0

IT Security Rewind – Week of July 18, 2011

Posted on July 22, 2011 by Josh Arrington

As the summer heat continues to rise, it’s clear that news about the frequency of IT security breaches refuses to take a vacation.  This week the founder of popular online news site Reddit was caught red-handed while security influencers stayed cool reporting on some real threats for the utilities and government industries. Here is our take on this week’s hottest IT security stories:

  • Reddit Founder Hacks into MIT and Gets Himself Caught — Computerworld’s Grant Gross provided us with details of the indictment of the co-founder of online news site Reddit.  Aaron Swartz was charged with computer intrusion, fraud and data theft for allegedly stealing 4.8 million documents from an MIT network. If convicted, Swartz, who is also the founder of the political advocacy group Demand Progress, faces a possible 35 years in prison and fines of up to $1million.
  • Be Afraid, Be Very Afraid – We’ve all fallen for “doom-and-gloom-we’re-all-gonna-die” stories that make you want to stock your bomb shelter.  CSO’s Bill Brenner typically takes these reports as B-S; this week however, he shared an interesting report from Brian Ross, “New Terror Report Warns of Insider Threat to Utilities” to which he says “the insider threat is real.” While Brenner is referring to physical security in this particular piece, given the numerous flaws and vulnerabilities reported in SCADA software over the past few months we can’t help but draw the connection to an IT security threat as well.
  • Hackers Infiltrate Computers at the German Federal Police and Customs Service – It’s one thing to hack into a system and get the heck out of there – but to stay in that system undetected for say, months, is a whole other ballgame. In what could be an incredibly devastating data loss for the German Federal Police and Customs Service – hackers reportedly gained access to federal police computers in September 2010 and were able steal information undetected for months. In addition, hackers were able to gain access to the German customs service and publish stolen files on the Internet. In the words of an anonymous security officer, “that is pretty much the worst thing that could happen.”


What other hot stories would you add to this list?

1

Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest

Posted on July 19, 2011 by Josh Arrington

sysadmin

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest.

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge.Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis as well as Wesley David, another prolific contributor to the SysAdmin blogosphere over at his personal site, The Nubby Admin. Wesley also authors articles for such publications as SysAdmin Talk. Together, Matt, Wesley and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entries through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest (Embed Landing Page Link Here).

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge. Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis. Together, Matt and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entr

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest (Embed Landing Page Link Here).

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge. Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis. Together, Matt and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entries through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

ies through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

0

IT Security Rewind – Week of July 4

Posted on July 11, 2011 by Josh Arrington

Despite our nice little July 4th break in the U.S.  this week’s news continues  to suggest that 2011 has been anything but an IT security “holiday” for a number of organizations. Let’s take a look at some of the week’s biggest news items:

Big Brother, Where Art Thou? Remember the consultant who was able to exploit a hardcoded, default password in a police cruiser’s digital video recorder system to gain access to controls and manipulate its use? We thought that was bad news, but now according to figures released by the Big Brother Watch, over 900 police officers and other staffers were subjected to internal discipline for breaching the data protection act (DPA) in the U.K. It’s one thing when law enforcement’s technology is susceptible to a data breach, it’s another when the actual officers are illegally viewing computer records for “non-policing purposes.” Talk about an abuse of privileges.

Not an Even Trade Between U.S. and China - A ThreatPost article details the arrest of a CME Group employee who allegedly stole trade secrets and proprietary source code used to run trading systems for the Chicago Mercantile Exchange and passed them along to China. The implications here obviously are far reaching as the employee downloaded “thousands of files” containing “source code and proprietary algorithms” used by CME to run its trading systems.” What is unclear, however, is how he gained access to the systems—was it through an escalation of privilege to access this sensitive information?

IT Security Rewind, uh, Rewind – Clearly, we think it’s important to recap the week’s most important IT security related developments, so we are always excited to identify similarly detailed reports, like this one from Help Net Security, that covers recent security incidents. The report recaps some of the biggest events of the year—from RSA to Citibank—and highlights the impact of the breaches on the organizations and their users.

That’s it for this week—thoughts? Comments? Bring ‘em on.

0

Don’t shy away from data protection audits

Posted on July 6, 2011 by Mark Fullbrook

The UK Information Commissioner, Christopher Graham, today said that businesses should be more willing to undergo data protection audits.  This follows the publication of the Information Commissioner’s Office’s (ICO’s) annual report, which found that just 19 percent of private sector businesses contacted by the ICO following a data breach accepted the offer to undergo free data protection audits*.

Audits are a critical part of any well-run major business, helping to ensure efficiency, productivity, and, with data protection audits, security and accountability – so it’s odd that so many businesses would decline the offer a free data protection audit.

At Cyber-Ark, we believe in developing solutions that not only deliver security, but also help organisations meet audits more effectively.  For example, with comprehensive logging of all privileged activity – including tracking who logged in, what they did and when they did it – meeting an audit can be made far simpler.  Every action is recorded and accountability is assured.

* ICO News Release

0

IT Security Rewind – Week of June 27

Posted on July 5, 2011 by Josh Arrington

While we in the U.S. office are caught up thinking about July 4 festivities, the world of security bids adieu to LulzSec, CitiBank ups its losses and CWE/SANS unveil this year’s list of the Top 25 most dangerous programming errors, which have been the focus of so many recent attacks.  Let’s get started with this week’s rewind!

Hard-coding a secret password is just bad manners - The New York Times and multiple other outlets covered news related to the Homeland Security Department’s unveiling of a new system of guidance intended to help make the software behind Web sites, power grids and other services less susceptible to hacking. The system includes an updated list of the top 25 programming errors that enable today’s most serious hacks. The annual CWE (Common Weakness Evaluation)/SANS Top 25 Most Dangerous Software Errors list covers the most significant threats faced by software makers and IT organizations, while providing advice on how to protect against the vulnerabilities.  While top threats included SQL injection and cross-site scripting, coming in at Number 7 is particularly relevant to Cyber-Ark and our customers: Use of Hard-coded Credentials. You’ll recall that the Stuxnet worm used hard-coded credentials in order to spread.

LulzSec says farewell – The week LulzSec wasn’t in the news for its attacks, instead, it released a message saying it had “completed its 50-day goal of reviving the AntiSec (anti-security) hacker movement, which aimed to disrupt government and corporations by breaking their network security.” Hoping that others will take up its “good cause,” the security industry will be kept guessing about where its members will pop up next.

Citigroup’s losses keep climbing – It was reported this week that approximately 3,400 Citigroup credit card customers suffered a loss of $2.7 million during a security breach earlier this year, according to a Wall Street Journal report.  The company maintains that data used to commit fraud, such as Social Security numbers, card security codes and dates of birth were not compromised. Citigroup has instituted fraud monitoring on the accounts, and replaced 217,657 cards for customers so far.

That wraps up this week’s rewind. What other CWE/SANS Top 25 errors is your organization most focused on?