My earlier post about Advanced Persistent Threats just got more interesting. Today, the Wall Street Journal confirmed that China Telecom redirected up to 15% of all of internet traffic on April 8th, 2010. The attack targeted US Government Servers, Dell, IBM, Yahoo and Microsoft.
This means that Google is not alone, since they were viciously attacked in December 2009 (see previous post). In fact, what is interesting is that so far, the only company to stand up to the Chinese has been Google. How will these companies react? Hard to tell since these kind of attacks are nearly impossible to stop, except that this attack was preventable.
So how did they do it? It was the result of changing the routing tables that are generated by network routers. As I have said in the past, the world is not a nice place and trusting all of the actors on the internet is no longer a smart business proposition. No enterprise and no government can really assume that they are not at risk from these types of attacks.
The net result of all of this is that a private, secure business network will emerge. Companies, such as the government owned China Telecom, if they keep perpetrating this kind of alleged behavior, will be blocked from conducting business outside of China.
Showing posts with label Advanced Persistent Threats. Show all posts
Showing posts with label Advanced Persistent Threats. Show all posts
Thursday, November 18, 2010
Wednesday, July 7, 2010
Cyber Warfare and the new Era of Advanced Persistent Threats
Cyber Warfare is here and your PC is the tool that becomes a weapon. How it does so is up for debate, but facts that have come to light indicate that the PC you pick, the browser and reader you use and the apps you run are being harnessed to launch cyber warfare attacks on you, your company and your country.
I wrote about the hack of Google earlier this year and since then even more information has come to light. The fact that so much of Google's infrastructure was compromised is probably why Google was so angry.
The issue for the normal user and for any IT Pro is that Operating Systems, Flash Players, PDF viewers are all being exploited through zero day vulnerabilities. It isn't just one application that is being exploited. It is a combination and that suggests a much higher level of sophistication than we have known so far in the Internet generation.
The Cocktail combo used to get Google appears to have been PCs with IE 6 running on them. That browser, combined with Facebook Instant Messaging, could enable a fatal trojan to be loaded onto the target PC. After that, it was easy.
Google's reaction was to stop support for IE6. It is a true statement that Adobe has had as much heat for security flaws as Microsoft. Apple has also quietly been issuing security updates at the same frequency as Adobe and Microsoft.
Even more telling is how these attacks are now being labeled. George Kurtz of Mcafee writes. “These highly customized attacks known as ‘advanced persistent threats’ (APT) were primarily seen by governments and the mere mention of them strikes fear in any cyberwarrior. They are in fact the equivalent of the modern drone on the battle field. With pinpoint accuracy they deliver their deadly payload and once discovered — it is too late. All I can say is wow. The world has changed.”
Corporate Security is a big issue and it cannot be ignored. The wrong OS or Browser or player puts you at risk. Most of the Analysts I know are not taking a strong position on this. The risks are clear: gamble and you lose source code or even more.
It is clear that higher levels of defenses are needed. The first step is knowledge. Check out this link for some courses. Raise your browser security levels and look for best practices like the plug-in checker from Mozilla. Lastly, consider disconnecting certain corporate systems from the regular network (ie a standalone network). Don't wait. Put together a new plan now.
I wrote about the hack of Google earlier this year and since then even more information has come to light. The fact that so much of Google's infrastructure was compromised is probably why Google was so angry.
The issue for the normal user and for any IT Pro is that Operating Systems, Flash Players, PDF viewers are all being exploited through zero day vulnerabilities. It isn't just one application that is being exploited. It is a combination and that suggests a much higher level of sophistication than we have known so far in the Internet generation.
The Cocktail combo used to get Google appears to have been PCs with IE 6 running on them. That browser, combined with Facebook Instant Messaging, could enable a fatal trojan to be loaded onto the target PC. After that, it was easy.
Google's reaction was to stop support for IE6. It is a true statement that Adobe has had as much heat for security flaws as Microsoft. Apple has also quietly been issuing security updates at the same frequency as Adobe and Microsoft.
Even more telling is how these attacks are now being labeled. George Kurtz of Mcafee writes. “These highly customized attacks known as ‘advanced persistent threats’ (APT) were primarily seen by governments and the mere mention of them strikes fear in any cyberwarrior. They are in fact the equivalent of the modern drone on the battle field. With pinpoint accuracy they deliver their deadly payload and once discovered — it is too late. All I can say is wow. The world has changed.”
Corporate Security is a big issue and it cannot be ignored. The wrong OS or Browser or player puts you at risk. Most of the Analysts I know are not taking a strong position on this. The risks are clear: gamble and you lose source code or even more.
It is clear that higher levels of defenses are needed. The first step is knowledge. Check out this link for some courses. Raise your browser security levels and look for best practices like the plug-in checker from Mozilla. Lastly, consider disconnecting certain corporate systems from the regular network (ie a standalone network). Don't wait. Put together a new plan now.
Subscribe to:
Comments (Atom)