it-security

Learn How To Spot A Phishing Email

Internet users should always be cautious when reading emails from anyone other than their trusted ‘Contacts’, but in general there are some clues you can look out for when you suspect that an email may be a phishing message.

  • False email address – often a phishing email will have a bank’s name in the display name. If you hover your cursor over the email address, a pop-up window will show you the actual URL of the sender. If it is different from the display name, then it is quite probably suspect.
theatlantic.com
Raising the Retirement Age Is Just a Sneaky Way of Cutting Social Security Benefits
Some Republican candidates are promoting a policy change that would hurt workers by disguising it with a pleasant-sounding phrase.
By Teresa Ghilarducci

Extremely well written article that explains why so many on the right are clamoring to change Social Security, and why it doesn’t need to be changed. It also explains what exactly those changes would do to people if they would be enacted. Pretty important for people who are close to retirement, and for those who don’t know what would happen to them when they retire later in life.

Getting To Swift Cyber Justice
External image

The first Department of Defense Strategy for Operating in Cyberspace is out (July 2011).

Of course, like the plans that came before (e.g. Cyberspace Policy Review), it emphasizes the imperative for cyberspace protection. Some highlights:

  • DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial or service of access or service…, and the destructive action–including corruption, manipulation, or direct activity that threatens to destroy or degrade network or connected systems.”
  • Cyber threats to U.S. national security go well beyond military targets and affects all aspects of society. Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks and systems that control civilian infrastructure.”
  • Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies.”
The strategies for cyberspace protection in the DoD plan include treating cyberspace as an operational domain; innovation; partnership; and so on. But we need to leverage our strengths even more.

As the Wall Street Journal pointed out on 15 July 2011: “The plan as described fails to engage on the hard issues, such as offense and attribution.” If we can’t even identify who’s attacking us, and fight back with precision, then we’re flailing. Some may express the concern that we would have all-out war by attacking those who attack us. However, what is the alternative besides confronting our aggressors?

The concept of operations is straightforward: Any computer device that is used to attack us, would immediately be blocked and countered with equivalent or greater force and taken out of play. This would mean that we are able to get past cyber-bot armies to the root computers that are initiating and controlling them, and dealing with them decisively. This would hold regardless of the source of the attack–individual or nation-state.

The DoD plan acknowledges our own unpreparedness: “Our reliance on cyberspace stands in stark contrast to the inadequacy of our cybersecurity.” As in the Cold War, there must be no doubt with Cyber Warfare (as with nuclear) of our ability to inflict devastating second-strike or preemptive attacks with deadly precision.

Until we have unambiguous hunter-killer capability to identify and locate perpetrators of cyber attacks against us and the ability to impose swift justice, we are at the mercy of our aggressors. We can only have peace in cyberspace when we have the strength to stand up and defend it.

Now we must move with cyber speed to build this capability and stand ready to execute our defenses. Admiral Mike Mullen was quoted this week (18 July 2011) in Federal Times as saying: “The single biggest existential threat that’s out there is cyber...It’s a space that has no boundaries. It has no rules.”

We must become even better–much better!(Source Photo: here)
External image
Essay time!

This is a submission for my ITsec Law class…not sure if I can post this yet without getting in trouble…I really don’t care.

Backdoors to Encryption Programs – Where and why they fail

With the ever-changing information landscape, it is not uncommon for governments to seek ways they can control communication in the interests of both law enforcement and national security. One piece of legislation here in the US that originally appeared in 2001, and again in 2010, proposes a requirement for vendors of encryption software to create back doors in their methodology, and to disclose that back door to the government. This has several flaws, from the inherent security risks of leaving easily exploitable holes, to hindering business’ protection from competitive spying. This also leaves our communications wide open for adversarial countries, such as China, to eavesdrop.

Keep reading

Virtualization and Enterprise Architecture

“[Virtualization is] a technique for hiding the physical characteristics of computing resources from the way in which other systems, applications, or end users interact with those resources. This includes making a single physical resource (such as a server, an operating system, an application, or storage device) appear to function as multiple logical resources; or it can include making multiple physical resources (such as storage devices or servers) appear as a single logical resource.” (Mann, Andi, Virtualization 101, Enterprise Management Associates (EMA), Retrieved on 29 October 2007 according to Wikipedia)

Virtualization places an intermediary between consumers and providers; it is an interface between the two. The interface allows a multiplicity of consumers to interact with one provider, or one consumer to interact with a multiplicity of providers, or both, with only the intermediary being aware of multiplicities. (adapted from Wikipedia)

ComputerWorld, 24 September 2007, reports in “Virtual Machines deployed on the Sly” that according to an InfoPro survey “28% of the respondents said they expect that half of all new servers installed at their companies this year will host virtual applications. And about 50% said that, by 2010, at least half of their new servers will likely host virtual software.

What are the major concerns in going virtual?

  • Service levels—users are concerned that performance will suffer without having dedicated hardware to run their applications.
  • Security—there is concern that application and information security will be compromised in a virtual environment.
  • Vendor support—“some vendors won’t support their software at all if it’s run on virtual machines.”
  • Pricing—pricing for software licensing utilized in a virtual environment can be higher due to added complexity of support.

From a User-centric Enterprise Architecture perspective, plan on moving to virtual machines. There is potential for significant cost savings from consolidating IT infrastructure that includes reducing the number of servers, reducing related facility costs, as well as increasing overall utilization rates of machines and balancing loads to achieve greater efficiency. Soon there is no need for a dedicated server to host applications anymore.

