In October, we wrote about the federal government’s move toward installing video and telepresence capabilities on mobile devices to improve communication, especially for law enforcement and defense purposes. With mobile telepresence, the government can enhance collaboration and response time during critical events.
A recent New York Times article reminds us, however, that to safely realize all of the benefits of telepresence, the government—or any organization—needs to ensure proper implementation of the video technology. Obviously, security concerns multiply when numerous mobile devices attach to a telepresence network.
The Times piece noted the vulnerabilities risked in telepresence-equipped boardrooms, and accordingly, on mobile devices, when organizations do not set up their connections behind the firewall or do not configure their technology to meet their security needs. Fortunately, the technology itself is inherently safe, with countless security measures built into the infrastructure. It becomes, then, a matter of empowering informed telepresence users to properly set up their systems.
So what should organizations like the government do? For one, adopting a solutions-based approach helps ensure security by allowing regulated video traffic to traverse the firewall only to endpoints that reside behind the firewall. Just as an agency wouldn’t connect an unprotected PC to the network, it should likewise be sure to protect any video endpoints—including mobile ones. Such a protected set-up maintains a single entry point into the network and makes telepresence easy to deploy and manage.
Government entities relying on telepresence can also protect classified information by properly configuring their telepresence networks to suit their needs. For example, agencies dealing with top-secret matters should monitor incoming calls as tightly as possible by disabling any auto-answer capabilities.
Like any technology, video and telepresence are only as secure as the networks on which they run. The government assumes no risk in deploying telepresence, provided it deploys the technology correctly. Cisco works with other manufacturers to adhere to industry standards and develop secure, user-friendly telepresence that can ensure successful deployment and enable solely beneficial telepresence experiences.
By Janet Lyons
Wednesday, February 29, 2012
Tuesday, February 28, 2012
Almost 5% of Smartphones Lost Every Year
McAfee and Ponemon Institute recently released “The Lost Smartphone Problem,” a study that attempts to determine how many employees’ smartphones are lost or stolen, and the consequences of these lost cell phones on various organizations. Among the 439 sample organizations, the number of missing smartphones is significant: 142,708 in one year.
Approximately 62% of smartphones are company owned devices assigned to employees for business use. 38% are personally owned and are used for business. Roughly 4.3% of these employee smartphones are lost or stolen each year. Of the 142,706 smartphones reported missing by the 439 businesses surveyed, only 9,298—7%—were recovered. 13% of the missing smartphones were lost in the workplace, 29% were lost while traveling, and 47% were lost while employees were working away from the office, either at home or hotel rooms. Employees were unsure where the remaining 11% were lost. And despite the fact that 60% of missing smartphones are believed to contain sensitive and confidential information, 57% were not protected with available security features.
The industries reporting the highest rate of smartphone loss were health and pharmaceuticals, education and research, and public sector organizations.
Based on the costly consequences of lost data assets, it makes sense to allocate the necessary resources to invest in anti-theft and data protection solutions in order to secure smartphones and the sensitive and confidential information they contain.
Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube. (Disclosures)
By: Robert Siciliano
Approximately 62% of smartphones are company owned devices assigned to employees for business use. 38% are personally owned and are used for business. Roughly 4.3% of these employee smartphones are lost or stolen each year. Of the 142,706 smartphones reported missing by the 439 businesses surveyed, only 9,298—7%—were recovered. 13% of the missing smartphones were lost in the workplace, 29% were lost while traveling, and 47% were lost while employees were working away from the office, either at home or hotel rooms. Employees were unsure where the remaining 11% were lost. And despite the fact that 60% of missing smartphones are believed to contain sensitive and confidential information, 57% were not protected with available security features.
The industries reporting the highest rate of smartphone loss were health and pharmaceuticals, education and research, and public sector organizations.
Based on the costly consequences of lost data assets, it makes sense to allocate the necessary resources to invest in anti-theft and data protection solutions in order to secure smartphones and the sensitive and confidential information they contain.
Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube. (Disclosures)
By: Robert Siciliano
Monday, February 27, 2012
How Criminals Capitalize On Our Digital Lives
Studies are beginning to show consistency in our digital behaviors. For example, almost 50% of us check Facebook or Twitter either immediately after waking or in the evening, after work or school. Criminals know this, and wait for these busy times to post tweets or status updates containing infected links.
When unsuspecting users accidentally click on those links, their PCs become infected and begin to do things like recording all of their keystrokes, or becoming a zombie that is part of a larger botnet. 30% of all spam is relayed by infected computers located in someone’s home or office, but controlled remotely by criminals.
And according to digital research firm comScore, close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011. During that time period, Android malware jumped by 76%.
Criminals know what we do online; mostly, we’re searching for photos and videos of celebrities. So they use those celebrities’ names as bait. In 2011, for example, a search for Heidi Klum had a one in ten chance of leading to a dangerous website.
We also play games online. How often does a kid get bored with the usual games and click over to some rogue site hosted on an overseas server? Many of these websites also contain explicit pornography. Studies show that 27% of teens have infected their home computers with malicious software designed to steal identities.
Is this your family’s digital life?
To stay protected I recommend you:
When unsuspecting users accidentally click on those links, their PCs become infected and begin to do things like recording all of their keystrokes, or becoming a zombie that is part of a larger botnet. 30% of all spam is relayed by infected computers located in someone’s home or office, but controlled remotely by criminals.
And according to digital research firm comScore, close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011. During that time period, Android malware jumped by 76%.
Criminals know what we do online; mostly, we’re searching for photos and videos of celebrities. So they use those celebrities’ names as bait. In 2011, for example, a search for Heidi Klum had a one in ten chance of leading to a dangerous website.
We also play games online. How often does a kid get bored with the usual games and click over to some rogue site hosted on an overseas server? Many of these websites also contain explicit pornography. Studies show that 27% of teens have infected their home computers with malicious software designed to steal identities.
Is this your family’s digital life?
To stay protected I recommend you:
- Use comprehensive, up-to-date security software on all your devices.
- Use parental controls to protect kids online.
- Use strong passwords for all devices and websites.
- Use caution when clicking on links.
- And increase your security intelligence, so that you are able to recognize scams before it’s too late.
Friday, February 24, 2012
Getting Value from Your DLP Investment
People can sometimes feel overwhelmed when they think about deploying data loss prevention (DLP) at their organization. Some common concerns I hear from prospects are:
By Nikfar Khaleeli
- First I want to classify my data. How can I do that?
- DLP has many components. Where do I start?
- I have lots of data – some sensitive, some not. How do I determine what is valuable?
- Most solutions require that you install and maintain a separate database for recording and reporting on DLP incidents. Can I say additional headcount?
- Policies need to be setup and tuned to reduce the number of false positives. It is expensive to have your team to work on spurious incidents.
- Due to the sensitive nature of data captured by DLP solutions, you’ll want to control what information can be viewed by whom in the incident response chain.
- Network monitoring components will need to be placed at each network egress point in order to get a complete picture of data leaving the enterprise. Connections are typically via port mirroring or a network tap, so you’d typically need to work with the network team to get this setup.
- Data discovery components will need to be placed in major data centers to efficiently crawl the servers for sensitive data. You’ll need to work with the data center team to get these components placed into the data center and will also need login credentials with the correct access levels to find everything on the servers.
- Network prevention components have to integrate with web proxies and email gatewaysin order to perform active remediation ((i.e. blocking email, rerouting for encryption, etc.) on network communications.
- Endppoint components have to be deployed on your laptops and desktops. That requires you working closely with the desktop team.
- We’ve got a great set of products, having been positioned as a Leader in both Gartner’s Magic Quadrant for Content-Aware Data Loss Prevention and Forrester’s Wave for Data Leak Prevention Suites.
- We also provide hardened appliances (available in either physical or virtual form factors). That means you can get our solution deployed fast. No need to build servers, patch oprating systems or procure databases.
- We integrate with McAfee ePolicy Orchestrator, which makes deploying the DLP endpoint componenta cinch. Additionally,you can use McAfee ePolicy Orchestrator as your one-stop-shop from which you can create, deploy, test and report on IT security policies.
- We have unique Capture technology. This allows you to immediately test your policies against your organizations historic data – and get to effective protection in days, not months.
- Searching in the McAfee DLP Capture Index
- Using Policies in McAfee DLP
- Using Concepts in McAfee DLP
- Creating Action Rules in McAfee DLP
- Creating Templates in McAfee DLP
- Data Classification with McAfee DLP
- Performing Incident Management in McAfee DLP
- Fingerprinting Documents with McAfee DLP
- Traffic Analysis in McAfee DLP
- Role-Based Access Control (RBAC) and LDAP Integration
- Location Based Tagging with Unified DLP Management
By Nikfar Khaleeli
Thursday, February 23, 2012
Security 101: Attack Vectors Take Advantage of User Interaction
Welcome back to Security 101. Our New Year’s recess is over, and it’s time to offer another lesson.
So far we have discussed vulnerabilities and some types of low-interaction attack vectors. In this lesson we shall continue with attack vectors that require medium or high levels of user interaction to succeed.
