Monday, August 31, 2015

American Users are Causalities of International Data War

In a recent article by the LATimes it references foreign countries creating large databases of American military and government workers for use to blackmail, recruit and craft dedicated spear phishing campaigns towards U.S officers and officials.   

This is a concern, because with every hack (Anthem, OPM and even Ashley Madison) nation state attackers are able to garner and piece together the growing puzzle that is the American government user base. These are also only the hacks we now about and I’m sure there’s a ton that have gone without notice, so with every new hack nation states are dropping down another piece of the puzzle. Many times they don’t even have to perform the hack, they just need to take the data from others that have posted their work on the dark webs (E.G Ashley Madison database on the dark web with .mil or .gov email addresses) as a gift towards their big data initiatives. With each new breach we’re giving away personal information that these nation states are using as evil marketers to learn more about their targets, which in this case is our government. This is interesting, because the government can attempt to perform as much security awareness on their employees, invest millions of dollars on technical security infrastructure all to be shot to hell by private sector hacks giving away information about government workers. This is by far the weakest link and the attackers have noticed it. There’s blood in the water and the sharks are circling.

The other problems with these attacks is that they doesn’t exclude others from being caught in their net and the intended targets, along with innocent user bystanders, are caught in the crossfire. With the Anthem breach (where the data hasn’t been seen for sale on the black market, so it’s most likely being used by a nation state) EVERY users data was scoped up for the entire company, whereas the intended targets were supposedly only government officials/officers. This is putting American citizens privacy in the middle of an international data war. We’re all becoming collateral damage, or throw away data, that’s most likely sold or reused later if needed, but still not the intended targets of the breach. It’s as if the American public was hit by a drive-by shooting and is just another victim of pointless violence. We’re all sufferers of nation state attacks, not just the intended targets.

"Clowns to left of me, jokers to the right, Here I am, stuck in the middle with you" ~ Stealers Wheel

Friday, August 28, 2015

Become a Recomended Vendor on www.frontlinesentinel.com

Within the next couple weeks this site is going to take form into a larger ecosystem of services, blogging, vendor reviews, etc. With that I'd like to see if there are any additional vendors looking to start the process with writing about their organization, services, market, etc. We have a template created already with questions we think buyers would want to know and hopefully use to make a purchasing decision. If you're interested, we'll have the template sent to you. 

There will be a section within the site to have vendors, as well as potential buyers, come to get a review of products currently in the market. I think it’s important to have another view of the product that will help organizations promote their brand and where buyers want to read. This can be very useful for both startups to gain press and industry veterans to gain more steam. 

I’ve personal spent so much time over the past couple years reviewing technology and want to come up with a complete listing of questions to have vendors answer that will assist with the selection process (this will eventually be refined by product, but for now we have to start somewhere with your help).


Over the next couple weeks, I’ll be collecting all the responses and adding them to the new site. Other vendors have asked me if there was a cost involved with this, and the answer is "No". We're looking to create a place where vendors can display their services and buyers can come and review them (all in one place). We kindly ask that you use your social media outlets to promote your link, but that's all. 

Please fell free to email me at frontlinesentinel@gmail.com for more information. 

Friday, August 21, 2015

The Secret History of Cyber Crime (Focus Training Infographic)

Here's a great graphic from Focus Training & Solutions regarding the "Secret History of Cyber Crime". You can find the link to their site here too.


Thursday, August 20, 2015

The Internet of Everything and the Virtual Battle for Your Data

The Internet of Everything and the Virtual Battle for Your Data

I would like to thank Front Line Sentinel for allowing this post to reach their readers. They have an outstanding variety of different security news stories and tips, and they are great to come back to every week to see what else is going on in the world of online safety. I was particularly informed by this piece on cars getting hacked.

As technology increasingly seeps into every area of our lives, we have to start considering the data that is being collected on us and what individuals and companies are going to do with it if they have it. In a term called “The Internet of Everything”, scholars are noticing the increased interconnectivity of devices, data, and our lives. This has some intended and unintended consequences, and also creates some important political issues that still need to be addressed.



Here are some things you should know about the growing internet of everything and the consequences of these developments:

How Does One Define “The Internet of Everything”?

Otherwise known as “The Internet of Things”, this term refers to the fact that more objects, appliances, and devices are connected to the internet in one way or another, taking and giving data and contributing to the larger network that is the internet. While a common joke might be that the internet of everything will result in your toaster connecting to the internet, such prototypes exist, and you probably can expect something along those lines in the next decade, for better or for worse. All of your smartphones are connected to the internet, and many television sets have that same capability now. Try to imagine the result of the internet of everything being the ability to pay for a vending machine soda with your smartphone.

What is more important than the specific objects though, is what this means for the development of the internet. With more devices connected to the internet and more people connecting to the internet all over the world, this means more data coming in to share with the world and create greater understanding of how we as a society work. The growth of the internet now is not going to happen at a linear rate, but an exponential one, at least for the foreseeable future.

Yet it is important to not become overhyped or otherwise put unrealistic expectations on the internet of everything. It is not going to threaten your physical security, and it isn’t going to change the world overnight. What it will do is change the way you interact with the world by giving you a greater level of information for your decision making and open up new technological solutions for everyday problems.

Why Your Privacy Matters

Relating to the internet of everything and the data collected, your privacy matters for the simple reason that your information is yours to share or not share as you please. Yet companies, whether you know it or not, are using their data to profit off of you. The simplest case is how your data is used and owned by social media companies. If you weren’t already aware, whenever you share something on social media, there are records kept of that and keywords are logged. You should also be aware that governments are doing the same thing, where they are creating massive programs to conduct surveillance on both citizens and non-citizens alike.

