You Have The Power, Mostly
Just when you thought it was safe to go back in the water, Russian hacking resurfaces in waters beyond the political. Sure, it was devastating when we realized that Russia had wormed its way into our electoral and democratic process, but that was apparently just the beginning of the story. (more…)
The Future of Cyber- Part Two
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has some interesting perspectives on the nature of cyber threats going forward. The concept of deterrence, for example is complicated, at least on a national or global scale. “Deterrence requires attribution supported by evidence, further supported by classified information and practices,” Zheng suggests, and governments know that for every action there is a reaction, often deploying the same technology. So global resolution of cyber threat potential seems problematic.
The Future of Cyber- Part One
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has also worked as a senate staffer on the Homeland Security Committee, in the Computer Associates software engineering process, and, most recently, on cyber moonshots at DARPA. So her perspective on cyber reflects and informs those of consumers, governments, and leading edge developers. (more…)
The Smaller They Are, The Harder They Fall
No Such Thing As A Free Lunch
It’s A Family Affair
Hacking Up Your Tex-Mex
Camp Songs For IT Professionals
It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.
The Business Side Of Cyberthreats
When Cybersecurity Is Mainstream
Hacking Ain’t What it Used to Be
Do you remember 1986? The first class was inducted into the Rock and Roll Hall of Fame, the Challenger Space Shuttle disaster rocked our world, and Top Gun was the highest grossing film of the year. That year also brought us the Computer Fraud and Abuse Act (CFAA), a law that many have suggested hasn’t kept up with the rapid pace of technological innovation. After all, ARPANET was in its infancy in 1983, and the World Wide Web wouldn’t become a consumer reality until around 1990. Protecting isolated computers is a wildly different thing from keeping networked devices secure in the IOT world. (more…)
The Imperfect Storm
There’s a storm brewing, potential chaos lurking in the wings. And I’m not talking about politics. Though, if we’re being honest, there’s a storm brewing there, too. We can argue cause and effect, but the world is changing in palpable ways, probably more rapidly than we imagine. (more…)
When The Chips Are Down
Arraigned On The Planes Of Spain
Back when Julie Andrews was in her theatrical prime, there was more than just The Sound of Music in the hills. In My Fair Lady, she repeated “the rains in Spain stay mainly on the plains” in an effort to lose her cockney accent. One could argue that Eliza Doolittle was trying to escape her past and enjoy the liberty associated with a new identity, a new language, a new sense of freedom. The same might be said of Peter Yuryevich Levashov, a Russian hacker whose fingerprints are said to be found on such exploits as the Russian intrusion into our 2016 elections. (more…)
Not What You Think It Is
Some things are exactly what you expect. A ballpene hammer, for example, is difficult to mistake for anything else. But if someone hammers your online presence, littering comment and review boxes with inaccurate characterizations of your business, the picture seen by your customers and prospects is very different from what you might imagine. (more…)
Introverted Social Media
Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)
Is That Toaster Listening To Us?
In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)
Who’s Baking Your Cookies?
So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)
Who’s Watching The Watchers?
It’s been a strange month or two in the world, and that’s not simply a political statement. There is a very real sense that somebody’s watching, all of us, all the time, and that we should take that for granted. Increasingly, it seems, that voyeurism extends beyond our digital footprint and into our everyday physical spaces. While novelists and science fiction authors have been seizing on the approach of these days for decades, the Luddites are always the last to know. But, you might ask, who is watching the watchers? Apparently, that would be Wikileaks. (more…)
Now You See It, Now You Don’t
Stand against the wall. That’s the common advice given to tourists when they start to make calls on their smartphones in foreign lands. It’s not the roaming charges you have to look out for any longer. It’s now the roaming thieves who want to steal your phone in broad daylight and compound the pain by phishing your account information to unlock, wipe, and resell the phone. By standing against the wall, you limit the access and cover your blind side. Sadly, the stories are anything but rare. (more…)
Bundle Up To Avoid The Cold
With every passing week, it seems, cyberthreats and hacks inundate the news cycle and bring home the absolute insecurity that most of us experience (or should) when we take even the smallest of baby steps with our digital footprints. Of late, it’s the Russians who seem to take center stage, hacking our politics and manipulating our elections. Though we could debate the extent of the success, nobody seems to doubt the intent any longer. If those chilly diplomatic breezes seem to intimate a second cold war, will cyber be the weapon of choice? Is it already?