These attack vectors are more dangerous because their success relies on the victims, which means that they can work in multiple “buildings” in parallel. (Recall our analogy of comparing a system to a building.) An attacker who uses these vectors also has an advantage that does not depend on technology: the human factor. Humans are curious by nature and, even when we don’t care to admit it, gullible. Almost anyone, no matter how cautious, can be tricked into being a victim of an attack or helping an attacker.
But we’ll delve into the topic of social engineering another time. For now we’ll focus on the vectors themselves. These vectors may require as much work from attackers as the low-interaction ones. Most of the time goes into assembling a malicious website or something similar.
Medium Interaction
Website/mail elements: Visiting a website is usually only a click away, especially if you just happen to be “in the neighborhood.” Think of all the advertisements you see while navigating the web. How many times have you been tempted to click an interesting ad, or follow a mail with a convenient offer? Any of these sites could host an attack or a piece of malware. The whole site need not be malicious, just one hidden element or image will suffice. When you enter a site, your browser tries to load all of the page’s elements; when it reaches the malicious part, the attack executes. Attackers can use this vector to exploit almost every kind of vulnerability because the attack happens online. The disadvantage for the attacker is that this vector requires a vulnerability in your browser to work.
High Interaction
Corrupted files: This broadly works in the same way as website vulnerabilities. An attacker places a file that contains an exploit on some part of the web. It can be a peer-to-peer network, FTP site, art gallery, free software site, you name it, or the attacker can send the file directly to you by mail. You download the file, open it, and Wham!: The exploit runs. The most visible difference is that the victim actually needs to find the file and open it. And that’s why this vector is usually disguised as tempting celebrity photos, work documents, or even free tickets to a concert. These attacks are often widely advertised (social networks anyone?). Because this vector employs the victim’s computer, it is mostly used for exploiting denial of service or remote code execution vulnerabilities. In the latter case, inside the file there’s a small piece of code that communicates with the attacker’s computer or server, allowing access to the victim’s machine.
So next time you see a “OMG, awesome video of <celebrity name> here!” link, don’t just think twice. Don’t open it at all. The most probable outcome is that you’ll open the doors of your “building” to complete strangers and you’ll never know it. Next time we’ll see how the human factor fits into attacks, with a post about social engineering.
By Francisca Moreno
So far we have discussed vulnerabilities and some types of low-interaction attack vectors. In this lesson we shall continue with attack vectors that require medium or high levels of user interaction to succeed.
These attack vectors are more dangerous because their success relies on the victims, which means that they can work in multiple “buildings” in parallel. (Recall our analogy of comparing a system to a building.) An attacker who uses these vectors also has an advantage that does not depend on technology: the human factor. Humans are curious by nature and, even when we don’t care to admit it, gullible. Almost anyone, no matter how cautious, can be tricked into being a victim of an attack or helping an attacker.
But we’ll delve into the topic of social engineering another time. For now we’ll focus on the vectors themselves. These vectors may require as much work from attackers as the low-interaction ones. Most of the time goes into assembling a malicious website or something similar.
Medium Interaction
Website/mail elements: Visiting a website is usually only a click away, especially if you just happen to be “in the neighborhood.” Think of all the advertisements you see while navigating the web. How many times have you been tempted to click an interesting ad, or follow a mail with a convenient offer? Any of these sites could host an attack or a piece of malware. The whole site need not be malicious, just one hidden element or image will suffice. When you enter a site, your browser tries to load all of the page’s elements; when it reaches the malicious part, the attack executes. Attackers can use this vector to exploit almost every kind of vulnerability because the attack happens online. The disadvantage for the attacker is that this vector requires a vulnerability in your browser to work.
High Interaction
Corrupted files: This broadly works in the same way as website vulnerabilities. An attacker places a file that contains an exploit on some part of the web. It can be a peer-to-peer network, FTP site, art gallery, free software site, you name it, or the attacker can send the file directly to you by mail. You download the file, open it, and Wham!: The exploit runs. The most visible difference is that the victim actually needs to find the file and open it. And that’s why this vector is usually disguised as tempting celebrity photos, work documents, or even free tickets to a concert. These attacks are often widely advertised (social networks anyone?). Because this vector employs the victim’s computer, it is mostly used for exploiting denial of service or remote code execution vulnerabilities. In the latter case, inside the file there’s a small piece of code that communicates with the attacker’s computer or server, allowing access to the victim’s machine.
So next time you see a “OMG, awesome video of <celebrity name> here!” link, don’t just think twice. Don’t open it at all. The most probable outcome is that you’ll open the doors of your “building” to complete strangers and you’ll never know it. Next time we’ll see how the human factor fits into attacks, with a post about social engineering.
By Francisca Moreno
Wednesday, February 22, 2012
The Importance of Incentives in Securing the Network from the Cyber Threat
The cyber security threat landscape has changed fundamentally over the last decade from “Code Red” to mass espionage and the threat of kinetic damage. Instead of moving unsophisticated worms around the Internet, today’s adversaries are moving money, markets and jobs between countries and companies.
The cyber adversaries of today are smart and fast, and have no legal, international, or competitive boundaries for sharing information. They often have plenty of funding and well-placed trusted relationships, enabling them to execute harm upon us with an unmatched alacrity. What once might have been called science fiction and displayed by Hollywood is now reality: malicious actors perpetrating cyber attacks to steal money and intellectual property, disrupt businesses, sabotage critical infrastructure, and threaten governments.
Today, I had the great privilege of speaking before the Committee on Energy and Commerce at a hearing titled “Cybersecurity: Threats to Communications Networks and Private-Sector Responses.” At this hearing, I provided McAfee’s perspective and insight on the cyber threat environment as it relates to communications networks and offered policy recommendations on protecting the telecommunication infrastructure.
Internet Service Providers (ISPs), which are foundational to all electronic communications, are hampered in security efforts by the design and physical components of the architecture of the Internet and have the potential to enable mass espionage and critical infrastructure risk. While communications networks allow us to share information around the world instantaneously, they are also a conduit for malware. The very Internet that virtually promises the arrival of our traffic at its destination also promises the arrival of the malware at the destination intended by the sender.
Although telecommunications and ISP firms have been diligent in securing their infrastructures and taking proactive steps to prevent the delivery of some of the known malicious and botnet-affiliated traffic, the task could be done far better and a much more comprehensive global threat picture could be created. However, this is complicated by legal, regulatory, financial, and attitudinal disincentives. Government and private sector need to work together to remove these obstacles. Currently, it is unacceptably easy for the cyber adversary to delivery malware via the Internet and have it promptly and accurately delivered to its destination.
ISPs need solutions that are proactive and predictive, rather than reactive. ISPs can help guide the market by acquisition of innovative technologies. One example suggests that Global Threat Intelligence (GTI) be used within the network fabric by ISPs, which is the basis of a cyber immune system and offers the ability to protect against an attack by comparing current traffic to a dynamic snapshot of real-time cyber activity to determine a risk probability of that traffic before allowing it to continue on its path. If the risk is high, that is noted in the system and the traffic can be stopped. Another example is application whitelisting, which can prevent malicious instructions from executing on a system even if they are able to enter. These technologies extend to systems outside of the ISPs as well, and we note in testimony that ISPs cannot own all the burden of cyber security – every system must be secure and play a proactive role.
In addition to these private sector solutions, policy plays a key role in assisting ISPs and telecommunications firms in protecting their infrastructure. We need to see more joint collaboration and cooperation between the private and public sectors and passage of the Roger’s bill to encourage the public-private partnerships we need in moving forward in cyber security. This bill already contains a number of privacy protections, and we are working to further upgrade these protections.
To achieve a cyber secure nation, we also need positive incentives. Such incentives would include:
By Dr. Phyllis Schneck
The cyber adversaries of today are smart and fast, and have no legal, international, or competitive boundaries for sharing information. They often have plenty of funding and well-placed trusted relationships, enabling them to execute harm upon us with an unmatched alacrity. What once might have been called science fiction and displayed by Hollywood is now reality: malicious actors perpetrating cyber attacks to steal money and intellectual property, disrupt businesses, sabotage critical infrastructure, and threaten governments.
Today, I had the great privilege of speaking before the Committee on Energy and Commerce at a hearing titled “Cybersecurity: Threats to Communications Networks and Private-Sector Responses.” At this hearing, I provided McAfee’s perspective and insight on the cyber threat environment as it relates to communications networks and offered policy recommendations on protecting the telecommunication infrastructure.
Internet Service Providers (ISPs), which are foundational to all electronic communications, are hampered in security efforts by the design and physical components of the architecture of the Internet and have the potential to enable mass espionage and critical infrastructure risk. While communications networks allow us to share information around the world instantaneously, they are also a conduit for malware. The very Internet that virtually promises the arrival of our traffic at its destination also promises the arrival of the malware at the destination intended by the sender.
Although telecommunications and ISP firms have been diligent in securing their infrastructures and taking proactive steps to prevent the delivery of some of the known malicious and botnet-affiliated traffic, the task could be done far better and a much more comprehensive global threat picture could be created. However, this is complicated by legal, regulatory, financial, and attitudinal disincentives. Government and private sector need to work together to remove these obstacles. Currently, it is unacceptably easy for the cyber adversary to delivery malware via the Internet and have it promptly and accurately delivered to its destination.
