Comments
How Cybersecurity Analytics Are Evolving
View Comments: Newest First | Oldest First | Threaded View
Page 1 / 4   >   >>
Re: Shadowbrokers' latest gift
  • 5/16/2017 8:36:09 AM
NO RATINGS

Not to get too far off topic, I have come to trust Snowden less and less, ever since we've come to see wiki links and perhaps snowden himself as a pawn of the Russia forces of cyber war. Why I don't condone the NSA for created weapons of mass spying, certainly blame is due to the parties that unleashed them upon the world for rogue actors and malevolent states like NK to use them.

Re: Shadowbrokers' latest gift
  • 5/15/2017 5:49:59 PM
NO RATINGS

..

Michelle writes

The follow up coverage of the leak has been a bit scary. I believe variants of the found cache have been detected on various machines. 

And how! This has evolved into the so-called WannaCry ransomware virus, now wreaking havoc among hundreds of thousands of systems in over 150 countries.

As most on A2 already know, major facilities and institutions such as Britain's National Health Service and Spain's Telefonica have been seriously harmed.

Three days ago in a Twitter post Edward Snowden criticized the NSA for creating the malware:

Despite warnings, @NSAGov built dangerous attack tools that could target Western software. Today we see the cost

Snowden also linked a New York Times article that provided more details about the apparent NSA source:

https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html

Re: Shadowbrokers' latest gift
  • 4/30/2017 8:03:14 PM
NO RATINGS

The follow up coverage of the leak has been a bit scary. I believe variants of the found cache have been detected on various machines. I believe Semantec researchers have recently discovered these.

Shadowbrokers' latest gift
  • 4/15/2017 12:05:06 PM
NO RATINGS

..

Latest news on the Internet cyberscurity front seems to involve malware created by the NSA and leaked by a shadowy group calling itself The Shadowbrokers.

This is reported in an online article by The Intercept:


The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.


 

This is reminiscent of Stuxnet, another malicious software weapon apparently devised by the CIA to attack Iran's nuclear program. Stuxnet also got into general worldwide circulation and became an aid to hackers in developing more sophisticated hacking tools.

In the case of the current malware leak, the article warns that "Affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches."

The implications are stated by security researcher and hacker Matthew Hickey: "This is as big as it gets ... Nation-state attack tools are now in the hands of anyone who cares to download them...it's literally a cyberweapon for hacking into computers...people will be using these attacks for years to come."

..

Cybersecurity needs to evolve, and fast
  • 3/10/2017 2:45:24 PM
NO RATINGS

..

In this discussion of cybersecurity, it would seem remiss to ignore the recent breaches of the formidable UBM/SAS anti-spam defenses resulting in spam postings here on A2. In at least one recent breach, spam content including live hyperlinks have been posted – overcoming what I'd presume is some pretty daunting security knowhow. 

These merry developments would seem to corroborate the points made by me and others that there's a continuous "arms race" between the cybersecurity forces and those who are seeking to penetrate their defenses.

..

Re: Automation
  • 3/6/2017 2:45:33 PM
NO RATINGS

And then as noted attackers are now routinely  "automating attacks to constantly search for vulnerabilities," so it could be a 24/7 awareness that's needed to be on guard along with the other dangers that are evolving fast.

Re: What People Say Sometimes Scares Me
  • 3/3/2017 11:55:35 AM
NO RATINGS

5. "If this network could be breached, it would have been breached by now."

6. "It's okay, our cloud provider said so."

7. "Can't we just encrypt everything and be done with it?"

8. "Why do we need to use the VPN again?"

Re: Automation
  • 3/3/2017 11:50:46 AM
NO RATINGS

I'm not so sure, Impactnow... seems like there's something very broken with the current security management model that is highly defensive and reactive in nature. Security hardware and software that's invulnerable to hacking or malware infection looks like a better place to focus attention and practical research.

Re: Automation
  • 3/3/2017 11:47:42 AM
NO RATINGS

I applaud the offensive nature of what you're suggesting, Seth. But my beleif is that aggressive offensive moves will turn the Internet and most data centers into mayhem and maybe even war zones. Between the cloud's ability to scale and the resources that the darknet can bring to bear on innocent targets, these kinds of attack-the-attacker scenarios will have plenty of unintended consequences.

Re: What People Say Sometimes Scares Me
  • 3/3/2017 11:42:28 AM
NO RATINGS

That's a good pooint about using "security" as a catch-all phrase. There are lots of different disciplines and skill sets under the broad banner. That being said, it is surprising that there hasn't been more application of analytics tools to these various skills or security functions, most of which are data driven.

Page 1 / 4   >   >>


INFORMATION RESOURCES
ANALYTICS IN ACTION
CARTERTOONS
VIEW ALL +
QUICK POLL
VIEW ALL +