A Cyberhand On Your Wallet
Either way, you’re building value through your network and data and making a good faith effort to protect those valuable assets. You’ve got an IT staff, maybe, or a CTO that knows your infrastructure like the back of his hand. You know the value that your network and data add to your balance sheet, even if they’re not explicitly listed there. But sometimes a little clarity is helpful.
Hacking the Hollywood Star
So you style yourself as some sort of tech guru. Maybe you’ve pulled a kitten from a tree under pressure. Maybe you’ve seen the dark side of the dark web and emerged, once again, into the light to move the needle for all humanity. Or maybe you’ve wandered the cubicles late at night, when it was your turn at the tip of the On Call spear, and maybe the shadows cast by the buzzing fluorescents cast you in the starlight you deserve. And now you fancy yourself kneeling at your star on the Hollywood Walk of Fame. Easy there, Cochise.
It’s Yesterday Once More
You are a cybersecurity warrior, a veritable scion of security. You spend many waking hours, and some sleepless nights, worrying about the health and robustness of your network and data. Are they as impenetrable as you think they are? Could you be doing more to protect them?
The answer to that last question is always yes, but we’ll get to that in a second.
The Internet of Misfit Toys
Inherent to the narrative about the Internet of Things has been the assumption that greater efficiencies would save consumers time and money. It stands to reason that if your toaster talks to your watch, it would know that about 15 minutes after waking up, you would want your toast to pop up and be plated. Further, it goes without saying that your life would be dramatically improved if your thermostats were in on the conversation, so that the kitchen and breakfast room could begin to warm at about the same time as the toast. (more…)
A Secret History of Bad Relationships
Have you ever been THAT guy, the one who is only trying to be honest when everybody turns to him to point out the flaws in the system? You’re the one who remembers the office party everybody else wants to forget, down to the details that are all but lost to the ages. You’re there to remind Chuck in Sales & Marketing that numbers are down and click-throughs and conversions are sure to follow, even when Chuck didn’t ask. What? It’s the truth. You’re just putting it out there. Now imagine you simply harbored all this information and people sought you out and analyzed your memories. (more…)
Bold New World
Cybersecurity is approaching oxygen and water on the list of things we need to survive in this crazy world of ours. The threats are very real, whether deployed by governments around the globe or 400-pound hackers in their bed or the window booth at the corner coffee shop. The technology we create to make our lives easier now requires extraordinary vigilance, but it’s not the machines we should fear, as science fiction writers originally thought. The biggest threats seem to be the humans manipulating the good technology for bad purposes, and we can never completely isolate ourselves from them. Or can we? (more…)
You Will Save the World Several Times Today
This one goes our to all of the IT professionals our there sporting haute pocket protectors filled with government pens and .5mm mechanical pencils; the troops at the front lines of cybersecurity where the CAT 5 clicks into the road, and the hum and warmth of the server room gives indication to the heat and fire of network significance. You were the heroes of calculus and band camp, but your swagger has been under-appreciated by popular culture for years. That is until now. (more…)
Wait, Is It Monday Already?