ISPs need solutions that are proactive and predictive, rather than reactive. ISPs can help guide the market by acquisition of innovative technologies. One example suggests that Global Threat Intelligence (GTI) be used within the network fabric by ISPs, which is the basis of a cyber immune system and offers the ability to protect against an attack by comparing current traffic to a dynamic snapshot of real-time cyber activity to determine a risk probability of that traffic before allowing it to continue on its path. If the risk is high, that is noted in the system and the traffic can be stopped. Another example is application whitelisting, which can prevent malicious instructions from executing on a system even if they are able to enter. These technologies extend to systems outside of the ISPs as well, and we note in testimony that ISPs cannot own all the burden of cyber security – every system must be secure and play a proactive role.
In addition to these private sector solutions, policy plays a key role in assisting ISPs and telecommunications firms in protecting their infrastructure. We need to see more joint collaboration and cooperation between the private and public sectors and passage of the Roger’s bill to encourage the public-private partnerships we need in moving forward in cyber security. This bill already contains a number of privacy protections, and we are working to further upgrade these protections.
To achieve a cyber secure nation, we also need positive incentives. Such incentives would include:
- Imposing limitations on liability for damages as well as non-economic losses would remove a serious obstacle to information security investments.
- Cyber security competitions, challenges and scholarships can assist in identifying and recruiting talented individuals to the cyber security workforce.
- Accelerated depreciation or refundable tax credits are being considered to encourage critical infrastructure industries to make additional investments in cyber security technologies, solutions, and human capital.
- Government should give consideration to implementing reinsurance programs to help underwrite the development of cyber security insurance programs.
By Dr. Phyllis Schneck
Friday, February 17, 2012
Do You Have A False Sense of Cybersecurity for Mobile?
Nearly three-quarters of Americans have never installed data protection applications or security software on their mobile devices to prevent data loss or defend against viruses and malware. 72% of us have unsecured smartphones, to be exact, even though we are using them more frequently in our digital lives.
A recent survey shows that 44% of Americans use smartphones to access the Internet, and 75% say they access the Internet more frequently on their device today than they did one year ago.
Digital research firm comScore found that close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011, a 21% increase from in the fourth quarter of 2010. Approximately 24% of consumers store computer or banking passwords on their mobile devices, according to Consumer Reports’ 2011 State of the Net Survey. More than half of smartphone users do not use any password protection to prevent unauthorized device access. And according to Gartner, 113 mobile phones are lost every minute in the U.S. alone.
With unit sales of smartphones and tablets eclipsing those of desktop and laptop PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues.
Protect yourself:
A recent survey shows that 44% of Americans use smartphones to access the Internet, and 75% say they access the Internet more frequently on their device today than they did one year ago.
Digital research firm comScore found that close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011, a 21% increase from in the fourth quarter of 2010. Approximately 24% of consumers store computer or banking passwords on their mobile devices, according to Consumer Reports’ 2011 State of the Net Survey. More than half of smartphone users do not use any password protection to prevent unauthorized device access. And according to Gartner, 113 mobile phones are lost every minute in the U.S. alone.
With unit sales of smartphones and tablets eclipsing those of desktop and laptop PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues.
Protect yourself:
- Use mobile security software and keep it current. Having complete mobile security protection like that offered in McAfee Mobile Security is a primary safety and security measure.
- Automate software updates. Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
- Protect all devices that connect to the Internet. Along with computers, smartphones, gaming systems, and other web-enabled devices also need protection from viruses and malware.
Thursday, February 16, 2012
Global Cybersecurity Is Possible But Unlikely For Now
It’s a sobering experience to read the Security and Defense Agenda’s (SDA) just-released report, Cybersecurity: The Vexed Question of Global Rules. The report, sponsored by McAfee, culls together interviews with 80 cyber-security experts in government, business, international organizations, and academia with a survey of 250 senior security practitioners, to get a handle on the cybersecurity challenges nations face today and the measures they must take to protect the Internet and its business, government, and other users tomorrow. The report also rates the cybersecurity preparedness of 21 countries, including the United States. The U.S. comes out very well, though behind Israel, Sweden, and Finland.
The conclusion is best summed up in this sentence, “For the moment, the “bad guys” have the upper hand … because the lack of international agreements allows them to operate swiftly and mostly with impunity.” And, the more you read the report, the more you conclude that “for the moment” really means for the foreseeable future.
Global cooperation and information sharing are the keys to managing this threat, according to the report, yet the parade of new technologies such as mobile devices and the cloud, competing interests, and lack of agreement on what that cooperation should look like are huge challenges that won’t be solved any time soon.
First, according to Patrick Pailloux, Director General of the French Network and Information Security Agency (ANSSI), individual users and much of corporate IT are essentially where doctors were before they started washing their hands and sterilizing equipment when it comes to cybersecurity.
Businesses are reluctant to share information for fear of harming customers and damaging their reputations and stock prices. Individuals are not willing to give up any aspect of Internet freedom. Nations have widely disparate perspectives and interests regarding cybersecurity: North American and European Countries aim to preserve privacy and freedom, while countries like Russia and China see that freedom as a threat to their regime stability. Most countries see cooperation as a potential threat to sovereignty. While regulations and accountability are a necessity, the anonymous nature of the Internet makes it almost impossible to prove who is really accountable for a cyberattack, and the need to encourage cooperation makes it a dicey proposition to punish any of the players if they’re perceived to break the rules.
The report also highlights a clash of interests among generations, with the younger generation feeling much less threatened by the loss of privacy than past generations. And finally, there’s a clash of expertise and comfort between tech-savvy users and IT and less tech-savvy politicians who make the laws and attempt to regulate cyberspace.
Protecting the SCADA systems that run critical infrastructure remains a tremendous challenge with very frightening implications. Even Israel, considered perhaps the most advanced country in terms of cybersecurity, confesses that its SCADA systems are still not protected and that “there is still a lot to do.” Many of those interviewed expressed the opinion that genuine cooperation will probably not happen until a cyber version of 911 occurs.
One gets the feeling that all aspects of this issue will require many more years of evolution. As a start the report recommends global trust building through information sharing bodies such as the Common Assurance Maturity Model (CAMM) and the Cloud Security Alliance (CSA). Perhaps another likely scenario for now is one similar to the shunning of money laundering safe havens by the larger global financial participants several years ago, which reduced the number of places where money could be hidden safely. The more cyber responsible nations may have to make life difficult for the nations perceived to be less responsible, a very risky proposition.
By Leon Erlanger
The conclusion is best summed up in this sentence, “For the moment, the “bad guys” have the upper hand … because the lack of international agreements allows them to operate swiftly and mostly with impunity.” And, the more you read the report, the more you conclude that “for the moment” really means for the foreseeable future.
Global cooperation and information sharing are the keys to managing this threat, according to the report, yet the parade of new technologies such as mobile devices and the cloud, competing interests, and lack of agreement on what that cooperation should look like are huge challenges that won’t be solved any time soon.
First, according to Patrick Pailloux, Director General of the French Network and Information Security Agency (ANSSI), individual users and much of corporate IT are essentially where doctors were before they started washing their hands and sterilizing equipment when it comes to cybersecurity.
Businesses are reluctant to share information for fear of harming customers and damaging their reputations and stock prices. Individuals are not willing to give up any aspect of Internet freedom. Nations have widely disparate perspectives and interests regarding cybersecurity: North American and European Countries aim to preserve privacy and freedom, while countries like Russia and China see that freedom as a threat to their regime stability. Most countries see cooperation as a potential threat to sovereignty. While regulations and accountability are a necessity, the anonymous nature of the Internet makes it almost impossible to prove who is really accountable for a cyberattack, and the need to encourage cooperation makes it a dicey proposition to punish any of the players if they’re perceived to break the rules.
The report also highlights a clash of interests among generations, with the younger generation feeling much less threatened by the loss of privacy than past generations. And finally, there’s a clash of expertise and comfort between tech-savvy users and IT and less tech-savvy politicians who make the laws and attempt to regulate cyberspace.
Protecting the SCADA systems that run critical infrastructure remains a tremendous challenge with very frightening implications. Even Israel, considered perhaps the most advanced country in terms of cybersecurity, confesses that its SCADA systems are still not protected and that “there is still a lot to do.” Many of those interviewed expressed the opinion that genuine cooperation will probably not happen until a cyber version of 911 occurs.
One gets the feeling that all aspects of this issue will require many more years of evolution. As a start the report recommends global trust building through information sharing bodies such as the Common Assurance Maturity Model (CAMM) and the Cloud Security Alliance (CSA). Perhaps another likely scenario for now is one similar to the shunning of money laundering safe havens by the larger global financial participants several years ago, which reduced the number of places where money could be hidden safely. The more cyber responsible nations may have to make life difficult for the nations perceived to be less responsible, a very risky proposition.
By Leon Erlanger
Wednesday, February 15, 2012
How Valuable Is Your Time?
