IT security Information for everybody
“Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. The book “Cybergevaar” tries to provide a very readable and very accessible overview of almost every information security related problem and malware. It reaches out to the general audience and does not only target the technically savvy reader but provides information for everybody.
“Cybergevaar” starts with an overview of the history of malware and looks into the many profiles of malware writers and hackers. One of the chapters touches the topic underground economy and is using a lot of examples to explain the involvements. It is based on a whitepaper written by G Data SecurityLabs. Furthermore, new developments in the fields of cyber attacks, sabotage and espionage are discussed and looked into from different angles. The daily threats and the myths about malware are described in a detailed way. Among this, the chapter about general security tips and tricks is interesting for everybody. The book also provides a special chapter with thorough advice for companies.
While exploring the book, the reader can find several exciting security anecdotes and entertaining situations one possibly has never heard of before. Additional clarifications are provided throughout the entire book by use of attractive illustrations and easy-to-understand graphs. High-level opinions of people with experience and interest in the ICT security industry are included: Professionals such as Natalya Kasperskaya (InfoWatch), Ralf Benzmüller (G Data), Peter Kruse (CSIS Security Group), Bob Burls (Independent IT Security Consultant) are amongst the contributors. The book also seeks to elaborate on how governments and the media can play a role in the ‘education’ of users. Moreover, it gives an inside look into the computer security industry and organizations like AMTSO and EICAR. And, of course, ‘Cybergevaar’ does not miss the opportunity to highlight how the problem and its solutions may develop in the future, with a special chapter in the form of a short story – ‘Radical Ransom’ – set in the year 2033.
“Cybergevaar” by Eddy Willems, Lannoo, 213 pages, is now available in Belgian and Dutch bookstores and online shops. Plans to publish this book in other languages, such as German and English, are currently being discussed.
You can also order your version of the book via this webpage: www.lannooshop.com/gdata
About the abuse of sensational catchwords
When I think of the word ‘war’, I think of a situation where two or more sides attack one another. And the attacks lead to casualties. This should also be the case in a so called cyber war. And something like that, has not yet been seen. And quite frankly, I don’t think we will see one materializing soon.
Why basic antivirus is not failing.
So, several companies and the general public were claiming that we all were too late in stopping these threats. Looking at the case of Flame the AV industry found out that we already had some samples of it when the news became public, but we were not aware of it. The samples have never been verified as being malicious before. Also Stuxnet went undetected for over a year after it was found.
So, the question might be the following: Is the anti-virus industry ready for the next battle? Can we all, with our tight consumer antivirus industry related budgets, be up against targeted malware or APT’s created by organizations with a lot of money?
*Abbr.: targeted attacks
During the last 18 months we saw a growing number of targeted attacks against numerous companies and organizations. Let’s briefly have a look at some of them:
- The Aurora Attack: an attack that began in mid 2009 and continued until December 2009. The primary goal of this attack was to gain access to high tech, security and defense companies and potentially modify source code repositories. For example at Adobe, Juniper, Google, Yahoo, etc…
- German Emissions Trading Authority (DEHSt): suffered from phishing attacks carried out in January 2010. Scamsters circulated their fraudulent emails masquerading as email from the DEHSt and persuaded the recipients to login to a counterfeit website, ironically to protect themselves against alleged hacker attacks. Using the stolen access data, the attackers transferred emissions permits, primarily to Denmark and Great Britain, and in so doing allegedly gained up to three million Euros illegally. It is readily apparent that targeted phishing attacks can be very lucrative.
- Stuxnet: a Windows computer worm discovered in July 2010 that targets industrial SCADA software and equipment with the aim of attacking an Iranian nuclear plant. The attack seems to have been successful as the enrichment of Uranium was heavily delayed.
- G20 Files attack: was announced in March 2011 but had already been going on for several months. The G20 is made up of the finance ministers and central bank governors of 19 countries and discusses key issues of the global economy. Over 150 ministry computers of the G20 were attacked. The attacks aimed at files related to the G20 meetings.
- RSA breach: RSA is a well known security company specialized in identity and access solutions. Hackers may have gained access to part of the code generation algorithm used in RSA SecurID tokens. At least some information was extracted but it’s still unsure if it will actually cause future problems.
- EU Commission Summit attack: this was a targeted attack against some specific servers at the EU Commission in Brussels, found and stopped before the EU March 2011 Summit. As not much is known about it, we suppose that nothing important has been leaked.
- Epsilon email breach: Epsilon is a well known online marketing company that is working with hundreds of large companies around the world and stores millions of email addresses in its databases. Hackers have stolen customer email addresses and names belonging to a “subset of its clients”. Some big companies such as Disney, Citibank, Verizon, etc … were involved.
And this list is still not complete.