Cyber Monday. The masterful creation of marketing professionals, designed to tap your wallet before the turkey and dressing settle in your tummy. Think of the sheer volume of sensitive consumer information that wafted through the ether on that day, searching out bargains and tantalizing hackers. Imagine the millions of people walking through a big mall with their purses and wallets wide open and you begin to get the picture. But who doesn’t love a deal? And in today’s digital, global, Internet-of-Things, consumption-driven economy, who are we to argue with the ease with which we transact? Apparently 2016 set a new record for cyber-grab. Go team! (more…)
And In Other News
While the world has been watching the American political circus over the past several years, a recurring question put forth by all parties has been, “Can this or that person be trusted with the nuclear codes?” This is an important question, no doubt, but one that overshadows an even more significant question. Granted, the President is the single gatekeeper to the national arsenal, but enemies foreign and domestic seem to be making their own keys to nuclear infrastructure these days. (more…)
REM and the Lyrical State of Cybersecurity
Way back when, in a world before the Internet, when information moved by postal truck and mere facsimile, there strode upon the earth an alternative rock band whose words were even more prescient now than when they first uttered them. And while REM exited stage left, their pronouncement that “It’s the end of the world as we know it” enjoys fresh relevance with each wave of technological advance. (more…)
A closer look at recent chaotic events surrounding the DDoS attacks on Dyn DNS reveals some frightening things about our rapidly growing dependence on the Internet. A recent NY Times article does a great job of explicating the events in layman’s terms, including the warning, “And the threats will continue long after Election Day for a nation that increasingly keeps its data in the cloud and has oftentimes kept its head in the sand.” (more…)
Blue Skies and Fireflies
If you have flown lately, you might have noticed a new wrinkle in the use of cell phones in flight. In addition to limiting use to airplane mode on those devices so equipped, the crew currently prohibits the use of or charging of any Samsung Note 7 device at any point while aboard the plane. CNET offers a brief explanation here for why that message has been added to the mix with making sure your tables and seats are in the upright and locked position. (more…)
A Made-for-TV Reality
Cable News is Not Enough
This election cycle will go down in history as one of the strangest in American history. Both candidates face low favorability numbers and they remain statistically close in most of the polls. This is widely known to anyone who watches cable news programs, mainly because those networks tend to recycle the news over and over again, day after day, and week after week. No reason to blame the networks, though, because that’s the business model. And, quite frankly, there is only so much human activity that is newsworthy, though they seem to always push those boundaries as well. (more…)
It’s Not Just for Sarah Palin
Back in the day, when heartless senior management pointed out the flaws of the working man, the most retribution he would reasonably fear is that his car would get keyed in the parking lot. Sure, it’s a 1972 Corvette Stingray, but it’s still just a car. And that’s about as far as it would go. Nowadays, disgruntled employees swing a much bigger hammer, and the key they carry now slides down your network and leaves a scratchy mess the size of Texas. Literally. (more…)
The Golden Age of Cyber
Have you ever been watching an action/adventure film and noticed the lag in technology? Like Tom Cruise suspended above a top-secret console pulling a floppy disc from his bag of tricks, or some other actor who knows nothing about cybersecurity delivering well-scripted lines that ring hollow? Maybe, generations from now, people will look back at our current relationship with the digital world with the same wonder with which we view science fiction. 2084 may make 1984 look quaint and anachronistic, but shouldn’t popular culture facilitate the general public’s understanding of the risks in the ether? Shouldn’t Hollywood do a better job of revealing cybersecurity experts to be the rock stars that you are? Am I right? (more…)
Jackware In The Box
Fans of this blog — and let’s be honest, who isn’t a fan? — will recall a recent post that detailed the carjacking of a Jeep Cherokee from several miles away. It was an effort to demonstrate the security vulnerability of cars equipped with wireless access points and other IoT equipment. And it worked. Cars were recalled, security issues were addressed, and we now have an additional lens through which to view rapidly advancing car technology. But what if the car is advancing beyond us, the drivers? (more…)
Open Says A Me
Passwords are the first line of defense for critical network infrastructure. Building an organizational expectation for strong password use in no longer seen as an option. It is now a requirement. If you can get your staff to deploy 8-12 characters randomly selected from all varieties available, that’s $uPer GrE@+. (more…)
Bond. Cyber Bond.
