The sure "bulletproof" against Cybercrime...really?

Forgive me if laughing is a crime 'cos it seem to me that to these spotlight fans, there is no such thing as sure bulletproof. By the way, for the purpose of this blog I like to refer to cyber terrorism, crime and war perpetrators as spotlight fans, ok?

Last week we talked about “Paunch” taking the spotlight from anonymous. Though they are both brothers in cyber-crimes but there is a sharp contrast in their modus operandi. These folks always device new ways of running the show, but right now a framework for countermeasures have already been outlined to stop these spotlight fans.

Ken Presti of http://www.crn.com/ on June 20th 2012 wrote an article that had the caption New Studies Outline Framework for Cyber-Threat Countermeasures.

While the caption was eye-catchy I could not help but laugh. I laughed because there have been theories from countless number of security geeks to curb the venom from these spotlight fans but none seem to beat their tactics. There always seem to be one form of breach or another that scaled or by-passed security parameters put in place in an organization’s infrastructure or network.

Now, back to the business of the day, sorry, i had to go in circles to get here. Ken says, as complex attacks become common place businesses and government need to take comprehensive and methodical approach to keep their data, infrastructure and other resources safe. Old wives tales…right? This advice he says came in the wake of Stuxnet and Flame worms. The advice I am about to enumerate comes from Information Security Forum and would carry its members through 2014.

Sure bulletproof against these spotlight fans is, knowing the following; Skill set now extends beyond technical capability and focus is now on people skills and business knowledge, I.T. is now beyond technical component but is now a business discussion and protection of infrastructure now a very important objective.

Finally, the framework for the countermeasure is that organizations should adopt a four-phased approach that begins with an evaluation of the organization’s business model, ascertaining the full range and relative severity of the threat landscape, assessing the relative value of your data and infrastructure with an eye towards what you can and can’t do without, and, finally, developing responses to the various risks and implementing those responses.

I hope this "bulletproof" and framework for countermeasures against spotlight fans will help you and your organization or business to stay safe. Until next week when I set my eyes on you, don’t forget to let me know what you think.

Au revoir! (Goodbye)

Current “malware” scheme – Be alert and wise!

Wonders they say will never cease! Just when you thought a chapter of cyber-attack is phasing out, you will hear something else brewing, and another chapter opens almost immediately.

Companies have always been fearful of the trails of attack by anonymous, and many were of the opinion they will soon run out of tactics but it seems they just upped their game. More so, it seems a new cyber-attack “god” has stolen the spotlight with a brand-new tactics. Now, organizations have a new war to wage.

Information security's enemy is up!

A reporter by the name Rod Rasmussen reported on www.securityweek.com June 16, 2012 on Black Hole Exploit – A business Savvy Cyber Gang driving a massive wave of attack and I thought to re-echo it.

Moscow, Russia houses the new “god” of a new form of malware (malicious software) attack. He goes by the name “Paunch” as against “anonymous”.  He has browser software called “Black Hole” which is wreaking havoc daily amid world’s largest brands and government organizations.

His software does not steal money or data but it is a leading product in the “browser exploit pack” software category, and he sells these to customers. The exploits kits are installed onto compromised websites, so that when people visit these sites using a vulnerable browser, their computers are immediately attacked. Their tactics of attack is like phishing attack (where an email is sent to a person’s in box with a link to click on and when that person clicks on the link it redirects them to a look-alike site and asked for your personal information) but with a twist to it. The only difference is, these persons will not be redirected to a look-alike site but directed to a “Browser Exploit Pack” (an infested site) which will then infest the unsuspecting victim’s computer with the malware that can steal information and used for their advantage. 

Subscribers or customers to “Paunch” are constantly updated with the latest exploits against programs and browser plug-ins, they do not worry about finding exploits, engineering them or updating them with their code, Paunch does it for them.

Scary! Right? Find the rest of the story on that site I earlier mentioned and arm yourself with good information so you can beat the lion. Be wise about your activities on the internet. That’s all for today, see you next week, hopefully with more news and insight on cyber-attacks.

Let me know your thoughts on this!

Countries on Stuxnet's “Watch-list”.

Hey guys, TERRORIST WATCH-LIST is well and alive, more names of individuals who pose a threat to the United States are entering that list. Currently, STUXNET WATCH-LIST has been created. Very interesting!