Do you remember that time my husband clicked on scareware? Or that story I tell about before I started blogging for McAfee, the kids downloaded a virus onto the computer that we couldn’t get rid of and we had to send the pc back to the store?
I bet I never told you about how I set my mom up with an account on our McAfee Family Protection so I could make sure she didn’t go to certain sites or have access to different programs on my computer. I was worried about her accidently deleting a file or downloading a keylogger.
All of these things took time – sometimes days or weeks to fix. Being the resident techie in charge of fixing these problems meant that I had to do the dirty work. Friends would usually suggest I go to a big box store to get it fixed. They often would complain about the price of those services in the same breath! Luckily I can handle most basic problems on my own, but my time is valuable.
As a busy mom, sometimes I just have other things to attend to rather than spending time recovering a lost document, you know?
Well, McAfee has unveiled a new service called McAfee TechMaster (https://techmaster.mcafee.com/) to help us with any technical issue that you can imagine. It’s everything from setting up a new (or fix an old one) computer or home network to virus removal and data recovery. Plus, they don’t need to come to your house. It’s done via phone or remote login to your computer depending on what you need help with.
What’s really cool are the two annual concierge services, which for a decent price if you can get 24/7, unlimited support. Add up all of the times you needed tech help (maintenence, set up and just random issues) with your multiple computers, phones, tablets, printers, home networks and routers. I have! Or, there are services that help you per incident starting at $69.95. I think that is a small fee to pay for great support!
Check it out for yourself and let me know what you think!
Stay safe out there!
By Tracy Mooney
I bet I never told you about how I set my mom up with an account on our McAfee Family Protection so I could make sure she didn’t go to certain sites or have access to different programs on my computer. I was worried about her accidently deleting a file or downloading a keylogger.
All of these things took time – sometimes days or weeks to fix. Being the resident techie in charge of fixing these problems meant that I had to do the dirty work. Friends would usually suggest I go to a big box store to get it fixed. They often would complain about the price of those services in the same breath! Luckily I can handle most basic problems on my own, but my time is valuable.
As a busy mom, sometimes I just have other things to attend to rather than spending time recovering a lost document, you know?
Well, McAfee has unveiled a new service called McAfee TechMaster (https://techmaster.mcafee.com/) to help us with any technical issue that you can imagine. It’s everything from setting up a new (or fix an old one) computer or home network to virus removal and data recovery. Plus, they don’t need to come to your house. It’s done via phone or remote login to your computer depending on what you need help with.
What’s really cool are the two annual concierge services, which for a decent price if you can get 24/7, unlimited support. Add up all of the times you needed tech help (maintenence, set up and just random issues) with your multiple computers, phones, tablets, printers, home networks and routers. I have! Or, there are services that help you per incident starting at $69.95. I think that is a small fee to pay for great support!
Check it out for yourself and let me know what you think!
Stay safe out there!
By Tracy Mooney
Tuesday, February 14, 2012
Valentine’s Day Cyber Scams that Will Play with Your Heart
Back in November, McAfee warned consumers about the 12 scams of Christmas – tactics that cybercriminals used to take advantage of our holiday cheer and good spirit to steal our financial information or confidential data. From sending malware emails and setting up phony Facebook promotions and contests to conducting online coupon scams, there is no end to the amount of creativity invested into these holiday tricks, and Valentine’s Day is no different.
McAfee expects messages with a Valentine’s theme to quadruple globally as we approach the holiday, based on previous years of spam volumes. In other words, cybercriminals will be working hard to penetrate your defenses because they know you will be spending at least a little bit of time online looking for gift ideas, vacation suggestions, or e-cards.
Check out this list of Valentine’s scams to get an idea of how cybercriminals are exploiting this romantic holiday to steal your credit card details, install viruses on your personal computers and devices, and collect your personal information.
Valentine’s Day-themed spam
One type of bait that cybercriminals use to lure your financial information is through sending out holiday-themed emails that advertise items you may want to purchase. In regards to Valentine’s Day, you’ll often receive spam about deals on roses, chocolates, jewellery, etc. If you’re not careful, you could find yourself surfing a false website and purchasing products that you will never receive.
Tip: Never open emails from unfamiliar senders.
Malicious e-cards
Opening an e-card from an email address you don’t recognize is one of the easiest ways to invite malware onto your machine. For example, you may be prompted to download software to view the card, and while you may think you’re being re-directed to a legitimate site, you could actually end up installing a virus that could potentially steal your personal information.
Tip: Never click on a link in an e-card sent by someone you don’t know. Always check the address from which it was sent to ensure it came from a legitimate e-card website.
Online dating scams
Online dating sites are targeted by criminals looking to take advantage of users seeking love. The scenario usually follows a similar pattern: both parties establish an online relationship, and then the criminal concocts an appeal to the victim to send money, valuables, or personal information. It could be that the criminal wants money to make the trip out to visit the victim, or the criminal needs money to help a sick relative. Whatever the case may be, there is a good chance that once the money is sent, the victim will never hear from this person again.
Tip: Only use a reputable dating website and be wary of anyone who asks for personal information.
Unsafe searches and malicious malware
Searching for holiday-themed content, whether they be gifts or e-cards, poses significant security risks if a PC or device is not protected. McAfee has found that within the top 100 results of daily top search terms, nearly 50 per cent lead to malicious sites[i]. Whether prompted to download suspicious files or software, or encouraged to make a fake purchase, these sites are definitely up to no good.
Tip: Always use a safe search tool such as McAfee® SiteAdvisor® software, which tells you right in the search results page if a site is safe to click on. Shop from reputable sites and always remember that if an offer seems too good to be true, it probably is.
Rogue applications
Allowing applications to access your Facebook information potentially turn you into a spammer. These apps have a mind of their own and bombard your friends with myriad status updates and surveys to try to collect their personal data.
Tip: Be suspicious of applications and links, and think twice before allowing a third-party vendor to access your information
By Brenda Moretto
McAfee expects messages with a Valentine’s theme to quadruple globally as we approach the holiday, based on previous years of spam volumes. In other words, cybercriminals will be working hard to penetrate your defenses because they know you will be spending at least a little bit of time online looking for gift ideas, vacation suggestions, or e-cards.
Check out this list of Valentine’s scams to get an idea of how cybercriminals are exploiting this romantic holiday to steal your credit card details, install viruses on your personal computers and devices, and collect your personal information.
Valentine’s Day-themed spam
One type of bait that cybercriminals use to lure your financial information is through sending out holiday-themed emails that advertise items you may want to purchase. In regards to Valentine’s Day, you’ll often receive spam about deals on roses, chocolates, jewellery, etc. If you’re not careful, you could find yourself surfing a false website and purchasing products that you will never receive.
Tip: Never open emails from unfamiliar senders.
Malicious e-cards
Opening an e-card from an email address you don’t recognize is one of the easiest ways to invite malware onto your machine. For example, you may be prompted to download software to view the card, and while you may think you’re being re-directed to a legitimate site, you could actually end up installing a virus that could potentially steal your personal information.
Tip: Never click on a link in an e-card sent by someone you don’t know. Always check the address from which it was sent to ensure it came from a legitimate e-card website.
Online dating scams
Online dating sites are targeted by criminals looking to take advantage of users seeking love. The scenario usually follows a similar pattern: both parties establish an online relationship, and then the criminal concocts an appeal to the victim to send money, valuables, or personal information. It could be that the criminal wants money to make the trip out to visit the victim, or the criminal needs money to help a sick relative. Whatever the case may be, there is a good chance that once the money is sent, the victim will never hear from this person again.
Tip: Only use a reputable dating website and be wary of anyone who asks for personal information.
Unsafe searches and malicious malware
Searching for holiday-themed content, whether they be gifts or e-cards, poses significant security risks if a PC or device is not protected. McAfee has found that within the top 100 results of daily top search terms, nearly 50 per cent lead to malicious sites[i]. Whether prompted to download suspicious files or software, or encouraged to make a fake purchase, these sites are definitely up to no good.
Tip: Always use a safe search tool such as McAfee® SiteAdvisor® software, which tells you right in the search results page if a site is safe to click on. Shop from reputable sites and always remember that if an offer seems too good to be true, it probably is.
Rogue applications
Allowing applications to access your Facebook information potentially turn you into a spammer. These apps have a mind of their own and bombard your friends with myriad status updates and surveys to try to collect their personal data.
Tip: Be suspicious of applications and links, and think twice before allowing a third-party vendor to access your information
By Brenda Moretto
Monday, February 13, 2012
Cyber Insurance and Security
I recently read an article in Computerworld that really got me thinking about servers: what they are, what they do and what they hold. Traditionally, the insurance industry has offered risk protection from tangible events – even if they are unpredictable. Hurricane and earthquake insurance are factored by damages and physical loss; but how would cyber insurance be factored? Although we’ve made great strides, we still cannot predict or easily measure the impact of a future data breach. So the question is, how can companies provide any reasonable cyber insurance?