Capitalism is a wonderful thing. Free markets have helped humans identify and meet demands by supplying the products and services that envelop an economy. It is also worth noting that necessity is often called the mother of invention, and cybersecurity is not removed from the influence of this type of thinking. (more…)
At the Crossroads
Robert Johnson is believed to have sold his soul to the devil at a crossroads in Clarksdale, Mississippi. Legend has it the devil offered Johnson in trade a well-tuned guitar and a peculiar gift for singing the blues. His songs have been made famous by Muddy Waters, Eric Clapton, and The Rolling Stones, among others. Despite this oft-intoned gift, Johnson suffered an early departure from this world, though one shudders at the thought of such talent descending eternally southward into fire and brimstone, a musical fate we’d more readily assign to boy bands and pre-pubescent pop stars. (more…)
Politics as Unusual
Regardless of your political affiliation or your favorite — or least unfavorite — candidate, the 2016 election cycle has been anything but predictable. If this were a circus, it would be a very good one. Instead, though, it is the pinnacle of the democratic mechanism by which we choose our leadership. That is a sobering reality that could make you reach for the bottle. (more…)
Organizational Climate Change
Planning is part of business, and the emerging changes in our physical world certainly play into that. Unexpected rains and flooding seem to strike different regions of the country with increasing frequency, and the usual threats like hurricanes and tornadoes haven’t completely resigned the stage. (more…)
BREXIT and The Unbearable Lightness of Leaving
Your organization is an island of traditional values and modern technology. Your staff speaks a language that is unique to the industry and has a shop culture that has evolved from the first day you opened for business. You’ve conquered the universe, winning large contracts and making connections that have ushered in waves of revenue and progress. You’ve forged alliances with others in our global economy that strengthen both parties. You’ve faced unruly vendors and cut ties when necessary, and you’ve battled the mighty when compelled to do so, especially when industry momentum was threatened. (more…)
The Ubiquity of Remote Access
Forget about the Internet of Things. Yeah, like that’s possible. But set that aside for the moment. Another stark reality of our new global economy and digital footpath is the flourishing of remote access. Road Warriors access their office PCs from business travel hotels from Scranton to Sacramento while small businesses choose NAS over cloud services, reaping the many benefits of local data control and network accessibility but facing the daunting reality of localized vulnerabilities. (more…)
Crazy Cousin Guccifer
Every family’s got at least one, a crazy uncle or distant cousin who adopts a scorched earth perspective when exiting the reservation or joining the circus or moving to Iowa to invest in an earthworm farm. You don’t hear much from them for a while, but the names and stories get opened up at family weddings and funerals, reunions marked by distant sadness and curiosity. Guccifer, aka Marcel Lazar, is a Romanian hacker who may seem new to the family, but his name should sound familiar very soon if not already. (more…)
I’m with the Government, and I’m Here to Hold a Hearing
We hear a lot about homeland security, both the pursuit and the official government department. The TSA is probably the latter’s most visible, and often most toxic, representative, especially when you see the little old lady victimized by the random full body search. The work they do is important, but a lot of it never sees the light of day. That can be good or bad. On a slow day, though, you can witness the machinations that propel our homeland into great security, because a recent Senate Homeland Security Committee meeting was recorded and is viewable here. Granted, it’s a couple hours of your life you’ll never get back, but whatever inflates your balloon. (more…)
It’s Graduation Season
The waypoints on our life journeys are marked by ceremony. Weddings, funerals, births and Baptisms, and, from time to time, graduations. High school and college seem to be the major events, but the zealous have introduced kindergarten, grade school, middle school, and traffic school to the mix. So congratulations to those who wiped the points off their driving record with 8 hours of vehicular remediation, Your future is, indeed, bright. (more…)
Ransomware Exposed: Sextortion
Ransomware is not new. It’s been around for a while, and clever hackers have found ways to extort just the right amount of money to make it worth your while to settle. The balance is somewhere between what the data is worth and what it would cost you to recover it through normal machinations. Traditionally they’ve kept the number low enough that is was cheaper to pay up and walk away. An easy decision, perhaps, when the data is just that. Data. (more…)
Hackers Prove Patient But Swift
Breaching a global bank network is no smash and grab operation. As organizations focus and fund their cybersecurity resources with even greater alacrity, the bad guys have to continue to polish the edge of their sword, patiently waiting for the right opportunities to score bigger and bigger hits. Such is the case with the recent — and second — attack on Swift, the global messaging network banks use to move money around. If you think you’re covering all your bases and keeping your data out of harm’s way, you may be giving yesterday’s news and last week’s security protocols too much play. Hackers, in one small way, are like PGA Tour Pros: These Guys Are Good. (more…)
A Coppertone Moment
It’s the official beginning of summer, and hundreds of thousands of tourists from the far reaches of North America are making their way across the USA in a Chevrolet, migrating to the seasonal climes and exotic beverage offerings of coastal communities across the Southeast. Escaping the more — perhaps presumably — mundane and pedestrian challenges of their normal lives, many tourists engage in atypical behavior, casting inhibitions to the wind and embracing the larger world in various stages of sobriety and dress. It’s all umbrella drinks and beach reads, kids running amok and minivans loaded with folding chairs and inflatables. Now imagine your data sitting next to that family in Denny’s. You know the one. (more…)