External image
theregister.co.uk
Election hacked, Futurama's Bender elected to school board

RSA 2012 Security experts have warned that electronic voting systems are decades away from being secure, and to prove it a team from the University of Michigan successfully got the foul-mouthed, drunken Futurama robot Bender elected to head of a school board.

In 2010 the Washington DC election board announced it had set up an e-voting system for absentee ballots and was planning to use it in an election. However, to test the system, it invited the security community and members of the public to try and hack it three weeks before the election.

“It was too good an opportunity to pass up,” explained Professor Alex Halderman from the University of Michigan. “How often do you get the chance to hack a government network without the possibility of going to jail?”

With the help of two graduate students, Halderman started to examine the software. Despite it being a relatively clean Ruby on Rails build, they spotted a shell injection vulnerability within a few hours. They figured out a way of writing output to the images directory on the compromised server, and of encrypting traffic so that the front-end intrusion detection system couldn’t spot them. The team also managed to guess the login details for the terminal server used by the voting system. This wasn’t exactly difficult, since the user name and password were both “admin”.

Once in, the team searched the government servers for additional vulnerabilities and system options. They found that the cameras installed to watch the voting systems weren’t protected, and used them to work out when staff left for the day and so wouldn’t spot server activity. More worrying, they also found a PDF file containing the authentication codes for every Washington DC voter in the forthcoming election.

The team altered all the ballots on the system to vote for none of the nominated candidates. They then wrote in names of fictional IT systems as candidates, including Skynet and (Halderman’s personal favorite) Bender for head of the DC school board. They also set up systems so that any further ballots would come under their control.

According to the log files the team found, plenty of people were also busy trying to get into the system. They spotted attempts to get in from the Persian University, as well as India and China. Using their inside access, they blocked these attacks. Finally, they inserted the word “owned” onto the final signoff screen of the voting page, and set up the University of Michigan football fight song to play after 15 seconds.

It took two days before the authorities discovered they’d been pwned, and they were only alerted to that fact when another tester told them the system was secure, but that they should lose the music on the sign-off screen, as it was rather annoying. Halderman has now published a full account of the attack.

The attack demonstrates several of the flaws in electronic voting systems, and at numerous sessions at the RSA 2012 conference in San Francisco, experts have consistently warned against the dangers of this technology. In the US, there are 33 states that have introduced some kind of electronic voting systems – and none of them are secure enough to resist a determined attacker said Dr. David Jefferson from Lawrence Livermore National Labs.

“The states are in the habit of certifying voting systems, typically without testing them or seeing the source code,” he said. “In many cases the voting system uses proprietary code that government can’t legally check, and the running of the systems is outsourced to the vendors. This situation is getting worse.”

E-voting was a national security issue, he said. Financial attacks by hackers are relatively easy to detect – because at some point money has to leave the system. But if an election is hacked then we may never know, because it’s a one-time action that typically isn’t checked after the results have been announced and officials elected.

It will be decades before we have the technology to vote securely, Jefferson said, if indeed it is even possible. At stake is democracy itself, but politicians don’t seem to understand the problems of electronic voting, and both Jefferson and Halderman expressed fears for the future if current systems become more popular. ®

Ποιές πόλεις είναι ευάλωτες σε διαδικτυακά εγκλήματα το 2012;

External image
Μια νέα έρευνα της εταιρείας Norton αναφέρει ποιες είναι οι 10 πιο ευάλωτες πόλεις σε επιθέσεις hacking. Κάθε πόλη κατατάχθηκε ανάλογα με τον αριθμό υπολογιστών και smartphones που χρησιμοποιούνται σε αυτή καθώς και τα Wi-Fi hotspots. Το Μάντσεστερ φαίνεται πως είναι η πιο επικίνδυνη πόλη αναφορικά με έκθεση σε διαδικτυακά εγκλήματα ενώ το Βανκούβερ βρίσκεται […]

Διαβάστε περισσότερα »»» http://dlvr.it/1FTrs8

Security Tips

     First let me introduce myself.  I am Josh Roseberry of Greensburg, Indiana.  I have lived in this small town my entire life.  I made the so wise decision to attend online courses at Phoenix University.  Yes I realize Phoenix is not exactly a well respect school.  I also realize online courses don’t gain a lot of respect either.  I spend a good portion of my time studying Information Technology concepts.  I am pursuing my Bachelors of Science in Information Technology with a focus on Networking and Telecommunications.

     I currently live in a one bedroom apartment complex.  This makes wireless security a bit of a concern for me as all my devices are currently wireless.  I currently have a Cisco® Lynksys WRT320N Dual Band wireless-n gigabit router.  I do use WPA2 security mode yet with a recent firmware upgrade I no longer have the choice to select encryption and authentication protocols.  This is a shame because I do prefer TKIP over AES.

     I can provide some tips.  If you live in a crowded area and are concerned about other people getting into your network through a wireless router do some of these steps.  Make sure you use a strong pass phrase.  It should be between 8 and 10 characters long and include both upper and lower case letters as well as numbers.  To take the security higher through in some special characters as well.  Some special characters that are commonly used are $%#@^&.

     The next step is to use mac filtering and reservation.  On my home network only mac addresses I enter into the wireless mac filter will be allowed wireless access.  Adding a DHCP mac reservation for those mac addresses will give you an idea of what is connected to which IP.  This takes a bit more setup but is perfect for smaller networks.

     While these tips should be common sense to IT experts, not all consumers are aware.  I will be back later with some more tips.