Hack The Planet

While a lot of the news around the hacking of Google by China one of the more interesting pieces of this story is that Google hacked back.

Google’s secret counteroffensive managed to gain access to a computer in Taiwan that it suspected of being the source of the attacks. Peering inside that machine, Google engineers actually saw evidence of the aftermath of the attacks, not only at Google, but also at at least 33 other companies, including Adobe Systems, Northrop Grumman and Juniper Networks, according to a government consultant who has spoken with the investigators.

This is what happens when one super power attacks another.

When you are pulling out cash from an ATM it is best to keep your eyes open. Whether it is an ATM Skimmer or an entirely fake ATM, it is probably best to double check before you insert your card. Of course, this is only important if your money hasn’t already been stolen by one of the money mule crews.

What ever happened to ski masks and fake guns?

UPDATE: Even Bruce Schneier admits he would not have noticed this.

Darpa, the research arm of the pentagon, is reporting that there is has been a decline in the number of kids growing up to be geeks and that poses a threat to our ability to compete on the international stage.

My advice, get parents to stop telling their kids to go outside. Nothing says geek like pasty skin.

There is an awful lot of malware and spyware that likes to claim to be something it is not. Like Anti-Virus, or Facebook Apps, or even a program to reset your Steam Password.

Remember, a rose by any other name is still a hack.

The attacks on Google and 33 other companies that were announced this week have been named Operation Aurora by McAfee. The attack was extremely sophisticated using dozens of pieces of malware, encryption and zero-day vulnerabilities to compromise their victims networks.

This is going on all the time. Most civilians probably don’t realize that there is a cyber war going on all time around them.

Sometimes it is better late than never. Hopefully this is one of those cases. There have been reports all over the internet about China hacking Google and Google’s response by turning off their censoring services.

One of the things that I am taking away from this is the ability for a company/organization to be on equal footing with a country. The power has been shifting for decades from government to corporation. If a corporation is large enough to force a government to bend to its will then it is pretty obvious who is in control.

In this case China isn’t bending but the story isn’t over yet so it will be interesting to see how it ends.

I have been in a team meeting/training all week and have had no time to read let alone write on all of things going on in the big bad world of security this week. I figured I would start off with some data breach news.

Lincoln National Corp. (LNC) last week disclosed a security vulnerability in its portfolio information system that could have compromised the account data of approximately 1.2 million customers.

Now, data breaches are going to happen. As long as there is information that criminals want to get then they will find a way to get it. But in this case it is really just people being stupid. Apparently there were groups of users sharing user names and passwords to access their portfolio site. Common sense security.

If you have worked in security or just read articles on security for any length of time you will realize that all you are trying to do is provide risk avoidance. To this this you have to be good at assessing risk and then working to minimize it. I am constantly bombarded by sites discussing how we as humans are awful at risk assessment. Maybe this is what makes a good security professional, the ability to see through the false positives and find the real threat.

Bruce Schneier posted today about the cracking of a FIPS certified encrypted USB key. The attack from the original article:

“During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations — and this is the case for all USB Flash drives of this type.”

Bruce calls out that “FIPS 104-2 Level 2 certification only means that certain good algorithms are used, and that there is some level of tamper resistance and tamper evidence.”

Does it really matter that these USB keys have been cracked? The reason I ask is that everyone cares so much about the Cloud and having their data secured in the Cloud that it seems like securing removable media is taking a back seat. If the person who has the encrypted USB key also copies their files to the Cloud will they care that the USB is crackable or will they focus on how to protect that data in the Cloud.

So it was just a matter of time until the iPhone got it’s first worm. This is what happens when you have a very large user base with the belief that nothing can ever hurt them. Apple’s marketing team has done its job.