nature to spread the malware: sharing files and information on removable media is easy and fast so many people did it. When electronic file transfer became popular (and better than floppy disks), the use of removable media as malware vectors dropped.

Now that USB keys are widely used, the bad guys have reclaimed the spreading technique but with a more profitable goal in mind: seeking personal information in order to make money on the Underground Economy.

The relatively large capacity of many portable USB devices may result in malicious code going largely unnoticed, whilst the autorun functionality on these devices is an attractive mechanism for attackers because it can allow malicious code to be launched without direct user interaction. Some malicious code is designed to automatically create copies of itself when removable storage devices are connected to the infected computer. When an unknowing user removes the infected device and connects it to another computer, the worm then automatically copies itself to the newly attached computer.

Some of the most common high-profile worms use this mechanism, including four of the top malicious code samples in the EMEA region: Mabezat, SillyFDC, Sality, and Gammima. These worms could, respectively, encrypt and infect files, download additional threats, remove security software or steal online gaming accounts.  

To limit the propagation of threats like these, it’s important to ensure your computer is set up to scan all such devices for viruses when they are connected to a computer, whilst disabling autorun can also deny attempted attacks. Take a moment to think twice about the innocent little memory stick you’ve been handed by a friend or colleague, or you could end up sharing a lot more than files!

Emma Jeffs

Next Page »

• Subscribe

  

  Enter your email address:

  Delivered by FeedBurner

• 
  

• 
  UK Orders
  US Orders

• 
  UK Orders
  US Orders

• Links, downloads and other resources

  Symantec UK
  Symantec Podcast Directory
  Symantec Security Response