Thursday, 17 May 2012
The Un-ethical Hacker: Looking for the “big-fish” or the “easy-catch”
The Un-ethical Hacker: Looking for the “big-fish” or the “easy-catch”
By Richard Moss | Apr 16, 2009 | 3222 reads
4 comments
Facebook
LinkedIn
Digg
The news story last week relating to an alleged hack on Premier Wen Jiabao's Personal Computer is yet more evidence that no one is safe …. But what this really represents is further verification that from Washington to London to Beijing, no one is safe, and yet the internet is a big enough place in which to hide.
Reminds me of an old joke you may be familiar with - about the two jungle explorers who have the misfortune to stumble across a very hungry tiger and, as they sprint for their lives, one explorer shouts to the other, "Why bother? We can't possibly outrun the tiger!" and the other explorer replies with great relish "I don't need to outrun the tiger, I only need to outrun you!" A simple but relevant analogy with the internet bad-guys out fishing for the “easy-catch” or the “big-fish” – a reminder that you don’t need to outrun the internet tiger, just outrun someone else!
Of course if only it were that simple; our on-line security is no longer something we ourselves have total control over – its not like locking up your house or apartment at night, in the virtual world we are heavily dependent upon 3rd parties contributing to our security - we are reliant upon the service providers, the equipment manufacturers, the software vendors, and of course we buy-in 3rd part security products to [hopefully] protect us. But here’s the reality – not everyone takes your security as seriously as you do, or as seriously as you would want them to (and this should come as no surprise, your personal security in the real-world suffers from something similar so no reason to expect the virtual world to be any different?)
And yet I do believe we should expect more form the organizations providing products and services to us for use in the virtual world … I’m not aware of a Malware ‘Patch Tuesday’ where the bad guys release updates and patches to fix their malware released in to the wild because its in need of an update, rather it seems they test and retest before releasing to get it right? Why can’t our legitimate software vendors get it right first time?
Often whether we are an attack target or not comes down to profile, in the case of Premier Wen, he carries a very high profile and is an obvious target deserving of the best protection – and his threat is from the hackers stalking and looking to land the prize of the “big fish”. Here its not about outrunning that tiger, but outsmarting it through effective and appropriate security defense mechanisms; and yet Premier Wen’s PC still gets compromised and only last week news reports revealed the US’s National Electrical power distribution system may be vulnerable to dormant malware with its systems (and don’t I recall President Clinton announcing plans to spend US2 billion in the year 2000 to protect such systems!!?).
Similar
Add comment
Comments
Choose, buy and shop for on sale tiffany jewelry including Tiffany & Co Silver Necklace, Pendants, Bangles, Bracelets, Earrings, Rings and Accessories.tiffany co Tiffany Jewellery Tiffany Jewellery offering bangle Jewellery, bracelet jewelry, eardrop jewelry,necklace jewelry, ring jewelry, finger ring jewelry and earring jewelry tiffany tiffany and co tiffany jewellery Tiffany Style Silver Jewelry: Rings, Earrings, Necklaces, Bracelets and more Tiffany Jewellery at low prices
Information on Blogger
knowledge_central_tab
Knowledge Central
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
The state of the Internet, Q4, 2011
Geography appears to play a role in frequency of observed attacks on specific ports. For example, Port 23 (Telnet) is a favorite target for attacks observed to be originating from South Korea and Turkey, where it accounted for more than five times the number of attacks targeting the next most popular port (445 in both countries). Other instances of geography-based port targeting include observed attacks centered on Port 1433 (Microsoft SQL Server) in China and on Port 80 (WWW/HTTP) in Indonesia.
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
StubHub: How to spot fraud before it happens
Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat.
christian louboutin Evening
christian louboutin
Evening Dresses. Women's Formal Special Occasion Dresses ... Welcome to Cheap Evening Dresses for Sale! ...
Buy Cheap Evening Dresses Sales Accessories evening dresses