Experts: Countries make dangerous cyber adversaries
And a not so decent write-up or our BlackHat Federal presentation. A few misconceptions that don't track with the point we were trying to get across. However, this quote says a lot about the problem space. I hope that this attracts some attention and gets Tom Parker some support for the models he is working on.
“The inability to characterize is a vulnerability, and the ability to characterize is a deterrent,” because if you can characterize a threat, you can attribute it to an attacker, Devost said.
Know your enemy
A decent write-up from my BlackHat presentation.
“Obviously, nation-states have greater capacity to finance attacks,” Devost said. “We need to ask ourselves, ‘Who are the threats,’ because they all look the same in the exploit.”
Effective risk management requires greater granularity in identifying our attackers, their motives and their capabilities, Devost said.
Black Hat Federal
I'll be speaking at Black Hat Federal on January 23-26, 2006. If you are going to be in town for the event, let me know. Conference site.
It is going to be a bad week for Windows security
The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.
FT.com / By industry / IT - Windows PCs face ‘huge’ virus threat
Countering the anti-spam Extremists
Richard M. Scoville, editor of a site called the Free Speech Store, is suing the operators of the Abusive Hosts Block List (AHBL) for $3.525 million.
On December 17, Scoville got a Texas county court to issue a temporary restraining order, forcing the AHBL to remove his site's IP address (71.40.8.100 - Road Runner Commercial) from its anti-spam blocklist until the case is litigated. Spam Kings Blog: Site claims $3.5M damages from spam blacklist
I am glad someone has the time to do this, even if it isn't the strongest case. At TRC we had a similar incident at TRC last year where we got listed in a blacklist and it had a significant impact on business operations. Our "spam" crime that got us listed was being on the same subnet as a suspected spammer! Nevermind that we had operated on the same static IP for years and that there were zero complaints against our IP, we were still listed. When we contacted them for removal they were abrasive and uncooperative and at one point told us to move to a new hosting facility to solve the problem. We were at a major hosting facility as it was and that was an unreasonable recommendation. I'd like to see more of these blacklisters get sued when they are lazy in their implementation or are unresponsive to false positives.
First post with WordPress
I am now using WordPress to post this entry. Thanks again to Eric for the help in setting this up.
Update: You may notice a few issues, missing images, etc. as the site migrates over and I cancel TypePad.
Even bigger changes...
I decided to become a Typepad customer after hearing about it from Joi Ito. At the time I was running Moveable Type on a server that I own and wanted a highly reliable, user friendly alternative and I was willing to pay for it. I moved my personal blog to Typepad and also established a blog for a graduate level course I teach at Georgetown. All was good....until Typepad started falling apart at the seams. First it was sluggish performance, which indicated to me that they didn't have the processing power to back up their installed customer-base. Then it was mismanagement of upgrades that took all my blogs down for extended periods. There is a certain amount I am willing to attribute to growing pains, but they've exceeded my threshold of tolerance.
So, watch for even bigger changes as Eric helps me get WordPress up and running on my own server again and the Georgetown course blog moves to a wiki.
Time for a change...
While I love Typepad, I've found that having my primary URL be a blogging site to be a bit of a hassle. Within the next two weeks, I will be moving www.devost.net to a primary server that I own and then use blog.devost.net as a link to this content. In addition, we'll be starting a family blog that is separate from this site for hosting photos, etc. Please bear with me during the transition phase and keep an eye on this site and www.devost.net for some big changes. Thanks!
Whoa....
Watching CNBC coverage of Senate hearings this afternoon, I heard Senator Bennett say the following:
"If I were someone who wished this country ill, I would be more anxious to find a way to hack into the computer system and shut down the Fedwire, than I would to try to find a way to get a suitcase nuclear device into lower Manhattan, because the damage to the economy of shutting down the Fedwire would be greater than the damage by a nuclear explosion from a suitcase bomb virtually anywhere, whether it was lower Manhattan or Pennsylvania Avenue or whatever it might be.
I hope in your stewardship as the chairman of the Fed you pay attention to cyberterrorism and the vulnerability that we have to those who might break in, hack in."
This is an interesting comment, and it is great to see Senator Bennett give such importance to the issue. However, I'll have to say that I don't agree with the fundamental premise of a cyberattack being more damaging than a nuclear attack in NYC. I expect with a nuclear attack that the FEDWIRE would shut down anyway and the impact from a personnel and confidence perspective from a nuclear attack would be catastrophic.
Thank you Mr. Baker
"It's very important to remember that it's your intellectual property --
it's not your computer. And in the pursuit of protection of
intellectual property, it's important not to defeat or undermine the
security measures that people need to adopt in these days"
Full Story