The week in security: Grum battle won, but war continues

Authorities were claiming cautious success in the fight against spam after the Grum botnet was initially damaged, then brought down completely, after authorities took down some of its command-and-control servers. Despite claims the action had stopped half the world’s spam, it was hardly the end of spam, as Dropbox brought in the experts to figure out why some of its European users were being spammed to their Dropbox account-related email addresses.

Dropbox eventually concluded it had not been hacked, but only after social-media darling Pinterest instituted its own lock-down after a spam outbreak. Indeed, the endless game of security Whack-a-Mole continued unabated and no matter what kind of victory the forces of good may have eked out, there is still work to be done: an anti-phishing research group reported that phishing sites had reached an all-time high.

Nvidia was looking into the leak of encrypted passwords from its user forums and suspended its user forum as a precautionary measure, while the US Department of Homeland Security stepped in to warn of security vulnerabilities in the popular Niagara AX Framework.

Meanwhile, some tips were offered on how to figure out whether your competitor has been fed sensitive data by your ex-employee. A US judge threw out a case alleging LinkedIn had compromised user security by feeding user histories to advertising companies.

Vendors were tweaking their security models to address current and potential security problems: Skype, for one, was looking into a bug that sent messages to the wrong contacts, while Google changed settings on its Chrome browser to block the installation of non-approved extensions. For its part, Mozilla plugged a Firefox security hole that compromised the security of the browser’s new tab window.

Twitter issued first-ever report on government requests for user information, with the US government lodging 679 requests for information on 948 different users and many expecting that increasing government surveillance will push hackers further underground. They're not too far down to launch DDoS attacks on high-profile sites like Amazon, however – a deed for which a Russian hacker was arrested in Cyprus.

Privacy suffered the usual ignominy as data-breach followers saw a boost in reporting of data leakages – but many are vague on the root causes. On the other hand, it’s pretty obvious what caused the leakage of data on two million Canadian voters in one of the country’s biggest-ever privacy breaches: a pair of missing USB drives. Laws to protect privacy may have been getting better, however, as civil-liberties groups came out with a thumbs-up on laws that limit the type of security-related information that can be shared between private companies and the US government.

The challenges of securing data centres continue to rear their ugly heads. Recognising this, Cisco Systems bought security firm Virtuata for its technology for securing virtual machines, while Check Point Software Technologies introduced new technology that lets companies consolidate multiple security gateways onto a single server.

Meanwhile, some security figures were discussing the potential for open-source systems to help in the fight against cyber-attacks: for example, Linux proponents offered a way of quickly repairing Windows PCs that have been infected by malware. That would be useful in the Middle East, where ‘cyber espionage malware’ called Mahdi was found to be spying on targets in Iran, Israel and other countries across the region.

Indeed, government bodies seem to be mentioned in the same breath as malware with increasing frequency as a report concluded that government bodies are three times more likely to lose cyber-security skills than their private-sector counterparts. Some are arguing that traditional notions of war are becoming obsolete as targeted cyber war becomes a favoured tool of governments.

British politicians, for example, are pressing for the UK to go on the offensive in their fight against cyber-crims even as that country suffers the embarrassment of being short of security staff due to a software problem in the last days before the Olympics. Syria had its own embarrassment as the entire country went offline for 40 minutes, although some suggested it was not entirely an accident. Either way, the US Department of Homeland Security is recommending that critical infrastructure providers preserve data before they even think about retribution.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place