The Korean DoS Attacks, Securing the Sofware Supply Chain and More
July 13, 2009 Leave a comment
I will take potpourri for $200 Alex…
- Triumfant CEO John Prisco is quoted in the July 10 post of Byron Acohido’s The Last Watchdog blog regarding the Korean DoS attacks. These attacks have taken an interesting turn as the botnets created by attackers are now literally turning on the infected machines, deleting files and ultimately corrupting the system until it will not boot. I have read a lot about this attack from many respected members of the IT security community. Some have assessed the attacks as unsophisticated and poorly executed while others like Acohido and Brian Krebs of Security Fix (which was targeted in the actual attack) are speculating on if is a practice run – a war game – for more targeted attacks down the road. Either way, it is one of the most interesting story lines since we were all gripped with Conficker fever in the early spring. I suspect there will be more intrique to come. If it was a war game, it will be interesting to see how the good guys grade themselves.
- I posted a blog entry in June about Securing the Software Supply Chain and how Triumfant can help manage that important part of any organization’s security strategy. The white paper on the subject is now available on the Triumfant web site for your reading pleasure. Since many defensive products do their monitoring as malicious software is inbound to the machine, attacks imbedded in what appears to be legitimate software may evade protection. Because Triumfant looks for changes on endpoint machines, it will detect the event where the imbedded malware “wakes up” and begins its malicious activity.
- I recently was away at the beach for a week with my family. I mention that because I did not tweet or blog about the fact that I was gone as there have been reports that people have been robbed after letting the world know through social media outlets that they would be away from their home for extended periods. Which brings me to two points. First, never underestimate the speed in which the bad guys will find and exploit new paths – in this case social media – to do their criminal work. Second, security, whether it is IT security or physical security, requires an element of good old prudent thinking to succeed no matter how much technology is deployed. Human factor eengineering (or stopping stupid as I call it) has been and will always be the biggest failure point in security.
- Isn’t it time for someone in the Obama Administration to tell us why we do not have a cyber czar yet? I mean really. I agree with our CEO John Prisco completely and join him in wondering why they would first make the announcement without a person in the spot much less go six weeks after the announcement without a nomination. The claims of IT Security being a priority are starting to sound very hollow.