Worms just keep burrowing, non-stop

Below is excerpt of the news on Stuxnet written by Lee and Kirit, retrieved from  ABC News website;

“Researchers say they have uncovered "proof" linking the authors of the Flame cyber espionage program to Stuxnet, the most powerful offensive cyber weapon ever developed -- both of which are believed to have targeted Iran. Analysts at the Russia-based cyber security firm Kaspersky Labs, which was the first to uncover Flame and had previously analyzed Stuxnet, wrote in a blog post today that they had found the "missing link" between Flame and Stuxnet: a specific piece of code that appears to have been used in both programs. Flame, a highly advanced "toolkit" of cyber espionage programs capable of watching virtually everything on an infected computer, was discovered last month on computers in the Middle East and Iran and had apparently been spying on those systems for years. Stuxnet, an offensive cyber weapon designed to physically alter its intended target, was discovered in 2010 after it reportedly infiltrated and managed to damage an Iranian nuclear enrichment facility -- an unprecedented feat.”

Flame (a powerful virus) now linked with Stuxnet and researchers are still speculating that Israel and U.S. may be involved in the spread of both viruses--research on-going though and most importantly, China, Russia, U.S, Israel, France and UK have been put on a short list of countries suspected to have carried out these virus attacks on Iran.

Interesting! Well, maybe someday the real culprit nation will be unveiled.  Guys let’s wait for the investigating-researchers J carrying out forensics in their lab through evidence collected, to get to the origin of the virus.

Do you think the origin of these viruses will ever be disclosed? Let me know your thoughts.

“Downing” websites new civilized way to shout foul?

Does the name “Anonymous” ring a bell? I am so punch-drunk at the works of Anonymous. The name is now synonymous with…maybe “the devil”. Yes? I am not really sure but organizations shudder at the thought of “Anonymous” (Hacking group).

An online activist collaborating with anonymous took down a site associated with EURO 2012 to protest mass killing of stray dogs ahead of the soccer championship in Ukraine. Yes! That’s right, you heard me clear, “protesting the mass killing of dogs”. This was fearlessly tweeted.

Don’t be astonished if DoS (Denial of Service) attack now replaces “occupy” kind of protest. I am just kidding. J

Elinor Mills of CNET News @ http://news.cnet.com/ posted this June 8, 2012. Below is an excerpt of the attack

“The account for YourAnonNews tweeted: "#OpUkraine?: Revenge for your Animal Holocaust: http://www.kieveuro2012.org ==>> TANGO DOWN!! | ?#Euro2012? via @AnonOpsLegion| ?#Anonymous? ?#Ukraine?"

The downed site is already up and running again.

It is said that Anonymous Modus Operandi is downing of websites. Maybe this attack could be justified as the news has it that, “tens of thousands of dogs, including some wearing collars indicating they are pets, reportedly have been poisoned, shot or thrown into incinerators alive.

Let me not bore you with the rest of the news content.

Do you think the downing of website is the new civilized way to shout foul? Let me know your thoughts.

Do you support the "Stuxnet" move?

Hello there! I am known simply as Dove. A lover of good Information Security news. My love for Information Security news knows no bounds. I will be feeding you with hot meals weekly. Please feel free to let me know your thoughts after feeding from my table. 

I am not sure you have seen this news, but as I was going through www.technewsworld.com today, the title--Stuxnet Worm Could Turn—struck me and I quickly skimmed through. Question that came to mind was--As the world advances in technology, is cyber-attacks now the face of modern warfare? The content was more than HOT and I decided to convey it to you.

Worms just keep burrowing, non-stop

Eric Morphy was the presenter of the title today (June 4, 2012). He said, the virus Stuxnet that had gone wild and spread like fire from country to country since 2010 was created by the United States of America (USA) and the Israeli Government, as a type of attack designed to stop Iran’s nuclear ambition.

He said, when Stuxnet went into the wild casing damage, the Obama administration decided to continue the program instead of containing or shutting the virus down. Couple with that, Stuxnet is believed to have spread massively and control over it lost.

The New York Times published the news from a book not yet released—Confirm and Conceal: Obama’s Secret Wars and Surprising use of American Power, witten by David Sanger—and it suddenly became wide spread last week.

There seem to be argument for and against this move. While some view it as a well thought out strategy, others see it as a naïve move on the part of America.

Finally, Storms, a contributor I believe, says, “The technical and secretive nature of information warfare makes it almost impossible to assess the impact and ramifications of Stuxnet and other nation state-sponsored cyberattacks," "We simply don't have access to enough information.”

Do you support Stuxnet move? Let me know your thoughts.