Cyber insurance can account for the physical aspect of a server being lost or stolen, and guess the value of the data that would be lost during a server compromise. But what if a server is unable to perform its job due to cyber incident or vulnerability? Does the insurance consider the loss in productivity that would occur if a compromise affected server performance or availability? And how does this extend to our partners’ datacenters, cloud services and mobile computing capacity?
The fact is, a strong, strategic security policy and holistic security framework can assist in providing visibility and actionable tasks that will have the most impact against the highest risks. In other industries, taking responsible actions to mitigate risk helps companies reduce their premiums, as well as predict the amount of necessary coverage, so they don’t over-extend. It’s too soon to tell, but it will be interesting to see how cyber insurance and security risk management will continue to mature in the next few years.
For more information on this topic, check out my podcast below, and be sure to visit our website to learn more about how the McAfee Security Connected framework can help your business enable centralized, efficient, and effective risk mitigation.
By Kim Singletary
Cyber insurance can account for the physical aspect of a server being lost or stolen, and guess the value of the data that would be lost during a server compromise. But what if a server is unable to perform its job due to cyber incident or vulnerability? Does the insurance consider the loss in productivity that would occur if a compromise affected server performance or availability? And how does this extend to our partners’ datacenters, cloud services and mobile computing capacity?
The fact is, a strong, strategic security policy and holistic security framework can assist in providing visibility and actionable tasks that will have the most impact against the highest risks. In other industries, taking responsible actions to mitigate risk helps companies reduce their premiums, as well as predict the amount of necessary coverage, so they don’t over-extend. It’s too soon to tell, but it will be interesting to see how cyber insurance and security risk management will continue to mature in the next few years.
For more information on this topic, check out my podcast below, and be sure to visit our website to learn more about how the McAfee Security Connected framework can help your business enable centralized, efficient, and effective risk mitigation.
By Kim Singletary
Friday, February 10, 2012
Telehealth, Including Telesurgery, Expected to Rapidly Expand
We’ve seen some great examples of how telehealth services help reach patients living in rural areas that lack easy access to medical care. With telepresence technology, these patients can have face-to-face visits with their doctors as frequently as needed, without having to leave home or face long commutes to the hospital.
Knowing how much the people using these telehealth services rely on their high-quality, convenient patient care, it is great to read that market researchers expect the global telemedicine market to expand by 19 percent by 2014. According to a forecast by market analysts at Technavio, United States federal grants supporting telehealth contribute significantly to the forecasted industry growth. An increase in strategic partnerships in telemedicine also helps boost telehealth’s prominence.
As telemedicine continues to expand throughout the United States, Europe and developing nations also continue to offer more opportunities for remote care, according to the market report. It’s exciting to think of the international collaboration possibilities for telehealth as it spreads worldwide. Imagine a telepresence connection between an expert in France, a patient in rural New York, and the patient’s doctor in New York City. The top minds in different specialties could communicate effortlessly, sharing cutting-edge findings and offering the best care available.
We’re already seeing truly innovative international telepresence collaboration in telesurgery, a field the Technavio report predicted would continue to expand. In September, a Kenyan patient underwent the African nation’s first telesurgery procedure. Specialists in India guided the operation via telepresence.
Would you let robots perform your surgery if you knew the best hands in the field led the procedure in real-time through telepresence? It sounds impossible, but with telepresence widely available, it could be the wave of the future!
By Janet Lyons
Knowing how much the people using these telehealth services rely on their high-quality, convenient patient care, it is great to read that market researchers expect the global telemedicine market to expand by 19 percent by 2014. According to a forecast by market analysts at Technavio, United States federal grants supporting telehealth contribute significantly to the forecasted industry growth. An increase in strategic partnerships in telemedicine also helps boost telehealth’s prominence.
As telemedicine continues to expand throughout the United States, Europe and developing nations also continue to offer more opportunities for remote care, according to the market report. It’s exciting to think of the international collaboration possibilities for telehealth as it spreads worldwide. Imagine a telepresence connection between an expert in France, a patient in rural New York, and the patient’s doctor in New York City. The top minds in different specialties could communicate effortlessly, sharing cutting-edge findings and offering the best care available.
We’re already seeing truly innovative international telepresence collaboration in telesurgery, a field the Technavio report predicted would continue to expand. In September, a Kenyan patient underwent the African nation’s first telesurgery procedure. Specialists in India guided the operation via telepresence.
Would you let robots perform your surgery if you knew the best hands in the field led the procedure in real-time through telepresence? It sounds impossible, but with telepresence widely available, it could be the wave of the future!
By Janet Lyons
Thursday, February 9, 2012
Technology for Business Sake
Nothing irritates me more than technology that goes unused. Shiny things, cool bells and whistles, and technology features don’t excite me unless I see people using the technology to transform their business and gaining true return on their investment.
I often ask customers, “What is more important to you, get the cheapest deal or realizing the benefits the technology can offer?” Do you choose something because it is free or something that delivers a solution to your needs? Often I’ve seen people choose cost over benefit, to deeply regret it later; spending valuable time not realizing the productivity benefits.
The key to finding the right balance is designing value into our technology. It means creating products that are intuitive and easy to use for faster adoption by users; products that can solve business problems; and perhaps my favorite – products that can help transform a business.
One of my passions is video, and I have worked in this industry for 10 years. What keeps my passion ignited is when I see small businesses like Singlewire changing their sales model to use video, which not only improved the efficiency of their small sales force, but they were able to grow their business while portraying an image of a much larger professional firm.
Transformation in big enterprises is also very exciting. Our video and collaboration solutions are transforming traditional banking delivery; helping them to extend their reach with remote experts in a cost –effective way with lifelike video conversations and collaboration tools. Access to financial experts at a bank is no longer confined to a physical location, the flexibility and reach is there for them today. Such an example is Citizen’s Financial Group who used Cisco’s Remote Expert solution, based on Cisco’s TelePresence and other advanced collaboration technologies, to offer a virtual face-to-face consultation between a customer and subject matter expert through high quality video and online information sharing.
There are so many other examples in how we are helping people use our technology to transform their business whether it is in education, retail, or manufacturing – we are truly changing the way people work, live, play and learn.
Whether you are developing, selling or buying products and solutions – don’t’ start with the bells and whistles, start with the business transformation you want to achieve.
By OJ Winge
I often ask customers, “What is more important to you, get the cheapest deal or realizing the benefits the technology can offer?” Do you choose something because it is free or something that delivers a solution to your needs? Often I’ve seen people choose cost over benefit, to deeply regret it later; spending valuable time not realizing the productivity benefits.
The key to finding the right balance is designing value into our technology. It means creating products that are intuitive and easy to use for faster adoption by users; products that can solve business problems; and perhaps my favorite – products that can help transform a business.
One of my passions is video, and I have worked in this industry for 10 years. What keeps my passion ignited is when I see small businesses like Singlewire changing their sales model to use video, which not only improved the efficiency of their small sales force, but they were able to grow their business while portraying an image of a much larger professional firm.
Transformation in big enterprises is also very exciting. Our video and collaboration solutions are transforming traditional banking delivery; helping them to extend their reach with remote experts in a cost –effective way with lifelike video conversations and collaboration tools. Access to financial experts at a bank is no longer confined to a physical location, the flexibility and reach is there for them today. Such an example is Citizen’s Financial Group who used Cisco’s Remote Expert solution, based on Cisco’s TelePresence and other advanced collaboration technologies, to offer a virtual face-to-face consultation between a customer and subject matter expert through high quality video and online information sharing.
There are so many other examples in how we are helping people use our technology to transform their business whether it is in education, retail, or manufacturing – we are truly changing the way people work, live, play and learn.
Whether you are developing, selling or buying products and solutions – don’t’ start with the bells and whistles, start with the business transformation you want to achieve.
By OJ Winge
Wednesday, February 8, 2012
Email with Malicious HTML Attachments
Malware is often embedded in email as compressed attachments (such as .zip, .rar, etc.). Recently, however, Symantec has noticed an increase in malicious email attacks with .htm (HTML) attachments.
The attack contains a .htm attachment and obfuscated JavaScript is embedded in the coding of the file. The purpose of the JavaScript is to redirect your internet browser to a malware-hosting site in Russia which contains Trojan.Pidief and Trojan.Swifi.
Malicious JavaScript, when injected into an HTML file, can:
The attack contains a .htm attachment and obfuscated JavaScript is embedded in the coding of the file. The purpose of the JavaScript is to redirect your internet browser to a malware-hosting site in Russia which contains Trojan.Pidief and Trojan.Swifi.
Malicious JavaScript, when injected into an HTML file, can:
- Exploit browser and plugin vulnerabilities to run arbitrary code
- Display fake antivirus scans and other fraudulent information
- Download JavaScript, HTML, and other files
- Hijack browsing sessions
- Redirect users to malicious websites
- Steal information
- Be selective on which websites you share your email address with.
- Avoid clicking on suspicious links in email or instant messages (these may be links to spoofed websites). We suggest typing Web addresses directly into the browser rather than clicking on links in messages.
- Do not open spam messages.
- Do not reply to spam: typically the sender’s email address is forged, and replying may only result in more spam.
- Do not open unknown email attachments. These attachments could compromise your computer.
