You Have The Power, Mostly
Just when you thought it was safe to go back in the water, Russian hacking resurfaces in waters beyond the political. Sure, it was devastating when we realized that Russia had wormed its way into our electoral and democratic process, but that was apparently just the beginning of the story. (more…)
The Future of Cyber- Part Two
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has some interesting perspectives on the nature of cyber threats going forward. The concept of deterrence, for example is complicated, at least on a national or global scale. “Deterrence requires attribution supported by evidence, further supported by classified information and practices,” Zheng suggests, and governments know that for every action there is a reaction, often deploying the same technology. So global resolution of cyber threat potential seems problematic.
The Future of Cyber- Part One
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has also worked as a senate staffer on the Homeland Security Committee, in the Computer Associates software engineering process, and, most recently, on cyber moonshots at DARPA. So her perspective on cyber reflects and informs those of consumers, governments, and leading edge developers. (more…)
The Smaller They Are, The Harder They Fall
No Such Thing As A Free Lunch
It’s A Family Affair
Hacking Up Your Tex-Mex
Camp Songs For IT Professionals
It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.
The Business Side Of Cyberthreats
When Cybersecurity Is Mainstream
Hacking Ain’t What it Used to Be
Do you remember 1986? The first class was inducted into the Rock and Roll Hall of Fame, the Challenger Space Shuttle disaster rocked our world, and Top Gun was the highest grossing film of the year. That year also brought us the Computer Fraud and Abuse Act (CFAA), a law that many have suggested hasn’t kept up with the rapid pace of technological innovation. After all, ARPANET was in its infancy in 1983, and the World Wide Web wouldn’t become a consumer reality until around 1990. Protecting isolated computers is a wildly different thing from keeping networked devices secure in the IOT world. (more…)
The Imperfect Storm
There’s a storm brewing, potential chaos lurking in the wings. And I’m not talking about politics. Though, if we’re being honest, there’s a storm brewing there, too. We can argue cause and effect, but the world is changing in palpable ways, probably more rapidly than we imagine. (more…)
When The Chips Are Down
Arraigned On The Planes Of Spain
Back when Julie Andrews was in her theatrical prime, there was more than just The Sound of Music in the hills. In My Fair Lady, she repeated “the rains in Spain stay mainly on the plains” in an effort to lose her cockney accent. One could argue that Eliza Doolittle was trying to escape her past and enjoy the liberty associated with a new identity, a new language, a new sense of freedom. The same might be said of Peter Yuryevich Levashov, a Russian hacker whose fingerprints are said to be found on such exploits as the Russian intrusion into our 2016 elections. (more…)
Not What You Think It Is
Some things are exactly what you expect. A ballpene hammer, for example, is difficult to mistake for anything else. But if someone hammers your online presence, littering comment and review boxes with inaccurate characterizations of your business, the picture seen by your customers and prospects is very different from what you might imagine. (more…)
Introverted Social Media
Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)
Is That Toaster Listening To Us?
In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)
Who’s Baking Your Cookies?
So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)
Who’s Watching The Watchers?
It’s been a strange month or two in the world, and that’s not simply a political statement. There is a very real sense that somebody’s watching, all of us, all the time, and that we should take that for granted. Increasingly, it seems, that voyeurism extends beyond our digital footprint and into our everyday physical spaces. While novelists and science fiction authors have been seizing on the approach of these days for decades, the Luddites are always the last to know. But, you might ask, who is watching the watchers? Apparently, that would be Wikileaks. (more…)
Now You See It, Now You Don’t
Stand against the wall. That’s the common advice given to tourists when they start to make calls on their smartphones in foreign lands. It’s not the roaming charges you have to look out for any longer. It’s now the roaming thieves who want to steal your phone in broad daylight and compound the pain by phishing your account information to unlock, wipe, and resell the phone. By standing against the wall, you limit the access and cover your blind side. Sadly, the stories are anything but rare. (more…)
Bundle Up To Avoid The Cold
With every passing week, it seems, cyberthreats and hacks inundate the news cycle and bring home the absolute insecurity that most of us experience (or should) when we take even the smallest of baby steps with our digital footprints. Of late, it’s the Russians who seem to take center stage, hacking our politics and manipulating our elections. Though we could debate the extent of the success, nobody seems to doubt the intent any longer. If those chilly diplomatic breezes seem to intimate a second cold war, will cyber be the weapon of choice? Is it already?
