Digital Doomsday

doomsday

While it would be easy to write, this is not another article about the importance of anti-virus and security. The threats that lurk on the Internet have been well-communicated over the years. Connecting an unprotected computer to the Internet or to an  office network is digital Russian roulette. It is critical to have each inter-connected computer up-to-date with anti-virus software. Maintaining updated computer and antivirus software helps to protect you from 1,000s of online threats including… DOOMSDAY!

Digital Doomsday is July 9, 2012. Before stockpiling food and water it is important to understand the history of Digital Doomsday. The story behind Digital Doomsday reads like a modern day spy story.

In late 2011, the FBI – working in coordination with international authorities – arrested six people responsible for creating and distributing a new Trojan/virus named DNS changer. Unfortunately, the group was very successful in spreading this virus globally to more than 100 countries and possibly millions of computer systems. This virus changed computer DNS settings – the settings which guide you on the Internet – on each infected computer system. This group used the changed settings to direct the computers to their own systems. Instead of using good, reliable settings to lookup technical information on the Internet, the  infected computer used the “bad” settings to search. The “bad” settings directed people to incorrect web pages and many less-than-desirable locations on the Internet. This one little change means an infected computer system can be mis-directed to anywhere the cyber criminals desire.

Once the criminals were in custody, the FBI came up with a plan to help temporarily fix the situation. The “bad”
servers providing DNS were converted to “good” servers. This conversion meant that the correct, validated information was being sent and received across the Internet. Websites were connecting and computers were communicating properly.

Unfortunately, all good things come to an end. Effective July 9, 2012, the “good’ replacement servers are scheduled to
be taken offline. That means each infected computer will no longer be able to find or connect to ANYTHING on the Internet. Essentially, it will be an Internet blackout on each computer system that has been infected. The key is to understand the problem and to take the necessary steps now – should a system be infected – by correcting the DNS settings. You don’t want to be taken by surprise on your home computer system and find yourself in an Internet black hole next month. Some resources are listed below about the DNS changer and Digital Doomsday. – Jeff Eisenhower, Director of Technical Services

Predictions for 2013

predictions for 2013

What will 2013 hold for information security professionals? Certainly a lot more serious incidents as we've been incubating a raft of potential crises for the past two decades. But what specifically can we expect? Will it be more of same? Or could we see the dawn of a new era? The answer is likely to be a little of both. Here are my top five forecasts for 2013.

Attacks get nastier

Data breaches are bad enough, but at least they don't disrupt business operations. Long term data damage is much worse. I've been forecasting this as a future risk for the last decade. It will begin to hit home during 2013, with rapid growth in cyber extortion and vandalism, perhaps coupled with the emergence of real cyber terrorism. Expect much nastier attacks and watch out for the beginnings of organised protection rackets.

Big challenges from Big Data 

Big Data is the latest technology in a long term trend of increasingly powerful user access, enabling new dimensions in data mining, fusion and navigation, as well as new opportunities for big data breaches. Only compliance and expensive licence fees stand in the way of a user free-for-all in data access. But it spells the end of the 'least privilege' principle.     

Final death of corporate perimeters 

Many enterprises, including big banks, still cling to the fig-leaf protection provided by private infrastructure. It's an illusion of course because Internet and email access provides a massive back door for attackers. BYOD is the final nail in the coffin for traditional corporate perimeter protection. The users have left the building, the applications are following and the enemy is already inside.  

Security speeds up

Growth in the frequency and impact of attacks will at least persuade security managers to forget the achingly slow Deming cycle and respond to vulnerability alerts and incidents in real time. Patching will get faster, vulnerability scanning will become more frequent, and security staff will become more empowered.    

SMEs discover security

In recent years I've researched and written extensively about the lack of interest and awareness in security in the small and medium enterprise sectors. The reality is that SMEs aren't concerned and nobody has bothered to educate them. They remain the soft underbelly of big business and critical national infrastructure. 2013 will see the start of a slow change in this sector, starting with small retailers, as compliance requirements gradually cascade down supply chains. It won't happen overnight but it will open up new markets for security vendors.