Viewing posts from : January 2010



Digital Trust has always advised clients to restrict or forbid toolbar use in corporate environments and on personal computers. The insidious nature of software has led to several failures in security stemming from toolbar installation. Simply put, 1) your computing activities have value 2) useful appearing software can be a Trojan horse for insidious software gaining access to your machines.

Given the value of our privacy and the value of our data, it is only natural that evil forces will try to gain access to our systems. Further, given the nature of programming, it is only to be expected that even the best toolbar coders will make mistakes that compromise our expectation of privacy. Google, arguably the smartest tech company in existence, fell on its sword with their search toolbar when it was found that turning it off didn’t keep it from reporting back to the mother ship.
And industry is seeing an uptick in corporate espionage, which means a single workstation on your network that installs a bad piece of code can result in catastrophic failure of your security measures. It is imperative that organizations begin whitelisting practices to restrict what can be run on corporate computers, and access controls to restrict who can communicate with the network.
It all has value to someone, and the more competition heats up, the more likely it is that your company will be targeted. A layered security implementation that properly addresses the risks and asset protection needs of your company is a requirement; to not pursue a measured, reasonable response begs being labeled as negligent, and failing your customers.
Digital Trust, can, of course, help with all of this, but more importantly, find someone you can work with to secure your corporate assets, and don’t neglect your personal home computers.
Evil people are hunting your data, sometimes more, sometimes less, depending on what you do, but they’re out there. If for no other reason, your computing assets have value as a platform from which to launch attacks against a target of value. So protect yourself. It’s much more enjoyable to have a security professional tell you about an exposure than it is to talk through the incident with the FBI. Do your risk assessments. Be secure.
Digital Trust, LLC

This blog and it’s contents copyright 2010 Digital Trust, LLC. Republication of this post is permitted provided it is strictly on internal corporate messaging systems; no public re-use is permitted without licensing. Any republication or reuse is forbidden if the Digital Trust name is removed.

Recent hacking efforts, which may or may not have been the Chinese, led me to suspect that we’re about to enter a phase of computer espionage unlike anything since the 1600’s when private pirates roamed the seas in pursuit of foreign vessels with the (concealed) blessings of the monarch of the port they called home. These Privateers plied the seas for 300 years in private wars of sorts, when the world was divided into many powerful independent countries, not unlike the Internet is today.

We used to say the Internet was like the Wild West, but that was then, this is now. The West was a homogeneous frontier, with independent law meted out without necessarily following legal precedent. Nowadays, we have several powers crossing International borders. Similar to Mexican bandit raids, when they were fashionable, but more closely mirroring the Privateers. In time, this too shall pass, and my guess is we’ll see a cold digital war. History has a way of doing that.
So assuming that Privateers are the blossoming security threat, and setting aside the moral issue for philosophers and ethics professors, what does it look like, and what should we expect?
For starters, we’ve got to quit blaming the source country. Any security professional will tell you that the origin you think you see is in all likelihood not the true source. A cyber cafe is the perfect place to plant a set of utilities for hacking, creating a false harbor/port for use in attacks. Anyone can get code put on just about anything anyplace. It may not stay there for long, but if you are funded, many new options open up. One could, for example, blow $300 on low end laptop with wifi and an extension cord. Sneaking that into a company perimeter is child’s play (in fact, kids do it all the time, pirating wireless in their neighborhoods). It may not last the week, but in that week, a pro can use that jump point to create 100 new jump points. Universities are another obvious infection point. And once a base of operations is established, its not a terrible problem to create a chain of compromised hosts in various countries allowing you to engage the real target with impunity.
Given funding, or at least a blind eye by the host country, a hacker can attempt to accumulate monetary or intellectual property with no fear of reprisal. The host country claims ignorance, as long as they are getting their piece, and the privateer gets to keep at least part of the loot.
On the international scale, you have an additional complication. If a hacker breaks into a company and steals money, or blackmails them, or any of a dozen ways to get money, the company may not be keen on reporting the situation. If your business could be adversely affected by admitting you’ve been hacked, hiding the issue is good business, in some situations. Which is why the US regulates some cyber attack scenarios to force admission.
The point is, if anyone with the experience can do it, and some outside agency is willing to participate or at least ignore the efforts, Cyberteers can accomplish a great deal, just like their past relatives, people like Sir Francis Drake. They are more motivated than casual hackers, so the normal rule of thumb, “just be safer than the next guy” doesn’t apply. If you’re a target, you need to be very safe. Above the norm. Well above, depending on your risk.
Update your risk models to include this class of threat, if you haven’t got it listed already. We’re bound to see more of these folks until anther Treaty of Paris is signed.
Digital Trust, LLC

This blog and it’s contents copyright 2010 Digital Trust, LLC. Republication of this post is permitted provided it is strictly on internal corporate messaging systems; no public re-use is permitted without licensing. Any republication or reuse is forbidden if the Digital Trust name is removed.