Saturday, January 29, 2011

Egypts Internet Goes Dark, Shuts Down Cellphone Service

In Egypt, where there's an anti-government movement due to corruption, a failing economy and lack of freedoms, citizens have taken to the streets in protest.

Due to the continuous uprising of people protesting, Egypt has taken the country off-line. As of Thursday night at 10:12pm local time, all 4 major ISPs in the country "went dark" within a 13 minute time frame. There is no communication inbound or outbound from the country except for a few government sites and their stock exchange. The Egyptian government also asked mobile operators to go offline, leaving the local telephone carriers as the only form of communication in the country.

In the past countries have blocked sites like youtube, twitter and facebook to try and contain the protests that were occurring in their countries. In the Egyptian case they didn't block by domain name, but instead removed access completely to the internet. I'd be very interested to see the financial loss that's occurring to business due to having no internet presence. This means no e-mail, ftp, or http traffic going into or out of the country. How are international businesses supposed to operate if they can't communicate? Egypt is hurting themselves financially by trying to cover up whats going on in their country. Egypt is also a major hub between Africa and the middle east and its likely that by pulling themselves off the internet, they've distrusted connections to other countries. This wasn't thought out properly.

I don't see what they're trying to prove here? Everyone in the world knows that they're rioting, and they think that by pulling the plug they'll fool everyone into believing that every things okay? Didn't they learn from the Iranian elections?

Lastly, with all the talk about the Obama administration wanting to create an "Internet Kill Switch" in America, the Egyptian case scares me even more. Is this why they want to create the American kill switch? The Obama administration wants it in place to protect the government and critical infrastructure, right. The Egyptians obviously didn't have one in place because there was a time gap between each ISP going down. Due to the infrastructure in America and the number of ISPs it would be incredibly difficult to shut us off the internet like the Egyptians, but creating this "Kill Switch" to have us removed is terrifying.

Thursday, January 27, 2011

The Ultimate Post About ATM Skimmers

This is by far the most exhaustive post I've ever read on ATM skimmers. Brian Krebs has one of the most popular security blogs on the internet, and with posts like these its no wonder why.

I would highly suggest reading this article(s) and learning about all the methods hackers use to compromise your ATM card. Fascinating.


http://krebsonsecurity.com/all-about-skimmers/

Facebook enhancing security with HTTPS

Facebook announced that it will be rolling out the ability to use HTTPS for communication between your browser and their servers. This coming one day after facebook founder, Mark Zuckerberg's, facebook profile was compromised.

Previously facebook would secure you credentials after authenticating, but would than pass all other traffic over the Internet unencrypted. Using simple tools like firesheep (http://codebutler.com/firesheep), allows hackers to gain access to sites sending data over in clear-text after the initial encrypted credentials were secured. Many other sites need follow facebooks lead and jump on the SSL band wagon (twitter.com, gmail.com, flickr.com, etc..)

Facebook said that over the next couple weeks everyone will have the ability to activate HTTPS for their profile. As big a step as this is for one of the largest sites on the internet, the end goal should be to not only have voluntary HTTPS access, but to have a completely secure browsing experience. They need to work out some bugs (pages loading slower, apps not working, etc), but the vision should be to have end-to-end encryption during the entire session.

People are putting their entire lives on Facebook and the least they could do is make sure its secure.

Tuesday, January 25, 2011

The Government Wants To Control The Internet

The government is obviously making a big push towards gaining more control over the internet. I'm not sure how this is going to play out for our benefit, but I can see both sides of the coin. The major issue I have is giving the government any more power. Here are a few things that are currently going on now with cybersecurity and the United States government.

Internet Kill Switch
http://www.cbsnews.com/8301-501465_162-20029302-501465.html

At first glance this is absolutely terrifying. Giving this much power to the government over a private company is outright scary. This is still in its early phases of legislation, but I can see some good with the government monitoring the infrastructure of national critical systems (Nuclear plants, Dams, etc.), but giving them the power to cut them off from the world seems a little intense. I think improved regulations, monitoring, and vulnerability assessment/remediation against these sites would be better than a kill switch. At least here they're taking a proactive approach. Plus the ISP could always cut them off if needed in a real disaster. I think we need more details as to what classifies a company under this law and under what conditions would they be "switched off".

This was a scary line:
A company that objects to being subject to the emergency regulations is permitted to appeal to DHS secretary Janet Napolitano. But her decision is final and courts are explicitly prohibited from reviewing it. 

