Quick survey of recent cyber news . . .
***
On 1/11, Ellen Nakahsima reported for The Washington Post that “[m]ajor U.S. banks have turned to the National Security Agency for help protecting their computer systems after a barrage of” DDOS attacks. Nakashima noted the balance between protecting U.S. businesses against the “unprecedented assault against the financial sector” and protecting privacy by keeping the NSA out of domestic networks. Interestingly, the article described how these DDOS attacks have a silver lining in that there is impetus for further public-private collaboration on cybersecurity.
Along similar lines, Gerry Smith reports for The Huffington Post on how banks are hiring companies specializing in DDOS defense. Notably, companies like Neustar, Prolexic, and Akamai help banks suffering DDOS attacks by offering “traffic scrubbers,” or a web traffic diversion that shifts the onslaught of DDOS web traffic to those companies’ servers.
Mathew J. Schwartz, for InformationWeekSecurity, covers a group of cybersecurity pros who question whether Iran is behind the DDOS attacks on the banks. US officials have pointed the finger at Iran, as noted in this recent NYT article. However, Schwartz quotes Carl Herberger (VP of security solutions at Radware):
. . . we’ve seen no irrefutable evidence that it’s a single nation state or single actor that’s participating in the attacks[.] There’s nothing we’ve seen that can’t be perpetrated by a small amount of knowledgeable individuals, whether they be associated with a nation state or otherwise.
***
blackhat Europe 2013 is putting together an interesting hackback/active defense/ offensive countermeasures workshop from March 12-13th in Amsterdam. From the website:
One of the big questions we get is why Offensive Countermeasures are so important. Well, to be honest, you will need it someday. The current threat landscape is shifting. We need to develop new strategies to defend ourselves. Even more importantly, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately, others may take you a while to implement. Either way, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers, attribute who is attacking you and, finally, attack the attackers.
More to the point, the old strategies of security have failed us and will continue to fail us unless we start becoming more offensive in our defensive tactics.
Looks interesting, if a bit pricey.
***
Henry Kenyon, for AolDefense, on how DARPA is looking to harden the cloud. Kenyon notes that when you “put that many eggs in one basket, you’d better guard it well,” and that’s the idea behind DARPA’s Mission-oriented Resilient Clouds (MRC). The idea is to use the cloud’s connectivity (previously a vulnerability) into an asset by quickly sharing information and diverting resources. The article goes into much further depth . . . an interesting read.
***
France will be joining NATO’s Cooperative Cyber Defence Centre of Excellence in 2013.
***
ZDNet’s John Fontana gives us an NSTIC update: apparently the next pilot program will kick off “sometime before Feb. 5.” News about NSTIC has been slow, but the pilot keeps chugging a long, and the USPS recently signed on.
***
BBC News reports that “the US government has told thousands of companies to beef up protection of computers which oversee power plants and other utilities.” This after a survey discovered more than 500,000 potential targets online via a simple Shodan search.
The SmartGridSecurityBlog noted a similar vulnerability in the Netherlands; apparently Dutch critical infrastructure systems “were listed on Shodan, (a database of cyber security vulnerabilites) and could be easily accessed remotely.”
Kinda humorous timing, considering the above two news stories, but here is a Heritage Foundation write up by David Inserra on why regulation is the wrong approach to cybersecurity. Mr. Inserra prefers information sharing.
Brian Zimmet & Jason Wool for the WSJ’s MarketWatch on 5 cybersecurity regulation issues for companies that “could present themselves under the new standards.” The five issues:
- Identification and protection of critical devices
- Patch management
- Configuration management
- Password management
- Recovery Plans
***
Leave a Reply