Hook, Line, And Sinker
Spring may well be upon us, and soon the sportsmen will be casting lines into the lakes and rivers and seas in search of the great bounty that awaits them there. To that end they will deploy any manner of temptation, or bait, that will facilitate the biggest possible catch. But it’s not as seasonal a pursuit as you might imagine. (more…)
Remember, back in college, when you got away with things the older, more responsible, adult version of you would never even try? Now think back to some of your friends that were also involved. You know the ones. But if you decided one day that you were going to seek public office and expose yourself, your family, and your staff to all sorts of scrutiny, would you think twice about nostalgically adding one of your old buddies to the staff, knowing that the past would probably come back to visit you? (more…)
A Cyberhand On Your Wallet
Either way, you’re building value through your network and data and making a good faith effort to protect those valuable assets. You’ve got an IT staff, maybe, or a CTO that knows your infrastructure like the back of his hand. You know the value that your network and data add to your balance sheet, even if they’re not explicitly listed there. But sometimes a little clarity is helpful.
A Treasure Map To The Goods
All The Bells And Whistles
Better Take That Call
Hacking is a double-edged sword, in many ways illustrated by the roles of white hat and black hat hackers. Our intrusions into our own digital spaces can facilitate preventive maintenance of our digital footprint as well as morph into the digital boot on our own necks. That’s the nature of the beast. (more…)
Ransomware Is Not Randomware
After being hit three times in the last year, a luxury hotel in Austria is tired of paying a ransom to get its data back. The Romantik Seehotel, according to Motherboard, recently paid about $1,600 in Bitcoin to regain access to its computers and data. At the heart of the issue was their inability to create the magnetic key cards that have become all but ubiquitous in today’s hotel experience. Again, the third time seems to be the charm, because the hotel owners have reported that they will be converting the security system back to old school locks and keys as a result of this third ransomware event. (more…)
Hacking the Hollywood Star
So you style yourself as some sort of tech guru. Maybe you’ve pulled a kitten from a tree under pressure. Maybe you’ve seen the dark side of the dark web and emerged, once again, into the light to move the needle for all humanity. Or maybe you’ve wandered the cubicles late at night, when it was your turn at the tip of the On Call spear, and maybe the shadows cast by the buzzing fluorescents cast you in the starlight you deserve. And now you fancy yourself kneeling at your star on the Hollywood Walk of Fame. Easy there, Cochise.
It’s Yesterday Once More
You are a cybersecurity warrior, a veritable scion of security. You spend many waking hours, and some sleepless nights, worrying about the health and robustness of your network and data. Are they as impenetrable as you think they are? Could you be doing more to protect them?
The answer to that last question is always yes, but we’ll get to that in a second.
Lots of talk about Executive Orders these days. They’ve been issued in such a flurry that it can be difficult to keep track of what’s being ordered and who’s being affected. On the drafting table, according to CyberScoop, is an EO that initiates President Trump’s efforts on cybersecurity. It doesn’t seem to have the aggressive edge that the others have had, if protests are to be used as a gauge. Nobody seems to be protesting the cybersecurity orders so far, and even former Obama administration officials have indicated that they agree with the order. Still, what does all this mean to folks in the trenches? (more…)
The Internet of Misfit Toys
Inherent to the narrative about the Internet of Things has been the assumption that greater efficiencies would save consumers time and money. It stands to reason that if your toaster talks to your watch, it would know that about 15 minutes after waking up, you would want your toast to pop up and be plated. Further, it goes without saying that your life would be dramatically improved if your thermostats were in on the conversation, so that the kitchen and breakfast room could begin to warm at about the same time as the toast. (more…)
A Good Defense is the Best Offense
Let’s say you’re the DNC and you’re really upset about the recent hacking perpetrated by the Russians. Or, we could imagine you’re the US Government, and you’re feeling vulnerable and diplomatic and vengeful, all at the same time. A recent NY Times article expands on the President’s feelings along these lines, and the frustration he feels at having a mighty cyber arsenal at his disposal when revenge only makes matters worse.
