Exposure Of Digital DNA
The latest revelation about consumer-level DNA mapping — the kind advertised on television that track your origin back to exotic and unexpected continents — is the evolution of a database that exposes both the unsuspecting and the suspicious. Adopted children are reacquainted with birth parents seven decades removed and introduced to sisters that look just like them. (more…)
Light The Candles Of Cybersecurity
As we approach our national birthday, now 242 years in the making, let’s look at the trends and expectations settling out there on the horizon. Threats are up, breaches are increasing in size and scope, ransomware is hitting public and private organizations, and researchers struggle to keep pace with the clever people with bad intentions. Before we eat the cake, we ought to light the way to a more secure future.
All That Glitters Is Not Gold Lowell
The City of Atlanta was recently the victim of a ransomware attack. As reported by Wired and others, Atlanta paid over $2.7 million dollars in consulting and legal fees to settle a $52,000 ransom. The malware used was of the SamSam strain, and experts at SecureWorks, the response firm working with the City, (more…)
A Bite Of The Apple
One of Apple’s many selling points, beyond the cool factor and lifestyle connectivity, is the relative security of Apple products, partly because of architecture and partly because their market share of end users remains relatively low. More people, it seems, prefer other hardware and operating systems. The only outlier may be the iPhone, so let’s assume that to be the case — and forgo all the market data that might support it — for the sake of this discussion. (more…)
Fridge With A Mind Of Its Own
Well not exactly. Let’s just say the refrigerator may not always be focused on keeping your lettuce crisp.
The Dark Side Of Breach Victims
As a part of reconciling interests following a highly publicized breach, victim organizations often apologize with an offer to induce customers to remain or return to the fold. Retailers may reduce prices or offer subscription memberships, while banks may offer credit reporting or monitoring for a year or enhanced rates on accounts. (more…)
Stuxnet: The Gift That Keeps On Giving
Remember that time when the Iranian nuclear program was flummoxed by the speeding up or slowing down of their centrifuges? Though the actors have never been formally identified, the special sauce to that enterprise was Stuxnet, and the secret ingredient of that sauce was counterfeit cryptographic certificates from known companies that greased the skids for the malware. Ars Technica is reporting that the secret ingredients are now commonly available for all of your over-the-counter malware needs, if you know who to call. (more…)
This Is Only A Test
Imagine a scenario in which one of your employees — Madge in accounting, or Skip in sales, for instance — selects an incorrect option from a drop-down menu and opens your network and data to the world. Working with that set of menu options is part of his daily routine, but for some reason the mouse clicks on the “organizational armageddon” option instead of the “test network security” option. (more…)
Got Your Head In The Clouds?
A recent cloud security report, as you might expect, had some good news and some bad. Somewhere in the middle is the news that’s just that: news. The cases you hear the most about, like the ransomware attacks, make up only about 2% of the overall picture, while web applications represent about 75% of the vulnerability. As for cloud storage and cloud services, the report found that public clouds are more than 50% safer than private or onsite storage. A recent article by Security Intelligence summed it up nicely, and we commend that to your reading list. That’s good to know, especially if you are scaling up or outgrowing your current storage arrangement. But it’s not a perfect system. (more…)
The Most Interesting IT Guy In The World
You’ve seen him at conferences, sporting an ascot and a pocket protector and making it look good. He works the vendor pit like he owns the place, collecting cards and envy from everyone he meets, and connecting demand with supply in subtle but glamorous ways. He walks into a seminar like he was walking onto a yacht, his credentials strung unassumingly around his neck like a lift ticket from Davos. The panel surrenders a seat at the table and he holds forth on contemporaneous cyber issues. He is undoubtedly the most interesting IT guy in the world. (more…)
The Cure For What Ails You
History is rife with examples of enterprising salesmen rushing into lucrative markets to fill a void, real or perceived. Contractors and roofers who work the hurricane and tornado circuits, lawyers pitching the massive settlements they’ve secured for their clients, and even gameshow hosts selling reverse mortgages and arthritis balms. Like the Wizard in Oz, when you pull the curtain back, it’s a simple snake oil salesman with a good story. And the cybersecurity world has been a growth industry for those who overpromise but underdeliver. (more…)
And They Said Print Was Dead
You are the King of IT, the ruler of all things digital, and your organization offers you unconditional love and admiration for the many hours you put in. You monitor the network, manage passwords, fortify firewalls, educate the staff, and even help their Cousin Joey find an internship with a small security startup. You are the man and the woman. They sing your praises from the rooftop, and even wrote a song in your honor. (more…)
A Complete Meltdown Would Be Quite A Spectre
Please pardon the spelling above, in what is an unapologetic play for SEO. If you haven’t heard about Meltdown or Spectre yet, you will. They are tragic flaws embedded in microchips that have powered most computers and devices for way too long. (more…)
Reservation For A Nigerian Prince
Ever gotten one of those emails that lets you know your account has been hacked? Maybe it was your email account, and all of your contacts received a quirky email from you unawares, touting the benefits of a particular enhancement drug or the prospects of a Nigerian fortune. Those are pretty common. But how about something a little less ordinary. (more…)
Camp Songs For IT Professionals
It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.
Arraigned On The Planes Of Spain
Back when Julie Andrews was in her theatrical prime, there was more than just The Sound of Music in the hills. In My Fair Lady, she repeated “the rains in Spain stay mainly on the plains” in an effort to lose her cockney accent. One could argue that Eliza Doolittle was trying to escape her past and enjoy the liberty associated with a new identity, a new language, a new sense of freedom. The same might be said of Peter Yuryevich Levashov, a Russian hacker whose fingerprints are said to be found on such exploits as the Russian intrusion into our 2016 elections. (more…)
Who’s Baking Your Cookies?
So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)
The Gifts That Keep On Giving
Isn’t it great to be back at work? The kids are back in school, the elf-on-the-shelf is back in the attic planning next year’s pranks, and all you’ve got left to look forward to are the credit card bills. Santa was a bit overzealous, perhaps, but the looks on their faces make it all worthwhile, am I right? (more…)
Ghost in the Machine
You’re probably recalling where you were the first time you heard Sting and The Police, or what the funky red graphics were on the cover of that album. That’s what most folks recall. We are, after all, Spirits in the Material World. The expression was actually coined by Gilbert Ryle in his 1949 book The Concept of Mind, an examination of Rene Descartes’ dualistic separation of mind and body. At the core of this philosophical marvel is the notion that the mind and body work independently of one another, and their connection is speculative at best. This concept takes on new relevance in the digital world.
Remember the novelty of the knock knock joke, the thousands of iterations and puns that could be generated from the simplest of phrases? Orange you glad I asked? It’s all coming back to you, isn’t it? The response always starts with a chuckle, a reward for the cleverness of the wordplay. Near the end of the joke series (because there is never just one) a groan ensues, patience ends, and clever children are banished to the kids’ table or told to go play outside. (more…)
Penetration Testing Demystified
If you’ve been considering the various technical security assessments available to your organization, then chances are good you’ve heard of a Penetration Test, but do you know whether you need an internal or an external penetration test? How often should these tests be scheduled? What can you expect the test to find? (more…)