Broader Wire Tapping
http://www.engadget.com/2010/09/28/u-s-officials-push-for-broader-internet-wiretapping-regulations/

This one annoys me the most. In efforts to catch bad guys the government wants to have the ability to listen in on anything they want over the internet, including Skype. This is a serious breach in privacy to the majority of America. I don't know why we keep thinking the bad guys are stupid? Once they allow us to tap into these areas they'll start using something else or putting encryption against their communication; we still won't catch them and we'll be the ones being tapped.

Internet Identity Management
http://www.businessweek.com/news/2011-01-07/internet-identity-system-said-readied-by-obama-administration.html

The issues I have with this are who is going to run it, why are they creating a single point of failure and why are they making a push for this? I don't think this is going to stop cyber crime in the least. If anything, once a hacker gets your credentials for one site he has it for all others. I'm not sure I by into this yet for home use.

“This is going to cause a huge shift in consumer use of the Internet,” said John Clippinger, co-director of the Law Lab at Harvard.  WOW!! You're a director at Harvard and you don't think people use the internet enough for commerce?

The new system will probably hasten the death of traditional passwords, Clippinger said. Instead, users may rely on devices such as smartcards with embedded chips, tokens that generate random codes or biometric devices. I hate to break it to you, but if you're putting in a random code its still a password.

"Do Not Track" Option Coming To A Browser Near You

Chrome, Mozilla and IE are all working on their version of an opt-out of personalized advertising. 

http://www.scmagazineus.com/google-mozilla-announce-new-do-not-track-features/article/194872/?DCMP=EMC-SCUS_Newswire

Handheld Devices Become Targets For Hackers

Handheld devices are swiftly becoming a new target for many hackers. Due to the large number of vulnerabilities and the sheer number of handheld devices in the wild, its no wonder that we've seen a huge jump in malicious apps for handheld devices.


The Cisco 2010 Annual Security Report (PDF) cited progress by Microsoft and other software vendors to improve security by providing updates, alerting users to potential flaws and making patches available to users. The progress on the desktop is going to force cybercriminals to shift their activities to mobile platforms, which often times have similar vulnerabilities, said Henry Stern, a CSIRT security engineer at Cisco Systems Inc. Apple, with the popularity of its iPhone and iPad and Android, with dozens of different smartphones are the likely targets, according to the report.

Friday, January 14, 2011

Google Pays Bounty For Chrome Bugs

Here's a proactive and ingenious way to rid your software of bugs. Now what happens when these people start selling the bugs to the bad guys for 10x the cost?


http://www.networkworld.com/news/2011/011311-google-pays-record-bounty-for.html

Saturday, January 8, 2011

The Building Cyber Threat Of Mobile Phones

As mobile phone users continue to grow exponentially every year, the threat of malicious intent involving smart phones increases as well. With the emergence of Google's Android OS appearing on multiple vendor phones, its only a matter of time before there's a major breach involving a major smart phone distributor.

Over the past year there's been multiple instances of malicious apps being downloaded from the Android Market onto a users phone, using simple social engineering tactics (I.E New Angry Bird Levels, Twilight app, etc.) that are all designed for information stealing, service theft or botnet creation. Some of these apps have the potential to steal information such as contacts, send out SMS texts, make phone calls and determine your location via the built-in GPS. These apps could theoretically be installed from any vendor store, but its more likely to be installed on an Android OS since they don't vet their apps as throughly, if at all before being placed on their "Market".   http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=228200946

Most major vendors like Apple and Google have something called a "Kill Switch", that will allow the app to be removed globally across all phones that have it installed. Once an app has been determined to have breached
the vendors policy they'll push the button and have it killed. Its not sure if the users will have the money reimbursed for the purchase of the app after its been killed. http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=211200988

Certain banking apps have also been compromised with "Man-in-the-browser" like attacks that end up stealing banking credentials that give attackers access to your banking credentials and account information. http://threatpost.com/en_us/blogs/zeus-variant-targets-mobile-online-banking-apps-092710

Right now there are a few vendors that are creating anti-virus for phones, but I don't think this is the road we should take considering that anti-virus isn't working now for PCs. http://usa.kaspersky.com/products-services/home-computer-security/mobile-security

All mobile phone users should not only password protect their phones, but they should encrypt the data that's stored on it. Both of these are simple settings that can be enabled on the majority of phones. This and using caution when downloading applications will prevent malicious activity on your phone for now.

Saturday, January 1, 2011

Shadowserver Foundation Taking It To The Bad Guys

The Shadowsesrver foundation is a volunteer-run organization that's collecting data on the dark side of the internet and assisting with hunting down the bad guys.

By working with ISP's and utilizing honeypots and other methods, they're able to glean an enormous amount of useful data that's making a difference in the fight against cybercrime.

Check them out: http://www.shadowserver.org/wiki/