A Secret History of Bad Relationships
Have you ever been THAT guy, the one who is only trying to be honest when everybody turns to him to point out the flaws in the system? You’re the one who remembers the office party everybody else wants to forget, down to the details that are all but lost to the ages. You’re there to remind Chuck in Sales & Marketing that numbers are down and click-throughs and conversions are sure to follow, even when Chuck didn’t ask. What? It’s the truth. You’re just putting it out there. Now imagine you simply harbored all this information and people sought you out and analyzed your memories. (more…)
Bold New World
Cybersecurity is approaching oxygen and water on the list of things we need to survive in this crazy world of ours. The threats are very real, whether deployed by governments around the globe or 400-pound hackers in their bed or the window booth at the corner coffee shop. The technology we create to make our lives easier now requires extraordinary vigilance, but it’s not the machines we should fear, as science fiction writers originally thought. The biggest threats seem to be the humans manipulating the good technology for bad purposes, and we can never completely isolate ourselves from them. Or can we? (more…)
You Will Save the World Several Times Today
This one goes our to all of the IT professionals our there sporting haute pocket protectors filled with government pens and .5mm mechanical pencils; the troops at the front lines of cybersecurity where the CAT 5 clicks into the road, and the hum and warmth of the server room gives indication to the heat and fire of network significance. You were the heroes of calculus and band camp, but your swagger has been under-appreciated by popular culture for years. That is until now. (more…)
Somewhere Between Sliced Turkey and Santa Claus
Your organization has weathered some storms, am I right? The valleys between the peaks, when sales slow and payroll weighs heavy on the mind. You’ve hired through the good times and had to cut back in the lean times, but you’ve steadied the ship and there’s quite a bit to be thankful for as you try to recover from Aunt Eunice’s cornbread stuffing. And how about some steady quarterly earnings and revenue growth to go with that maize? That would be the best gift of all to slide down the chimney in a couple of weeks. (more…)
Wait, Is It Monday Already?
Cyber Monday. The masterful creation of marketing professionals, designed to tap your wallet before the turkey and dressing settle in your tummy. Think of the sheer volume of sensitive consumer information that wafted through the ether on that day, searching out bargains and tantalizing hackers. Imagine the millions of people walking through a big mall with their purses and wallets wide open and you begin to get the picture. But who doesn’t love a deal? And in today’s digital, global, Internet-of-Things, consumption-driven economy, who are we to argue with the ease with which we transact? Apparently 2016 set a new record for cyber-grab. Go team! (more…)
And In Other News
While the world has been watching the American political circus over the past several years, a recurring question put forth by all parties has been, “Can this or that person be trusted with the nuclear codes?” This is an important question, no doubt, but one that overshadows an even more significant question. Granted, the President is the single gatekeeper to the national arsenal, but enemies foreign and domestic seem to be making their own keys to nuclear infrastructure these days. (more…)
REM and the Lyrical State of Cybersecurity
Way back when, in a world before the Internet, when information moved by postal truck and mere facsimile, there strode upon the earth an alternative rock band whose words were even more prescient now than when they first uttered them. And while REM exited stage left, their pronouncement that “It’s the end of the world as we know it” enjoys fresh relevance with each wave of technological advance. (more…)
A closer look at recent chaotic events surrounding the DDoS attacks on Dyn DNS reveals some frightening things about our rapidly growing dependence on the Internet. A recent NY Times article does a great job of explicating the events in layman’s terms, including the warning, “And the threats will continue long after Election Day for a nation that increasingly keeps its data in the cloud and has oftentimes kept its head in the sand.” (more…)
All Motivated with No Place to Go
An election cycle is great for reminding citizens what they’re looking for in a leader, a party, and a government. Granted, we don’t need endless election cycles, but a democratic republic depends on an educated and motivated citizenry. So we’ve got that going for us.
