“TOR is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet,” according to TORProject.org. TOR is a type of Darknet or private network in which the network connections are only established between trusted pairs. Originally an extension of ARPANET, the government project which led to the current Internet, and developed by the United States Navy. TOR is the largest of these Darknets, publicly available, which are being used to access anonymous networks and permit individuals to access content in a discrete manor. All done in order to obscure the identity of the user and their associated Internet activity from any type of oversight. It is estimated that over a million users are currently utilizing TOR networks around the world. In the end, these types of Darknets create an unseen network bundled within the internet we all us every day.
As you have probably heard, Sony Pictures Entertainment was recently the target of a major compromise, which involved the copying of vast amounts of data, including the personal details of employees, internal emails, and several unreleased movies. Reporting on this attack has largely focused on determining the potential source (with much speculation regarding North Korea), and only recently uncovering that a portion of the attack originated in Thailand, specifically a hotel and college in Bangkok.
To our Colleagues in the Security Community,
As we prepare for the New Year, we have the opportunity to reflect on 2014. This past year brought news of the recovering US economy. Job growth was steady and businesses began to finally see the end of the recession. With many companies posting record profits, the stock markets are hitting new record highs. In general, feelings have shifted from the desperation of the recession to optimism for the future. In 2015, my hope is that this trend continues. Jobs should continue to grow, if not increase even more quickly. Companies should continue to see increases in sales and profits, fueling the stock markets to reach for even higher numbers.
Recently, security news has been focused on a particular new form of malware known as Regin. While the developer of this software remains officially unclear, most experts believe that Regin must have been developed by a group with large amounts of both time and money, which points to it being state-developed or at the very least state-sponsored. Given the various identified targets of the malware, as well as some other details about the software, the most likely developers are the US and UK governments. This malware is even mentioned specifically in some of the leaked Snowden documents as being used in 2012 by the GCHQ (the UK equivalent to the US’s NSA).
Implantable medical devices are becoming increasingly sophisticated, including infusion pumps that deliver medication, scanners that monitor biometric data, and devices that support or enhance organ functions. As with most modern technologies, many medical implants use Internet and network connectivity to exchange information with other systems and devices. Continuous connectivity facilitates health data analytics, immediately alert patients and doctors if warning thresholds are triggered, and enables device updates to patch security or functionality issues. Unfortunately, this connectivity makes medical devices vulnerable to the same threats faced by other medical devices, computer systems, and smartphones. What can manufacturers do to protect their implantable devices?
On Tuesday, one week after their traditional Patch Tuesday, Microsoft pushed out MS14-068, a patch to address a vulnerability in the Windows Kerberos implementation that allows for the elevation of privilege. As Microsoft noted, this vulnerability has already been exploited in several limited attacks. For your protection, you should update Windows immediately to implement this patch.
In a recent article, IBM’s X-Force research team discussed a vulnerability they identified in Internet Explorer, dating back to IE3 in 1997. With Microsoft patching the vulnerability as of November 11, 2014, the X-Force team opened up and revealed the details of the exploit, and what it could be used for.
Consumers are more heavily than ever relying on their smartphones to manage all aspects of their lives, including their health. Corporations such as Google and Apple are jumping into this growing market for mobile health apps. Apple’s recently launched “Health” aggregates data from a variety of health and fitness apps and offers integration with the upcoming iWatch. As Apple states, you decide what information is placed in Health and shared with external health apps, social media apps, and even your doctor. With responsibility for personal data being placed in the hands of users, what should you know before sharing your personal health information (PHI) with your phone?
After the revelation that over 76 million users and 7 million businesses were affected by the recent JP Morgan Chase & Co. (JPM) data breach, many observers are wondering what lessons can be learned from the entire affair. In the days shortly after the breach was made public, JPM CEO Jamie Dimon discussed the company’s plans to double their security budget and hire even more members for their security team. As of the 2013 Annual Report, JPM was reporting a $250 million security budget, with a staff of 1,000 people, so it would seem that JPM is looking to increase that budget to $500 million, and adjust its staffing accordingly.
Somewhere, in a dark quiet room, they sit and stare into their cathode ray tube monitors. The smoke cloud from spent cigarettes lingers. Someone coughs. The sound of a toilet flush upstairs cuts through the dull quiet, indicating the cheapness of the building’s construction. The glow of their screens keeps their attention, the high of caffeine drinks and sleepless euphoria.
No, I’m not talking about the attackers. They usually live in pretty nice places. I mean, you don’t get the name Cyber Threat Actor by being a slob. I’m picturing the poor souls that have to come up with information security headlines.