While there are political debates happening all over the world on this issue, there are things you can do now that can at least partially help to protect your data, whether it be from cybercriminals who want to sell your data for identity theft reasons or organizations looking to data mine. Some people simply don’t use social networks, others try to take political action, and many others use tools you should know about.

The best tool to use a Virtual Private Network (VPN), which is a service that connects to an offsite secure server which will mask your IP address and makes you appear as though you are browsing the internet from another location, allowing you a greater degree of privacy. It uses encryption on the connection so that you will be able to use any network safely from your device, keeping it away from those who would intercept your valuable data on a public network. While it won’t necessarily protect data mining of your social network accounts, it will protect those accounts and the confidentiality of all your other online activity. When looking for a good VPN, you’ll find there are many options, so you need to read some VPN reviews online in order to make an informed decision.

What is Going to Happen to Your Data?

The short answer to this question is: it depends on what the laws dictate in a few years from now and whether any other major developments occur in the world of technology (this will likely be the case). Currently in the United States, there is a push to create a consumer privacy bill of rights and other legislation that would allow you to own the information you create online and any information that is about you or related to you. This would be a massive shift in how the internet works, and it would be impossible to predict for certain how companies or people will react.

Alternatively, companies seeking to make a profit in the meanwhile and future might clamp down on their users and take even more data (if that is even possible) to sell to interested parties to analyze. This could mean that data you thought was yours or safe will not be so safe in the future, or you will have to choose between using certain social media sites and having any control over what you post or create.

For now though, your personal data is still in an environment that could be considered something like the Wild West. It can be pretty much used at will, and if there are laws in effect that protect it, they aren’t particularly well-enforced, leaving it your effective responsibility to protect it. You will likely have to pick a side in the upcoming political battles over the issue, and the best thing you can do is try to protect yourself and educate yourself on the issues until then.


Thank you for reading, and I hope that you are prepared for the precedent-setting and interesting events that are to come.


Bio: Isa Cox is a writer and blogger who likes to focus particularly on internet security, new technological issues, and world events. She particularly enjoys sharing this information with the average user so that they can make informed decisions about their technology.

Thursday, August 6, 2015

Finding a needle in a needle stack (Hunting the bad guys)

If you're performing incident response you understand the pain of looking for through heaps of data and alerts that wind you down a rabbit hole. This is not only wasting your time, but it's having your eye's off the alerts that really matter, if they're even showing up. You're getting WAY to much data to your screen on a daily basis and we need to start being more focused with the alerts we receive by utilizing the intelligence of the network.

In this article I write about the technology and ways to achieve this goal. You can read it here.


Wednesday, August 5, 2015

Qualys Continous Monitoring

Qualys recently came out with a cloud service called "Continuous Monitoring" that monitors your perimeter assets for vulnerabilities and threats. This is a constant scan looking for threats to your public IP range and notifies you right away to limit the time-gap of public vulns being remediated. There are so many improperly configured devices, open ports, systems popping up with vulns that it's becoming mandatory to scan your edge 24x7. Pretty cool.

Take a look at it here.

Monday, August 3, 2015

Wi-Fi Sense? Why oh why?

I'm still very confused as to why Microsoft would even consider putting Wi-Fi Sense into Windows 10. Honestly, it makes no sense and nothing good from a security perspective could come from handing out access to you Wi-Fi network. Microsoft says it's safer than having to write down your Wi-Fi credentials and it's less awkward. Um, well, no. Here are a few things that concern me:

  • This wasn't a security hole in the last OS, since it didn't exist, and now it is. They've just opened up the threat landscape towards more attacks, not tightening down their security. Over the years Microsoft has made large strides in securing their OS, but this is just plain out silly.
  • Having the ability to share your Wi-Fi passwords with your contacts (Facebook, Skype, etc.) could become a disaster. What if a celebrity accidentally shared out Wi-Fi access to their multitude of followers? We're not talking about giving your Wi-Fi password to your Grandma. There could be serious stalkers, or malicious intent going on with people who were just handed the abilty to access these Wi-Fi network. Many times network discovery is disabled, but does that mean it will be? Either way, this is just another hole.
  • Also, if you're going to give out the credentials to your Wi-Fi, who cares if you're going to write it down at this point? I know people might be reusing this password, but at that point just say "No". 
  • This is also the reason that most Wi-Fi home routers have a "Guest" network. It's so you can setup a Wi-FI network for, wait for it..............Guests. That's right folks, you actually don't need to give out the password you might have been reusing on your personal Wi-Fi and can create an entirely separate network for your guests. Just make sure your password and SSID don't offend Grandma.
  • What if I want to share my employers Wi-Fi? Is that against policy? Can I just send this information up to the cloud and hope that no one will abuse it? Seriously, this is a problem. There are so many questions about this service from a security perspective, and such little win, that it should just be removed from the OS completely. 
  • There's a reference that the paraphrases will be stored on Microsoft's servers (aka cloud). I don't care if it's encrypted at rest, this is something I don't want stored in a cloud that I can't control, from a company that's been known to hand over customer information on whim. 
If you're running Windows 10, and don't want to hand out access to your Wi-Fi network, you can disable the feature or name your SSID with _optout in the title. This of course let's everyone know you're running Windows 10, but it's better than the alternative.