- Always be sure that your operating system is up-to-date with the latest updates and use a comprehensive security solution. For details on Symantec’s offerings, visit http://www.symantec.com.
Tuesday, February 7, 2012
IT Security: The Final Frontier?
For anyone who has spent the past 10 years thinking IT security is all about operating systems, software, and the Internet, it’s a little shocking to read McAfee’s IT Security predictions for 2012. McAfee doesn’t spend a lot of text discussing new threats to the usual suspects. Instead, it zooms into the next frontier, where hackers target component firmware, networked embedded systems, and industrial infrastructure. Admittedly, the path to the latter is often through the Internet and Windows, but the target is often from another era.
If you wonder what the fuss is about, take a minute to think about how many printers from a certain market-leading vendor are attached to your network. These printers have a lot of valuable data stored on their hard disks, at least temporarily.
I suspect most organizations are still too anxious addressing the consumerization of IT and mobile devices to focus on hardware and embedded systems, but if McAfee is right, a wakeup call is coming soon – and possibly as soon as 2012.
Critical and Industrial Infrastructure
It may surprise you to find out that the systems controlling and managing many functions at power plants, refineries, as well as water and industrial systems run on Windows. Yes, Windows. In many cases anyone can download free trials of these packages and explore them all they want for a month. If that isn’t scary enough, many of these software packages, called Supervisory, Control, and Data Acquisition (SCADA) systems are connected to the same networks that connect to the Internet, but in most cases haven’t been designed with the Internet in mind. And they’re often in environments where people are not used to thinking very much about Internet hazards.
The vulnerabilities of SCADA systems have become a somewhat hot topic lately, with scores of vulnerabilities found in just a few weeks. The infamous Stuxnet worm that caused havoc to Iran’s nuclear program by changing the spin rate of its centrifuges targeted SCADA systems and was introduced through USB flash drives. Recently, hackers posted a link to logins for Israeli government SCADA systems on Twitter.
Embedded Systems
These are proprietary systems that control functions in many consumer devices such as GPS’s and cameras but are also found in corporate printers, network infrastructure hardware, and medical devices. Earlier this year, researchers at Columbia University demonstrated vulnerabilities in HP printers that could be harnessed to forward documents to a remote computer or even damage the printers physically. While the researchers targeted HP, these types of vulnerabilities are most likely present on most other printers as well, and many others can likely be found on routers and other network devices. HP issued firmware updates to address specific vulnerabilities cited by the researchers.
Another threat on embedded systems that has gained media attention as of late is attacks on automobiles. The trend of building new technology into cars also poses a risk, opening the door for vehicles to be hacked. Criminals can potentially remotely unlock your car, start up the engine, or activate a computerized braking system with a cell phone. Testing of Toyota’s braking problems showed that researchers could control the cars by using Bluetooth connections, as well as OnStar and SYNC systems.
Other Hardware Attacks
According to McAfee, as traditional operating systems such as Windows 8 get better at addressing core OS vulnerabilities, hackers are likely to try to get underneath the operating system to target network cards, graphics processors, hard drives, and system BIOS. A Trojan called Mebroni was one of the first discovered that was capable of attacking a system BIOS. More are sure to come.
It’s not time to panic yet, but be aware that the sophistication of hackers is growing as traditional operating system vulnerabilities are addressed, and the money and expertise behind cyberwars and hacktivism, which McAfee also highlights in its report, is considerable and growing. It’s time to start thinking about these threats and how to begin to address them.
For more information on McAfee’s threat predictions, read the full report here. You can also take a look at our January #SecChat recap, focused on 2012 threat predictions and security recommendations for businesses moving forward into the new year. As always, you can also follow us on Twitter at @McAfeeBusiness, where we post regular updates on McAfee news and events.
By: Leon Erlanger
If you wonder what the fuss is about, take a minute to think about how many printers from a certain market-leading vendor are attached to your network. These printers have a lot of valuable data stored on their hard disks, at least temporarily.
I suspect most organizations are still too anxious addressing the consumerization of IT and mobile devices to focus on hardware and embedded systems, but if McAfee is right, a wakeup call is coming soon – and possibly as soon as 2012.
Critical and Industrial Infrastructure
It may surprise you to find out that the systems controlling and managing many functions at power plants, refineries, as well as water and industrial systems run on Windows. Yes, Windows. In many cases anyone can download free trials of these packages and explore them all they want for a month. If that isn’t scary enough, many of these software packages, called Supervisory, Control, and Data Acquisition (SCADA) systems are connected to the same networks that connect to the Internet, but in most cases haven’t been designed with the Internet in mind. And they’re often in environments where people are not used to thinking very much about Internet hazards.
The vulnerabilities of SCADA systems have become a somewhat hot topic lately, with scores of vulnerabilities found in just a few weeks. The infamous Stuxnet worm that caused havoc to Iran’s nuclear program by changing the spin rate of its centrifuges targeted SCADA systems and was introduced through USB flash drives. Recently, hackers posted a link to logins for Israeli government SCADA systems on Twitter.
Embedded Systems
These are proprietary systems that control functions in many consumer devices such as GPS’s and cameras but are also found in corporate printers, network infrastructure hardware, and medical devices. Earlier this year, researchers at Columbia University demonstrated vulnerabilities in HP printers that could be harnessed to forward documents to a remote computer or even damage the printers physically. While the researchers targeted HP, these types of vulnerabilities are most likely present on most other printers as well, and many others can likely be found on routers and other network devices. HP issued firmware updates to address specific vulnerabilities cited by the researchers.
Another threat on embedded systems that has gained media attention as of late is attacks on automobiles. The trend of building new technology into cars also poses a risk, opening the door for vehicles to be hacked. Criminals can potentially remotely unlock your car, start up the engine, or activate a computerized braking system with a cell phone. Testing of Toyota’s braking problems showed that researchers could control the cars by using Bluetooth connections, as well as OnStar and SYNC systems.
Other Hardware Attacks
According to McAfee, as traditional operating systems such as Windows 8 get better at addressing core OS vulnerabilities, hackers are likely to try to get underneath the operating system to target network cards, graphics processors, hard drives, and system BIOS. A Trojan called Mebroni was one of the first discovered that was capable of attacking a system BIOS. More are sure to come.
It’s not time to panic yet, but be aware that the sophistication of hackers is growing as traditional operating system vulnerabilities are addressed, and the money and expertise behind cyberwars and hacktivism, which McAfee also highlights in its report, is considerable and growing. It’s time to start thinking about these threats and how to begin to address them.
For more information on McAfee’s threat predictions, read the full report here. You can also take a look at our January #SecChat recap, focused on 2012 threat predictions and security recommendations for businesses moving forward into the new year. As always, you can also follow us on Twitter at @McAfeeBusiness, where we post regular updates on McAfee news and events.
By: Leon Erlanger
Monday, February 6, 2012
Smartphone and Tablet Users: You Need Security
Care about preserving privacy and protecting against financial fraud, identity theft and viruses? With vast amounts of personal and business data now found on Android, BlackBerry, Windows and Symbian smartphones and tablets, mobile security threats continue to increase and threaten this information.
According to a recent Nielsen report, a majority of smartphone owners (62%) have downloaded one of the more than 1 million apps available for Android and iOS devices. However, this surge in growth is accompanied by the potential for malicious apps to damage or threaten mobile security.
To protect yourself and your stuff, it’s time to download and install McAfee Mobile Security 2.0. This latest generation includes:
According to a recent Nielsen report, a majority of smartphone owners (62%) have downloaded one of the more than 1 million apps available for Android and iOS devices. However, this surge in growth is accompanied by the potential for malicious apps to damage or threaten mobile security.
To protect yourself and your stuff, it’s time to download and install McAfee Mobile Security 2.0. This latest generation includes:
- Complete Anti-virus, Anti-spyware and Anti-phishing Protection: Scans and cleans malicious code from files, memory cards, applications, Internet downloads and text messages.
- Protection from Potentially Unwanted Programs (PUPs): McAfee is the first to protect you from applications that include spyware, adware and dialers, despite the fact that these programs may have been downloaded in conjunction with a program that you want.
- Web Protection: McAfee SiteAdvisor® protects you from web threats by blocking risky links within text messages, email and social networking sites. It also safeguards against potential phishing sites, browser exploits and malicious quick response (QR) codes.
- Device Lock: Prevents misuse of your mobile device and personal data by remotely locking all data, including the data on the memory (SIM) card, and displaying a “contact me” message on the device.
- Remote Data Wipe: Protects your privacy by allowing you to remotely deleting the data on your phone and removable memory card. It can also backup data before the remote wipe to prevent the loss of data on your device.
- Backup and Restore Data: Preserves your irreplaceable personal information on demand, on a schedule, or before wiping a missing smartphone or tablet, then restores information to your new device.
- Locate and Track: Helps you to recover your smartphone or tablet if it is lost or stolen. You can view your device’s location on a map, send a text to prompt its return, and use a remote alarm to make it “scream.”
- App Protection: McAfee App Alert for Android helps you keep your private data private by interpreting how apps are accessing and possibly transmitting your personal data.
