Month: September 2013

Tiny Botnet Makes Big Impact on Background Check Companies, ID Thieves Profit.

Daniel Gifford Blog, Botnets

Security Researcher Brian Krebs has conducted an investigation of a number of identity theft portals active on the internet, where various ne’er-do-wells were able to purchase the personal information (social security numbers and full background check information) of anyone they pleased, including such luminaries as Beyonce, Kanye West and Jay Z and even First Lady Michelle Obama, CIA Director John Brennan, and former FBI Director Robert Mueller.

The service which Krebs honed in on, ssndob.ms, was apparently slurping their data from the primary companies on the “legitimate” side of background checks; Lexis-Nexus, Dun and Broadstreet, and Kroll Security. The ID thieves had penetrated the networks of those companies and added a number of their servers to a botnet.  The admins of ssndob then used these computers to grab data from the databases of the companies. They also had control of a number of compromised accounts with conventional access to these databases.

The main impact of the hack is that it proves that so-called “Knowledge-Based Authentication” (KBA), a process where someone’s identity is determined by asking them questions from their history, such as places lived, cars owned, and recent bills paid, is not an effective security measure.  Identity thieves have gotten the databases, and will no doubt continue to find access to them, which means that passing a KBA challenge is a trivial task for determined and well connected attackers. However, many of the alternatives such as biometric identifiers, come with their own problems. Establishing Identity is the hard problem of the information age.

 

Dan Gifford – MCySec Media Manager

Working Paper: Regional Cyber Security: Moving Towards a Resilient ASEAN Cyber Security Regime

Daniel Gifford Blog

Caitríona H. Heinl has written a working paper on the cyber threats facing the ASEAN nations and the international frameworks necessary to combat them. Developing resilience is a focus of the paper, and against a backdrop of rapidly increasing numbers of internet users in the ASEAN countries this is going to become only more important as time goes on. The paper provides a good review of the existing frameworks and agreements that have been made in this field and lays out recommendations for the future.

Dan Gifford- MCySec Media Manager

 

IT Hubs Launched for Kenyan Primary Schools.

Daniel Gifford Blog

Microsoft, the British Council, and telecoms giant Bharti Airtel have worked together to construct 18 digital hubs for Kenyan primary school students. The computers should help students learn about technology and the internet, and each hub will be shared by multiple schools. The program has constructed a total of 121 digital hubs in eight other Sub-Saharan countries.

Dan Gifford- MCySec Media Manager

RSA warns against use of DUAL_EC_DRBG

Daniel Gifford Blog

RSA, an internet security firm, has warned customers against using the DUAL_EC_DRBG random number generation algorithm which they distributed with some of their products. The warning comes after the algorithm has been singled out as compromised by the NSA in the course of Project Bullrun. The problem is that the random numbers generated by the piece of code are actually not random in specific ways that make them vulnerable to exploitation by specific actors, which could lead to those actors obtaining the cryptographic keys of users.

Matthew Green,  a cryptography researcher at Johns Hopkins University, has published an excellent series of posts on the vulnerabilities of the algorithm and the issues around it on his blog.

Dan Gifford- MCySec Media Manager

Comment Crew Going After Drone Tech

Daniel Gifford Blog

An article in the New York Times by Edward Wong details the efforts of the State-supported Chinese hacking group known as the “Comment Crew” (and widely suspected to be PLA unit 61398) to surreptitiously acquire military drone technology by hacking into US Defense Contractors. These cyberespionage operations are occurring against the backdrop of a massive expansion in drone capabilities and manufacturing on the part of the Chinese military.

 

Dan Gifford- MCySec Media Manager

Tomorrow’s cities: How big data is changing the world

Daniel Gifford Blog

The BBC’s technology writer Jane Wakefield has posted an excellent pair of articles on the changing data environment and the rapidly expanding flows of data created by cities. The ways cities respond to this new depth of data will be increasingly important and shape urban development for many years to come.

Her second article is on the attempt by Rio de Janeiro to become a “Smart City” through the use of data, often sourced from the citizens themselves.

 

Dan Gifford- MCySec Media Manager

New Approaches to Cyber-Deterrence: Initial Thoughts on a New Framework

Daniel Gifford Blog

Cooper_2009_Thoughts on Cyber Deterrence_Final copy

This paper argues we are now in a non-polar world wherein states and other entities may be in states of collaboration, competition and/or conflict (3 Cs) simultaneously with each other.  As a result of this shift in paradigm as well as the impact of the information revolution, Cooper explores how lessons from nuclear deterrence may apply to the cyber realm.  In particular, he uses and builds upon the often forgotten principles of containment to address cyber threats in this “3 Cs-world”.  This research stems from 2009 Highlands Forum sessions sponsored by the U.S. Office of the Secretary of Defense. The final version was presented to U.S. General Keith Alexander at Highlands Forum, “Cyber Commons, Engagement and Deterrence” moderated by Dr. Itamara Lochard, 10 February 2010 in a closed session at the Center for Strategic and International Studies.  Building upon Cooper’s study, Dr. Lochard presented a paper on “Strategies for International Space Stability” at CyCon 2012 in Tallinn, Estonia hosted by the NATO Cooperative Cyber Defense Center of Excellence.