In response to increasing cyber threats targeting the U.S. government, defense contractors and the nation’s critical infrastructure, the Department of Defense released its new strategy for protecting our nation’s systems and networks from cyber attacks. While it’s a nice first step, many critics are wondering if the government can actually pull it off. In the same vein, the shift to virtualization has many businesses re-thinking their existing security approaches. Will virtualization mark the end of traditional host-based antivirus solutions as we know it? Here are some of the top endpoint security stories for July 2011.
DoD’s cybersecurity plan creates more questions than answers
In July, the Department of Defense released its new strategy for operating in cyberspace, and how it plans to protect our nation’s computer systems and networks from cyber attacks. The plan includes a number of initiatives such as treating cyberspace as a domain it defends (with land, air, sea and space), introducing new network defenses to detect and stop malicious code, coordinating with the private sector, and working with other countries. However, in the article, “Critics: U.S. cyber security plan has holes, few new items,” the document has many analysts like Rich Mogull of Securosis wondering if the DoD can pull it off. ( Read More… )
When it comes to virtualization security, there are many things that people don’t even know are problems, or don’t even know they need to address. In our recent webinar, “10 Things You Don’t Know about Virtualization Security”, IANS faculty member and Voodoo Security founder, Dave Shackleford, and CoreTrace’s CTO and founder, Dan Teal, provided their unique perspectives on things that often get left out of the picture when securing a virtual environment, and examples of how the scale of virtualization can blindside an organization before they even know what hit them.
Some of the issues they explored include:
1. You have more virtual systems than you know: Virtual sprawl is the ability to rapidly provision systems. However, it can also increase vulnerabilities such as unknown systems that aren’t properly patched or kept up with from a configuration or security standpoint. Understanding everything in your environment is a major problem in the virtual world. It’s really all about inventory, and keeping up with systems and making sure you’ve got change management in place.
( Read More… )
As a former Air Force information warfare officer, and a member of the military’s red and blue teams for many years, I believe the Department of Defense’s new “Strategy for Operating in Cyber-Space” is a small step towards developing a security plan for protecting our nation from cyber attacks. What leaves me a little perplexed, however, are the realities the DoD is up against in achieving the five strategic initiatives that have been outlined in the document.
As I was going through the plan, what struck me first was the fact that the U.S. has publicly called out to the world that cyberspace will be added as one of the operational domains, retaliating to any attacks against it in the same way it would to attacks by land, sea, air and space. Saying that it plans to aggressively train, organize, collaborate, and strengthen relationships with global partners sends a strong message to the international community about its intentions to take full advantage of cyberspace’s potential, as well as how the government plans to deal with and respond to threats against this domain. While the plan still leaves many questions around attribution and countermeasures against any such attack, I think the clear and unambiguous addition of the domain is an important step to deter cyber attacks targeting the U.S. government and our nation’s critical assets and infrastructure. ( Read More… )
Most recent comment:
Richard Smith
Tony Jenning's whitepaper on DOD Cyberspace strategy poses a challenge that involves national defense weapons system acquisition reform. Solutions ...
Computer hackers by and large focus on the weakest link of an organization’s security system. Whether it’s an unprotected server, a newly discovered system vulnerability, or an unsuspecting employee’s computer that is connected to the corporate network, cyber criminals are experts at sniffing out the weakest link.
On the surface, this week’s breach of 90,000 military e-mails and password hashes may look the same. After all, the hackers claiming responsibility for the break-in did so through an unsecured server in a network that basically had no security measures in place. What’s different about this attack, however, is the exploited server was not the military’s. The server belonged to government contractor, Booz Allen Hamilton. In other words, this criminal strategy went beyond the walls of an organization’s own network defenses.
In the case of the Epsilon security breach, where millions of customer email addresses were compromised, hackers targeted a single entity to steal private data on many of the marketing giant’s big-name customers like Chase, Citi and Target. The Booz Allen hack reverses that scenario. Instead of going after one to get to many, cyber criminals targeted multiple entities to get to one. ( Read More… )
Most recent comment:
Bill Ross
OK Gang WAKE UP. It is absolute war out here now and I have had it with all the ...
We’ve always known how tenacious hackers are, working around the clock to infiltrate corporate networks. In June, we found out just how efficient they are. Mutating malware that bypasses security updates within hours and unconventional cyber attacks on seemingly secure networks have prompted the need for stronger endpoint defenses. For many, whitelisting is the answer. Here are some of the top endpoint security stories for June 2011. ( Read More… )