As IT professionals, you might have a vested interest in the actions and attentions of government. At some level, investments in infrastructure and mechanisms can only be made by governments, and the responsibility for maintaining that infrastructure falls to them as well. Think of roads and bridges. And the Internet has evolved into a really complex infrastructure, a road that bridges cultures around the globe. Without legislating the access and traffic, at some level governments need to do what they can to facilitate safe and steady flow of information and opportunity. (more…)
Blue Skies and Fireflies
If you have flown lately, you might have noticed a new wrinkle in the use of cell phones in flight. In addition to limiting use to airplane mode on those devices so equipped, the crew currently prohibits the use of or charging of any Samsung Note 7 device at any point while aboard the plane. CNET offers a brief explanation here for why that message has been added to the mix with making sure your tables and seats are in the upright and locked position. (more…)
Be Driven to Be the Driver
Mad Max Rolling Thunder
Have you ever been passed by a big rig and thought to yourself how glad you were that somebody was at the helm of that rolling bundle of death? Have you ever seen a roadside littered with billboards advertising legal services for victims of crashes involving big rigs? Maybe seen the ads on television? If so, you probably take little solace in the idea that big rigs are evolving toward autonomous operation only slightly more slowly than cars, and most new cars already come equipped with the required hardware. Put on a hockey mask and crank a chainsaw, cause you got a real massacre on your hands. (more…)
A Made-for-TV Reality
Cable News is Not Enough
This election cycle will go down in history as one of the strangest in American history. Both candidates face low favorability numbers and they remain statistically close in most of the polls. This is widely known to anyone who watches cable news programs, mainly because those networks tend to recycle the news over and over again, day after day, and week after week. No reason to blame the networks, though, because that’s the business model. And, quite frankly, there is only so much human activity that is newsworthy, though they seem to always push those boundaries as well. (more…)
It’s Not Just for Sarah Palin
Back in the day, when heartless senior management pointed out the flaws of the working man, the most retribution he would reasonably fear is that his car would get keyed in the parking lot. Sure, it’s a 1972 Corvette Stingray, but it’s still just a car. And that’s about as far as it would go. Nowadays, disgruntled employees swing a much bigger hammer, and the key they carry now slides down your network and leaves a scratchy mess the size of Texas. Literally. (more…)
The Golden Age of Cyber
Have you ever been watching an action/adventure film and noticed the lag in technology? Like Tom Cruise suspended above a top-secret console pulling a floppy disc from his bag of tricks, or some other actor who knows nothing about cybersecurity delivering well-scripted lines that ring hollow? Maybe, generations from now, people will look back at our current relationship with the digital world with the same wonder with which we view science fiction. 2084 may make 1984 look quaint and anachronistic, but shouldn’t popular culture facilitate the general public’s understanding of the risks in the ether? Shouldn’t Hollywood do a better job of revealing cybersecurity experts to be the rock stars that you are? Am I right? (more…)
Get Your Head in the Game
Remember the old days, when military pilots wore wool-lined leather helmets and big, clunky headsets? Probably not, since those practices tapered off after World War Two. By the time fighter pilots came into your field of vision, it was probably Tom Cruise singing “You’ve lost that loving feeling” while Goose couldn’t eject from the backseat. It didn’t end well for Goose, but you have to remember ICEMAN and MAVERICK in bold print on the helmets as the frosty colleagues pulled together to fight off the Russians and save the day. In addition to the monogram, the helmets had been upgraded to include oxygen masks and room for the really cool aviator sunglasses. Negative, Ghost Rider, the pattern is full. (more…)
Jackware In The Box
Fans of this blog — and let’s be honest, who isn’t a fan? — will recall a recent post that detailed the carjacking of a Jeep Cherokee from several miles away. It was an effort to demonstrate the security vulnerability of cars equipped with wireless access points and other IoT equipment. And it worked. Cars were recalled, security issues were addressed, and we now have an additional lens through which to view rapidly advancing car technology. But what if the car is advancing beyond us, the drivers? (more…)
Open Says A Me
Passwords are the first line of defense for critical network infrastructure. Building an organizational expectation for strong password use in no longer seen as an option. It is now a requirement. If you can get your staff to deploy 8-12 characters randomly selected from all varieties available, that’s $uPer GrE@+. (more…)