Security Monitoring: Opinions

There has been a long history of attacks on the Domain Name System ranging from brute-force denial-of-service attacks to targeted attacks requiring specialized software. In July 2008 a new DNS cache-poisoning attack was unveiled that is considered especially dangerous because it does not require substantial bandwidth or processor resources nor does it require sophisticated techniques.

There are a few highly publicised vulnerabilities at the moment which haven't completely been disclosed and which, it is claimed, could threaten the whole Internet as-we-know-it. Only, when the vulnerabilities are finally disclosed, it seems that the whole incident has been somewhat Chicken Little.

In 1999, the Massachusetts state fire marshal issued a cautionary advisory about a new security product: a surveillance camera designed to look like a smoke detector. "This action has created a great concern for us in the fire service," Stephen Coan said. "If this [security cameras as smoke detectors] becomes widely known, we feel that the lives of people will be placed in jeopardy. Out of fear of being watched and the loss of privacy, it is possible that people will begin to cover over smoke detectors, endangering their lives...." Marshal Coan was not alone in his concern: In 2004, New York officials forced local outlets to stop selling the device for many of the same reasons.

The proliferation and popularity of collaborative Web 2.0 sites – there are around 250,000 new registrations to Facebook everyday – has changed the threat landscape and the way businesses need to think about security. Each year, newer technologies and weapons are being unleashed to leave Web users surprised, annoyed and at greater risk.‘Whaling’ or ‘spear phishing’, is one such threat and refers to phishing scams which specifically target high-worth individuals.

The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of determining how to deploy an information security governance program among what are often disparate business units. Should the policies, procedures, and processes that define the program be developed and managed within a central, corporate body? Or perhaps responsibility would be better placed at the individual unit level? Is there a workable middle-ground?

In the immortal words of the Young Ones "[A] social conscience is like a garden shed. If you try to eat it, it will stick in your throat!". At least that is the lesson that the EU seems to be learning [1] in its efforts to promote greater competition in the technology industry as it tries to implement the use of alternate (to Microsoft) office software and operating systems that adhere to open standards.

Microsoft SQL server hasn't had a public vulnerability announcement since 2004. The SQL Slammer worm struck in 2005, but the hole the worm exploited had been patched six months before. The holes that MS-Blaster and Code Red worm attacked had been patched, too. But back just a few years ago, no one really cared about patching really. We just didn't patch.

Microsoft's US general manager/chief security advisor for its National Security Team thinks like a true security professional: In every bit of good news, Bret Arsenault wonders what bad news could be lurking behind it.

People don't notice change when it's gradual. Sometimes, however, small, incremental changes add up in a way that isn't noticed until a change in degree becomes a change in kind.

Planning to travel? Maybe you want to think twice about bringing your laptop, your mobile phone, or even that iPod. (And if you're of Asian or Middle Eastern descent, that goes double.)

The scientific field of biology has provided many useful metaphors, such as "virus" and "infection," for the study of malware. Many researchers have used biology and evolution science to create innovative defenses against malware, in many ways simulating the functions of biological immunity systems. I find that biological sciences and especially evolution provide some great insights into the behavior of malware, malware creators and malware defenses over longer periods of time. I also see a lot of parallels between the evolution of malware and the evolution of darknets (stealthy peer-to-peer, or P2P, networks).