The issues around encryption have been ongoing for decades, but has gotten more attention after the recent killing sprees in Paris and California. The encryption of smartphones have become more sophisticated over the past two years and US administration officials are making the case for better access to encrypted data, saying new smartphone and encryption technologies have made it more difficult to thwart "malicious actors."
One of the solutions proposed is for companies like Google and Apple to roll back their encryption to the level of a year ago to enable access to smartphones with a warrant or court order. There have been investigations of murderers, rapists, and pedophiles stopped in their tracks due to their phones being encrypted.
Tech firms are not likely to voluntarily make changes to help law enforcement and risk their public image and be seen as tools of law enforcement or the NSA.
Privacy activists and encryption specialists in the private sector remain firm in resisting efforts to provide special access to investigators. They have stated that weakening encryption will only make us all less secure. Encryption offers many benefits, such as securing personal or business data and financial transactions. and can help deter smartphone thefts.
This whole issue is a double-edged sword. Yes, being able to analyze
the phones of those being prosecuted in a trial will help the
investigations and put the bad guys away, but that opens everyone else
up to cyber attacks.
Although I can see both sides of the argument, I would have to go with NOT weakening encryption. Technology is constantly evolving and the security with it must evolve as well. Taking a step backwards will only hurt and as someone stated in the article, "prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption."
References:
http://www.securityweek.com/data-encryption-sharp-focus-after-deadly-attacks
Thursday, December 17, 2015
Monday, December 7, 2015
Week 2 - Microsoft Leads Effort To Disrupt Dorkbot Botnet
Researchers from Microsoft’s Malware Protection Center and Digital
Crimes Unit teamed up with counterparts at ESET and CERT Polska in
providing detailed information and telemetry on Dorkbot to law
enforcement in the US, Canada, and Europe. US-CERT, the FBI, Interpol,
and the Royal Canadian Mounted Police, all worked on the case.
Dorkbot is malware that have infected more than 1 million computers worldwide. It is used to steal passwords and personal information from people logging into sites like Facebook, Gmail, Netflix, PayPal, Twitter, and YouTube. It works by disabling security software on a system and blocks access to the security websites that update the software. Once on a system, Dorkbot connects via IRC to a remote command and control server and downloads other malware on to it. Compromised systems become part of large Dorkbot botnets used in denial-of-service attacks and for spam distribution purposes.
Microsoft’s Coordinated Malware Eradication campaign, is an effort to get security vendors, researchers and other stakeholders to pool their resources and information in coordinated, large scale anti-malware campaigns. The company has said that it is only through coordinated efforts that the industry has a chance to deter destructive malware campaigns.
The combined efforts of the teams listed in this article is a great example of what we're capable of against hackers. It seems as if only hacks and security breaches against major corporations are reported in the mainstream media and not stories like these. IT Security Professionals and organizations catch a lot of flack for not "doing their jobs" and stopping these attacks, but it's not as easy as it sounds especially when they're going up against intelligent hackers and rapidly evolving technologies. I'm confident that although we may not hear about stories like these on a daily basis, teams and organizations are working diligently to keep our networks safe.
References
http://www.darkreading.com/vulnerabilities---threats/microsoft-leads-effort-to-disrupt-dorkbot-botnet/d/d-id/1323429?
Dorkbot is malware that have infected more than 1 million computers worldwide. It is used to steal passwords and personal information from people logging into sites like Facebook, Gmail, Netflix, PayPal, Twitter, and YouTube. It works by disabling security software on a system and blocks access to the security websites that update the software. Once on a system, Dorkbot connects via IRC to a remote command and control server and downloads other malware on to it. Compromised systems become part of large Dorkbot botnets used in denial-of-service attacks and for spam distribution purposes.
Microsoft’s Coordinated Malware Eradication campaign, is an effort to get security vendors, researchers and other stakeholders to pool their resources and information in coordinated, large scale anti-malware campaigns. The company has said that it is only through coordinated efforts that the industry has a chance to deter destructive malware campaigns.
The combined efforts of the teams listed in this article is a great example of what we're capable of against hackers. It seems as if only hacks and security breaches against major corporations are reported in the mainstream media and not stories like these. IT Security Professionals and organizations catch a lot of flack for not "doing their jobs" and stopping these attacks, but it's not as easy as it sounds especially when they're going up against intelligent hackers and rapidly evolving technologies. I'm confident that although we may not hear about stories like these on a daily basis, teams and organizations are working diligently to keep our networks safe.
References
http://www.darkreading.com/vulnerabilities---threats/microsoft-leads-effort-to-disrupt-dorkbot-botnet/d/d-id/1323429?
Wednesday, December 2, 2015
DHS hacks businesses for free to test cybersecurity
The Department of Homeland Security offers businesses - mostly banks and energy firms - a chance to test their cyber defenses against attacks. This little-known program called National Cybersecurity Assessment and Technical Services (NCATS) is free of charge and a great way for businesses to ensure their systems and data are safe.
NCATS is composed of two programs, Cyber Hygiene and Risk Vulnerability Assessment (RVA). Cyber Hygiene is an automated scan of a company's network to suss out any known vulnerabilities. RVA, loans companies four to five security experts for a two-week period during which they conduct onsite assessments, launch targeted trial attacks and test incident response plans. They also conduct a spear phishing campaign on employees to see how often they fall for fraudulent emails.
NCATS is a great program for these businesses because these are the businesses that affect us all. Banks are responsible for keeping OUR money safe so I'm glad DHS offers this program. DHS deals with cyber attacks on a daily basis so they are consistently keeping up with the different types of attacks and vulnerabilities out there. Knowing that these businesses are going through these tests and fixing holes in their cyber defenses somewhat puts my mind a little more at ease. I say this because there's no way to be 100% secure. Hackers are constantly finding ways around. As we're finding a way to protect ourselves from an attack, they're already working on a new one.
References
http://thehill.com/policy/cybersecurity/261658-dhs-hacks-businesses-for-free-to-test-cybersecurity
NCATS is composed of two programs, Cyber Hygiene and Risk Vulnerability Assessment (RVA). Cyber Hygiene is an automated scan of a company's network to suss out any known vulnerabilities. RVA, loans companies four to five security experts for a two-week period during which they conduct onsite assessments, launch targeted trial attacks and test incident response plans. They also conduct a spear phishing campaign on employees to see how often they fall for fraudulent emails.
NCATS is a great program for these businesses because these are the businesses that affect us all. Banks are responsible for keeping OUR money safe so I'm glad DHS offers this program. DHS deals with cyber attacks on a daily basis so they are consistently keeping up with the different types of attacks and vulnerabilities out there. Knowing that these businesses are going through these tests and fixing holes in their cyber defenses somewhat puts my mind a little more at ease. I say this because there's no way to be 100% secure. Hackers are constantly finding ways around. As we're finding a way to protect ourselves from an attack, they're already working on a new one.
References
http://thehill.com/policy/cybersecurity/261658-dhs-hacks-businesses-for-free-to-test-cybersecurity
Subscribe to:
Posts (Atom)