Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Recently Commented

Recursive DNS and You

In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more»

Defense Science Board: Cyber Security the Achilles' Heel of US Military Might

Robert O'Harrow of the Washington Post reporting: "Everybody knows by now that cyber security is something of an annoyance, if not a big deal... What most of us fail to appreciate is how big a deal all this really is. That's one of the subtexts of a new report from congressional researchers [PDF] that came Government Inc.'s way. Going by the dry title 'Comprehensive National Cybersecurity Initiative: Legal Authorities and Policy Considerations,' the report underscores in a compelling way the fact that the nation's cyber vulnerabilities continue to grow, and fast." more»

Cybercrime Outsourcing to Become a Key Trend in 2009

Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services. Additionally, he said, cybercrime outsourcing would become a key trend in 2009... more»

The Real Pain Caused by Russian Cyberattacks on Georgia and Estonia

The popular concept of the cyber-attacks launched by Russia against Estonia and Georgia in recent years is that an army of volunteer hackers bombarded government computers in those target countries with disabling botnet attacks. But the reality is that most of the cyber-pain suffered by Estonia, for example, was caused when the U.S. and European banking system chose intentionally to cut off Estonia from the Internet-based financial clearing networks, because the networks couldn't distinguish bona fide transactions emanating from Estonia from botnet-induced bogus transactions. more»

Top US Federal Cybersecurity Official Resigns, Criticizes NSA Takeover

Rod Beckström, the Department of Homeland Security's controversial cyber-security chief, has suddenly resigned amid allegations of power grabs and bureaucratic infighting. Beckström -- a management theorist, entrepreneur and author -- was named last year to head up the new National Cybersecurity Center, or NCSC. To some, it seemed an odd choice since Beckström isn't an expert in security... more»

Obama Wants $355 Million for the Homeland Security Department's Cybersecurity Efforts in 2010

President Barack Obama wants $355 million for the Homeland Security Department's cybersecurity efforts in fiscal 2010, according to an overview of his budget proposal. The document states that Obama wants the $355 million to support Department of HomeLand Security's National Cybersecurity Division and the department's role in the Comprehensive National Cybersecurity Initiative (CNCI). The money would be "targeted to make private- and public-sector cyber infrastructure more resilient and secure," the document states. more»

The DNSSEC Groundswell

It's been 15 long years since the standard for DNSSEC was developed and sadly adoption has been painfully low until recently, thanks to Dan Kaminsky, the infamous Internet Researcher who indentified that gaping hole in the DNS. The discovery of the fundamental flaw in DNS sparked industry wide attention! Every day, we move a little closer to widespread DNSSEC adoption, so I thought I'd take a moment and highlight some of the most notable milestones... more»

Survey: Cloud Computing 'No Hype', But Fear of Security and Control Slowing Adoption

Contrary to conventional wisdom, the vast majority of business and IT executives report that cloud computing is a viable technology option that can improve a company's bottom-line results according to a new global survey conducted by an independent market research firm. However, despite growing evidence that cloud-based systems have the potential to lower costs, the majority of companies report no plans to integrate cloud computing in the next 12 months... more»

VeriSign: .Com, .Net to Adopt DNSSEC by 2011

VeriSign has promised to deploy DNSSEC across all of its top-level domains within two years. According to reports, '.com' will most likely be the last Top-Level Domain (TLD) to adopt DNSSEC due to the size of the zone. However it is anticipated that full implementation of DNSSEC will be complete across all TLDs in about 24 months. DNSSEC has been deployed on top-level domains operated by Sweden, Puerto Rico, Bulgaria, Brazil and the Czech Republic. Two larger domains -- .org operated by the Public Interest Registry and .gov operated by the U.S. government -- are deploying DNSSEC this year. more»

C-SPAN Interview: Internet and Cybersecurity

C-SPAN interviews professor Gene Spafford from Purdue University on the topic of cybersecurity and how the current Internet is a conduit for all types of "cybercrime". He also talks about the much discussed article "A New Internet?" by John Markoff in the February 14, 2009, New York Times in which he was quoted. The piece argued for a new type of Internet that is more secure with the trade-off of users giving up more of their anonymity. Professor Spafford talks about alternative solutions and he responded to questions via telephone calls and email. more»

Black Hat DC 2009: Kaminsky Pushing for DNSSEC Adoption

Dan Kaminsky, who for years was ambivalent about securing DNS, has become an ardent supporter of DNS Security Extensions. Speaking at the Black Hat DC 2009 conference Thursday, the prominent security researcher told the audience that the lack of DNS security not only makes the Internet vulnerable, but is also crippling the scalability of important security technologies. more»

Designing Secure Networks with Cisco Technology, Part 3

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies. Each article in the series will cover a different aspect of security technologies and designs and how each can be deployed in the enterprise to provide the best security posture at the lowest possible budgetary and administrative cost. In Part 2 of this series I discussed security risks and vulnerability. In this article we begin to focus on the role Cisco network and security technologies play in ensuring the safety and security of network data. more»

Verizon Tops US ISPs for Spam Abuse, Plans Prevention and Shift to Port 587

Brian Krebs of Washington Post reporting: "Verizon.net is home to more than twice as many spam-spewing zombies as any other major Internet service provider in the United States, according to an analysis of the most recent data from anti-spam outfit Spamhaus.org. Verizon, however, says it plans to put measures in place to prevent it from being used as a home to so many spammers. ... If spammers are attracted to the company's network, it may be because Verizon still allows customers to send e-mail on Port 25, the communications channel that is traditionally used by large organizations to send e-mail." more»

Malware Authors, Distributors Increasingly Using Social Netowrks

Security experts warn the "clickjacking" attack on Twitter service last week is part of growing trend of social engineering attacks via social networks. VP of security firm RSA, Sam Curry, calls the social networking attacks "orthogonal attacks." As users have become aware of phishing attacks and other efforts to get at their personal data, hackers have turned to social networks and "brand attacks," like the recent CNN.com-spoofing Cease-Fire Trojan to spread malware that goes after the same information once installed on the victim's computer. more»

Microsoft Offers $250K Reward for the Arrest of Conficker Computer Warm Authors

Microsoft is trying to put some pressure on the criminals responsible for the worst Internet worm outbreak in years, offering a $250,000 reward for information leading to the arrest and conviction of Conficker's creators. The software vendor said it was also working with security researchers, domain name registrars and the Internet Corporation for Assigned Names and Numbers (ICANN) to try to take down the servers that have been launching the Conficker attacks. ICANN is the nonprofit corporation that oversees Internet addresses. more»