- Call and Text Filtering: Easily filters out spammers, incorrect numbers and unwanted texts.
- Online Management: McAfee’s web portal lets you quickly execute needed security tasks, such as backup, restore, locate, and remote lock and wipe.
- Uninstall Protection: Prevents a thief or another user from bypassing the mobile protection that is installed on your smartphone or tablet.
Friday, February 3, 2012
Change Is In The Air: CIO Magazine Poll Results
If you're a regular reader of this blog, you know I've been writing extensively on IT transformation - where IT decides it needs to compete for internal IT business, and organizes appropriately.
Why? It's a really big deal. As a result, I've exhaustively gone through what I felt were the motivations and the challenges for IT changing the way it does business.
But now, you don't have to listen to me and my endless exhortations. You can now see how others in the IT profession feel about the topic.
While the poll results might be surprising to you, the only "surprise" I found was perhaps the degree that the responses tended to correspond to my own personal views. But that's not really a surprise, since many of my views are nothing more than aggregations of conversations that I frequently have with this audience.
Take a moment, and see for yourself …
Of Polls and Polling
Every poll or survey has multiple inherent biases. Rather than try to avoid these, I try to simply identify any structural biases, acknowledge them -- and move on.
The most fundamental bias in any survey is self-selection: you end up gathering the perspectives of people who are willing to submit to a poll on a given topic.
This poll is no different: the 209 early respondents are likely (a) very interested in this particular topic, and (b) probably motivated to see what others had to say about the same topics.
Keep this self-selection principle in mind as you digest the results.
Where Are You With Virtualization?
A breathtaking 65% of the respondents were well along their virtualization journey.
Rather than take this as a measure of the broader IT market, I interpret this result as a strong interest in ITaaS topics amongst those who are substantially virtualized -- and probably looking to do much more.
That makes a certain sense: the core technology is in place and showing the results; what remains is to change the way the IT is consumed to be more optimized, more effective, create greater value, etc.
Motivational Clusters
I do like the "check all that apply" kinds of survey questions, as life is rarely simple enough to warrant a 'best" answer.
As I look at this result, I see three motivational clusters.
The first cluster (50%+ of respondents) is basically around doing a better job for the business.
The second cluster (40%+ of respondents) is around new kinds technologies showing up in the workplace -- mobile, web, consumer IT, etc.
And the third cluster (20-30%) is around new forms of work -- collaboration, analytics, personal productivity, etc.
If I was being critical, I'd point out that the second cluster is likely being driven by the first and third ones. IT people tend to define their worlds in terms of specific technologies, rather than the underlying motivations for their adoption :)
Perceived Benefits
Nice to see that "agility" and "value generation" rise to the top when respondents were asked to point to the benefits of undertaking an ITaaS transformation.
A bit surprising to me was that half the respondents pointed to "better IT services" (reliable, etc.) as a potential benefit. I guess that's even more evidence that current approaches aren't delivering the goods.
Also in the roughly-half category was achieving financial transparency. That's encouraging.
Rounding out the 30%+ category are benefits like "improved go-to-market for IT projects" and "creating competitive advantage". That last result was perhaps a bit shocking: unless you're clearly focused on creating a sustainable competitive advantage for your organization, little else matters -- at least, to my way of thinking.
Physician, Heal Thyself
More validation: half the respondents pointed to skills as one of the big things holding them back. I'd agree, but there's more.
About 40% pointed to the need for a substantial technology investment.
That last one puzzles me -- how can new technology deliver any meaningful benefit unless you're skilled and organized to take advantage of it? Maybe I should interpret this as "we think we might have bought the wrong stuff, and that's a problem" which would align better with my own personal perspectives :)
Poor communication and alignment between IT and business", "lack of tech-savvy business execs" and "tech savvy execs going around IT" form an interesting cluster if you think about it -- all coming in at about the 25%+ mark.
This one, in particular, tends to correlate strongly with the size of the IT organization, based on my personal experiences. To quote a famous line -- "what we have here is a failure to communicate", and that becomes much more of a challenge in larger settings.
Seeing The Road Ahead
Perhaps the most satisfying results came from the responses around "what needs to be done". All responses came in at 40%+, meaning that the respondents realize that there's no silver bullet here -- just a lot of sustained and heavy lifting across a number of challenges.
From redefining the relationship with the business to modernizing IT skills and roles, there's a lot of work to be done, based on the responses here.
A Word Of Thanks
Although sponsored by EMC, this work was brought to you by the good people at CIO Magazine and IDG.
My personal thanks to them for this project, and allowing all of us to share the results with you, even in my personal blog :)
Now What?
I mentioned at the beginning that it was very likely that the participants in this poll self-selected because they were interested in the topic.
Now, I'm really interested in understanding the "who's interested" audience across different industries, demographics, geographies, etc. Where is this new IT thinking taking root now, and where is it taking longer?
In my conversations, I'm always fishing to see if this discussion is interesting to the IT leaders I meet with. Sometimes it is, sometimes it isn't. That's to be expected.
But I'd like to think the numbers are increasing :)
By Chuck Hollis
Why? It's a really big deal. As a result, I've exhaustively gone through what I felt were the motivations and the challenges for IT changing the way it does business.
But now, you don't have to listen to me and my endless exhortations. You can now see how others in the IT profession feel about the topic.
While the poll results might be surprising to you, the only "surprise" I found was perhaps the degree that the responses tended to correspond to my own personal views. But that's not really a surprise, since many of my views are nothing more than aggregations of conversations that I frequently have with this audience.
Take a moment, and see for yourself …
Of Polls and Polling
Every poll or survey has multiple inherent biases. Rather than try to avoid these, I try to simply identify any structural biases, acknowledge them -- and move on.
The most fundamental bias in any survey is self-selection: you end up gathering the perspectives of people who are willing to submit to a poll on a given topic.
This poll is no different: the 209 early respondents are likely (a) very interested in this particular topic, and (b) probably motivated to see what others had to say about the same topics.
Keep this self-selection principle in mind as you digest the results.
Where Are You With Virtualization?
A breathtaking 65% of the respondents were well along their virtualization journey.
Rather than take this as a measure of the broader IT market, I interpret this result as a strong interest in ITaaS topics amongst those who are substantially virtualized -- and probably looking to do much more.
That makes a certain sense: the core technology is in place and showing the results; what remains is to change the way the IT is consumed to be more optimized, more effective, create greater value, etc.
Motivational Clusters
I do like the "check all that apply" kinds of survey questions, as life is rarely simple enough to warrant a 'best" answer.
As I look at this result, I see three motivational clusters.
The first cluster (50%+ of respondents) is basically around doing a better job for the business.
The second cluster (40%+ of respondents) is around new kinds technologies showing up in the workplace -- mobile, web, consumer IT, etc.
And the third cluster (20-30%) is around new forms of work -- collaboration, analytics, personal productivity, etc.
If I was being critical, I'd point out that the second cluster is likely being driven by the first and third ones. IT people tend to define their worlds in terms of specific technologies, rather than the underlying motivations for their adoption :)
Perceived Benefits
Nice to see that "agility" and "value generation" rise to the top when respondents were asked to point to the benefits of undertaking an ITaaS transformation.
A bit surprising to me was that half the respondents pointed to "better IT services" (reliable, etc.) as a potential benefit. I guess that's even more evidence that current approaches aren't delivering the goods.
Also in the roughly-half category was achieving financial transparency. That's encouraging.
Rounding out the 30%+ category are benefits like "improved go-to-market for IT projects" and "creating competitive advantage". That last result was perhaps a bit shocking: unless you're clearly focused on creating a sustainable competitive advantage for your organization, little else matters -- at least, to my way of thinking.
Physician, Heal Thyself
More validation: half the respondents pointed to skills as one of the big things holding them back. I'd agree, but there's more.
About 40% pointed to the need for a substantial technology investment.
That last one puzzles me -- how can new technology deliver any meaningful benefit unless you're skilled and organized to take advantage of it? Maybe I should interpret this as "we think we might have bought the wrong stuff, and that's a problem" which would align better with my own personal perspectives :)
Poor communication and alignment between IT and business", "lack of tech-savvy business execs" and "tech savvy execs going around IT" form an interesting cluster if you think about it -- all coming in at about the 25%+ mark.
This one, in particular, tends to correlate strongly with the size of the IT organization, based on my personal experiences. To quote a famous line -- "what we have here is a failure to communicate", and that becomes much more of a challenge in larger settings.
Seeing The Road Ahead
Perhaps the most satisfying results came from the responses around "what needs to be done". All responses came in at 40%+, meaning that the respondents realize that there's no silver bullet here -- just a lot of sustained and heavy lifting across a number of challenges.
From redefining the relationship with the business to modernizing IT skills and roles, there's a lot of work to be done, based on the responses here.
A Word Of Thanks
Although sponsored by EMC, this work was brought to you by the good people at CIO Magazine and IDG.
My personal thanks to them for this project, and allowing all of us to share the results with you, even in my personal blog :)
Now What?
I mentioned at the beginning that it was very likely that the participants in this poll self-selected because they were interested in the topic.
