Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Recently Commented

Cyber Crime: It's All About Data (Part 2)

In this part I want to focus on the gathering of cyber crime data. Are there best practices in the world on how cyber crime data is reported to law enforcement and aggregated to show the impact of said crime? Previously the discussion focused on the fact that cyber crime = crime and on a basic cyber (crime) training for every police officer. From the reactions this received, it is clear that some people see this as a possible solution. more»

Fed's Domain Name Crackdown Meets DNS Backlash

Kelly Jackson Higgins reporting in InformationWeek: "In the wake of federal crackdowns, such as the U.S. Immigration and Customs Enforcement's (ICE) mass seizure yesterday of 82 domain names of websites illegally selling and distributing counterfeit and copyrighted items, a group is building out a new point-to-point DNS system as a way for sites to dodge future domain takeovers by the feds. ... Meanwhile, the new Dot-P2P Project says its goal is to combat DNS-level censoring with a decentralized, Bit Torrent-powered system. 'By creating a .p2p TLD that is totally decentralized and that does not rely on ICANN or any ISP's DNS service, and by having this application mimic force-encrypted bittorrent traffic, there will be a way to start combating DNS level based censoring like the new US proposals as well as those systems in use in countries around the world including China and Iran amongst others,' the Dot-P2P Project page says." more»

WikiLeaks and Stuxnet - Smart Grid Wakeup Calls

The past couple of weeks have been pretty seminal for anyone concerned about the state of Internet security and the bigger picture as to how much we could - do - and should - trust the Web. These two strange words - WikiLeaks and Stuxnet - have suddenly entered our lexicon and there is a lot to be concerned about in the world of smart grid. more»

Remembering the Good Times

The most effective early email-borne viruses didn't need botnets. They didn't change your computer settings, or steal your login credentials. And they somehow convinced regular users to help them spread. The first warnings about the Good Times virus began to appear in November of 1994, and by December the warnings were seen all over as people did what the warning said, and forwarded it to all their friends. There was another outbreak the following March... more»

The Threat from Within - US v. Fowler, SDFL 2010

The security vendor-phobe at the head of the conference bangs on the podium with his shoe declaring that "The greatest threat comes from within! (buy our product for your network's salvation)." Fear as a marketing strategy can never be underestimated. Particular when the fear is of the misunderstood. Media helps stoke the flames of fear-marketing with stories of fired or disgruntled IT staff who reportedly effectuate their revenge on former employers by bricking systems. more»

ACMA: 30,000 PC's Infected in Australia Per Day

Anti-spam and malware enforcement agency ACMA reports on this (shocking high?) figure. Keep this up and ca. 50% of the Australian population is infected within a year. I remember a presentation from Sweden only a few years ago, that there were only a little over a thousand infected pc's in Sweden. (Reactions were: that can't be correct. Too low) Do you know what the numbers are for your country and maybe more importantly what your government and/or Industry is/are doing about it? more»

DNS: The Basis for Billions

In the midst of "Cyber Monday", the day traditionally seen as one of the year's busiest days for online shopping, it is only appropriate to examine the importance DNS plays for online economies. With DNS being at the heart of Internet connectivity it is easy to understand why DNS is important to the growing health of economies whose online health in dollars and euros rest in the billions. more»

Phishing Attack: An Open Letter to the Anti-Spam and Mailbox Operator Community

I'm sure many of you are familiar with the targeted ESP phishing attack that has been ongoing for almost a year now and has led to multiple known ESP system breaches. Return Path was recently a victim of this same attack... In short, a relatively small list of our clients' email addresses was taken from us, meaning those addresses are now the targets of the phishing campaign that are intended to compromise those client systems. more»

The Changing Landscape of Online Fraud

From the Economist on the long life of spam: "The criminal businesses that rely on spam are most at risk in law-abiding bits of the real world, such as America. Just like honest businesses, they appreciate its robust networks, reliable web-hosting. But law-enforcement agencies and internet security companies are also more active in such countries and have started working closely together. When Mr Bruen presents evidence to reputable hosting companies in America that their customers are fraudsters, they unplug them. Police agencies are increasingly interested to hear from him and fellow experts about the others. That, says Mr Bruen, reflects an important point. The word “cyber” in cybercrime obscures real crimes committed in real places." more»

Outlawing Botnets

The European Commission is apparently considering the promulgation and adoption of a directive that would, at least in part, criminalize botnets. As I understand it, the premise behind adopting such a directive is that since botnets are capable of inflicting "harm" on a large scale, we need to separately criminalize them. I decided to examine the need for and utility of such legislation in this post. more»

FISMA Standards Could Have a Major Impact on the Private Sector

The public is taking an increasing interest in ensuring that IT assets of federal agencies are protected from cybersecurity attacks. FISMA is addressing this concern, in part, by initiating a standard setting process for continuous monitoring. The actions taken by NIST for the federal sector could have a very significant impact on the private sector because pending legislation would provide the federal government with the authority to mandate cybesecurity measures on the private sector. more»

Mandatory Provision of Abuse Contact Information in WHOIS

An industry professional at Abusix is the backbone behind a proposal to improve and create better mitigation of abuse across different global internet networks. Basically, this introduces a mandatory "abuse contact" field for objects in global Whois databases. This provides a more efficient way for abuse reports to reach the correct network contact. Personally - as a Postmaster for a leading, white-label ISP, I applaud this with great happiness for multiple reasons. I also feel people who handle abuse desks, anti-abuse roles, etc. should closely follow this. more»

Average Daily Malware at All Time High, Spam Lowest Since 2008

McAfee, Inc. today unveiled its McAfee Threats Report: Third Quarter 2010, which uncovered that average daily malware growth has reached its highest levels, with an average of 60,000 new pieces of malware identified per day, almost quadrupling since 2007. At the same time, spam levels decreased in volume this quarter, both globally and in local geographies. Spam hit a two year low this quarter while malware continued to soar. More than 14 million unique pieces of malware were identified in 2010, one million more than Q3 2009. more»

"Capacity" - The Hidden Word?

What is so secret about the word, "Capacity"? As I read and talk with people I realize the word, "capacity" is typically missing from the DNS discussion. "Capacity" and "Security" are the two cornerstones to maximizing DNS resilience; both of which are typically missing from the DNS discussion. Have you seen a single DNS node easily process over 863,000 queries per second? Have you seen a network routinely handle over 50Gbits/second in outbound traffic alone without breaking a sweat? more»

Dan Kaminsky Releases Phreebird for Easy DNSSEC

Today marks another key step in DNSSEC deployment. Congrats to Dan Kaminsky, chief scientist at Doxpara and one of our partners on the Practice Safe DNS campaign, on the release of his new code Phreebird. Announced today at Black Hat Abu Dhabi, Phreebird Suite 1.0 is a free, easy-to-use toolkit that lets organizations "test-drive" DNSSEC deployment. more»