Now, I'm really interested in understanding the "who's interested" audience across different industries, demographics, geographies, etc. Where is this new IT thinking taking root now, and where is it taking longer?
In my conversations, I'm always fishing to see if this discussion is interesting to the IT leaders I meet with. Sometimes it is, sometimes it isn't. That's to be expected.
But I'd like to think the numbers are increasing :)
By Chuck Hollis
Thursday, February 2, 2012
Productivity: An Inconvenient Truth
I said in the first post of this series that I’ll start to share more about my productivity lessons-learned. But first, let’s get one thing out of the way — I believe that online collaboration tools really don’t matter. In contrast, how you apply them for purposeful engagement matters a lot, regarding the anticipated productivity gains.
Moreover, the most substantial gains in online productivity will likely come from fully understanding all the people, process and technology issues that define the environment you’re working within. So, situational context is important.
Besides, if you currently work within a large organization and you believe that a “culture of collaboration” seems more like an aspirational goal, but not the everyday reality — you’re not alone. Truly, your experience is similar to the vast majority.
Collaboration: the Whole Truth…
According to the findings from a recent study by the Corporate Executive Board, “Most companies struggle to achieve cross-company collaboration, even within single locations. In fact, only 1 in 10 senior HR executives and only 39 percent of all employees believe their organizations effectively encourage collaboration.”
Furthermore, they also said “The best companies have found that building a globally distributed innovation capability requires that 1) employees have a deep mutual trust to increase the willingness to share and to be receptive to new ideas and 2) staff have strong connections to facilitate the identification, extraction, and application of lessons across markets.”
Therefore, think of the upside opportunity and imagine the strategic benefits of being ranked a top-tier collaborator. There, hold that image. That’s your incentive to continue down this path.
People, Process and Technology Assessment
In a perfect world, perhaps all that a chief executive need do to make an organization inclined to work together more effectively is to instruct the CIO to deploy a collaboration platform. After all, if we believe that our “people are our greatest asset” then every member of the staff is a potential collaborator — at least, in theory.
If business productivity improvement were merely an academic exercise, then being armed with the best theories and operational processes would be enough to ensure success. In practice, however, old assumptions often need to be tested, and tough decisions about human resource assignments must be made.
One of the key metrics used to measure the results of online collaboration is the level of employee engagement. But if purposeful off-line engagement at work is used as a benchmark, then you should proceed with caution. Assume nothing.
Case in point; findings from a market research study demonstrate that it’s unwise to believe that everyone is actively engaged. Still not convinced that technology selection isn’t the most common roadblock to success? Just consider the results from Gallup’s ongoing survey of employed people in American corporations. Enough said.
Prepare for Mainstream Enterprise Collaboration
Here are some basic tips to consider — regarding how to proceed. Do reach out to your organization’s most engaged and productive stakeholders, and ask them to actively participate in your enterprise collaboration planning process. But don’t fall into the trap of having unreal expectations for collaboration tool ROI.
Encourage the early-adopter use of free or freemium video chat communications tools — such as Sykpe or Google Talk. Increased user adoption of these consumer-oriented tools will help to pre-position your organization for the eventual application of enterprise TelePresence.
In summary, an overly simplistic review of the benefits derived from collaboration tools could easily lead to a misguided deployment effort. Some platform vendors can offer professional services to help assess your readiness — to fully leverage cloud-based collaboration apps and prescribe a progressive plan of action.
The next post on this series will also conclude with a few practical recommendations, as I describe the other aspects of “My Connected Life in the Cloud.”
By David Deans
Moreover, the most substantial gains in online productivity will likely come from fully understanding all the people, process and technology issues that define the environment you’re working within. So, situational context is important.
Besides, if you currently work within a large organization and you believe that a “culture of collaboration” seems more like an aspirational goal, but not the everyday reality — you’re not alone. Truly, your experience is similar to the vast majority.
Collaboration: the Whole Truth…
According to the findings from a recent study by the Corporate Executive Board, “Most companies struggle to achieve cross-company collaboration, even within single locations. In fact, only 1 in 10 senior HR executives and only 39 percent of all employees believe their organizations effectively encourage collaboration.”
Furthermore, they also said “The best companies have found that building a globally distributed innovation capability requires that 1) employees have a deep mutual trust to increase the willingness to share and to be receptive to new ideas and 2) staff have strong connections to facilitate the identification, extraction, and application of lessons across markets.”
Therefore, think of the upside opportunity and imagine the strategic benefits of being ranked a top-tier collaborator. There, hold that image. That’s your incentive to continue down this path.
People, Process and Technology Assessment
In a perfect world, perhaps all that a chief executive need do to make an organization inclined to work together more effectively is to instruct the CIO to deploy a collaboration platform. After all, if we believe that our “people are our greatest asset” then every member of the staff is a potential collaborator — at least, in theory.
If business productivity improvement were merely an academic exercise, then being armed with the best theories and operational processes would be enough to ensure success. In practice, however, old assumptions often need to be tested, and tough decisions about human resource assignments must be made.
One of the key metrics used to measure the results of online collaboration is the level of employee engagement. But if purposeful off-line engagement at work is used as a benchmark, then you should proceed with caution. Assume nothing.
Case in point; findings from a market research study demonstrate that it’s unwise to believe that everyone is actively engaged. Still not convinced that technology selection isn’t the most common roadblock to success? Just consider the results from Gallup’s ongoing survey of employed people in American corporations. Enough said.
Prepare for Mainstream Enterprise Collaboration
Here are some basic tips to consider — regarding how to proceed. Do reach out to your organization’s most engaged and productive stakeholders, and ask them to actively participate in your enterprise collaboration planning process. But don’t fall into the trap of having unreal expectations for collaboration tool ROI.
Encourage the early-adopter use of free or freemium video chat communications tools — such as Sykpe or Google Talk. Increased user adoption of these consumer-oriented tools will help to pre-position your organization for the eventual application of enterprise TelePresence.
In summary, an overly simplistic review of the benefits derived from collaboration tools could easily lead to a misguided deployment effort. Some platform vendors can offer professional services to help assess your readiness — to fully leverage cloud-based collaboration apps and prescribe a progressive plan of action.
The next post on this series will also conclude with a few practical recommendations, as I describe the other aspects of “My Connected Life in the Cloud.”
By David Deans
Wednesday, February 1, 2012
How To Steal A Car: Hack It!
No more jimmying doors with a Slim Jim, bricks through windows, extracting lock cylinders with a dent puller, or hot-wiring ignitions. Automobiles today are being built to include wireless capabilities that allow for remote unlock, remote start, and of course, there’s global positioning systems (GPS) and services like OnStar and ATX, which offer “telematics,” or information and communications technology. While these services appear relatively secure, researchers in controlled environments are searching for vulnerabilities.
OnStar offers “RemoteLink,” an application for the iPhone or Android, which allows Cadillac, Chevrolet, Buick, or GMC owners to view real-time data including fuel range, gallons of gas remaining, lifetime miles per gallon (MPG), lifetime mileage, remaining oil life, tire pressure, and account information. Chevrolet Volt owners can view their car’s electric range, electric miles, MPG, and the battery’s state of charge. Users can also use the application to remotely perform certain commands, such as unlocking doors.
While all this new technology provides us with convenience and useful information, it may also leave use open to risk. Researchers in San Francisco have been able to access a car’s central computer processor through an Internet-connected car alarm, and in Seattle, researchers “blacked out the make and model of a car that offered multiple pathways for hackers a thousand miles away to send out GPS coordinates, open the doors, and have a colleague drive away without a key in the ignition.” And a New Jersey man has developed an iPhone app that lets him unlock cars and start engines by voice.
As with most technological advances, functionality and form come well before security. But now that researchers have demonstrated the frightening vulnerabilities inherent in cars’ computers, automobile manufacturers are working with companies like McAfee to develop firewalls that will protect the latest high-tech vehicles from hackers and thieves.
By Robert Siciliano
OnStar offers “RemoteLink,” an application for the iPhone or Android, which allows Cadillac, Chevrolet, Buick, or GMC owners to view real-time data including fuel range, gallons of gas remaining, lifetime miles per gallon (MPG), lifetime mileage, remaining oil life, tire pressure, and account information. Chevrolet Volt owners can view their car’s electric range, electric miles, MPG, and the battery’s state of charge. Users can also use the application to remotely perform certain commands, such as unlocking doors.
While all this new technology provides us with convenience and useful information, it may also leave use open to risk. Researchers in San Francisco have been able to access a car’s central computer processor through an Internet-connected car alarm, and in Seattle, researchers “blacked out the make and model of a car that offered multiple pathways for hackers a thousand miles away to send out GPS coordinates, open the doors, and have a colleague drive away without a key in the ignition.” And a New Jersey man has developed an iPhone app that lets him unlock cars and start engines by voice.
As with most technological advances, functionality and form come well before security. But now that researchers have demonstrated the frightening vulnerabilities inherent in cars’ computers, automobile manufacturers are working with companies like McAfee to develop firewalls that will protect the latest high-tech vehicles from hackers and thieves.
By Robert Siciliano
Subscribe to:
Posts (Atom)