Blog Posts Tagged with "Attribution"
The Emperor Is Naked!
May 09, 2013 Added by:Krypt3ia
Last week a report came out on Wired about how the ACE (Army Corps of Engineers) database was hacked by China and "sensitive" dam data was taken.. By China, let that sink in for a bit as there was no real attribution data in the story
Comments (1)
Chinese Whispers, Chinese Lies: Analyzing Mandiant's APT1 Report
March 25, 2013 Added by:Oliver Rochford
The foremost problem with the Mandiant report is that it relies on a view of China and the Chinese Cyber-Operations that has very little to do with situational conditions on the ground.
Comments (0)
Never Attribute to Malice, But Always Verify
November 15, 2012 Added by:Fergal Glynn
FX did find hardcoded local bootloader passwords. These would require physical access and are the types of hardcoded passwords commonly found in networking gear and appliances. Yes a vulnerability but not likely nefarious...
Comments (0)
Offensive Defense: A Really Bad Idea Proposed By Charlatans And Zealots
November 08, 2012 Added by:Scot Terban
Everyone just stop. All you offering the services or touting the ideas should just sit back down and shut up. Everyone cries now that the government is encroaching on their rights with regard to privacy and you all want to just push that bar even further out with offensive defense actions? Morons…
Comments (0)
The Difficulties with Attribution in a Digital World
October 16, 2012 Added by:Rafal Los
Attribution is necessary for secondary action, but not always for defense. Secondary action being retaliation, accountability, prosecution, etc. It's more important at the instant of attack to be able to make the attack stop, then afterwards be able to move on and assign blame and make the legal case...
Comments (0)
Offensive Cyber Capabilities Need to be Built and Exposed Because of Deterrence
October 09, 2012 Added by:Jarno Limnéll
Cyberspace, the fifth dimension of warfare, has already become an important arena of world politics, especially since we are living in a time in which the lines between war and peace have blurred. The digital world has become a domain where strategic advantage can be either lost or won...
Comments (1)
Correlating and Escalating Cyber
October 02, 2012 Added by:Don Eijndhoven
So here we have a rather clear-cut case of attacker correlation which, as ever, is done pretty much after the fact by an international firm who investigated the malware. My question is: How do you deal with this as a nation, as it happens?
Comments (7)
The Poor State of Cyber Intelligence
August 23, 2012 Added by:Jeffrey Carr
The state of cyber intelligence as it is practiced by infosec professionals and others who are not trained in the science of rigorous analysis is often exponentially worse. Many analysts are missing huge gaps in the threat landscape and are doing a great disservice to their customers and their craft...
Comments (1)
False Flags, Geopolitics and Cyber Spies
August 22, 2012 Added by:Rafal Los
False flag is when an operation of some kind is carried out by one group but falsely attributed to another. Whether it's a rogue attacker attributing an attack to a rival group or a nation-state attempting to cause tensions between rival nations for their own benefit - the conspiracy theories write themselves...
Comments (0)
Saudi Aramco: Are We ready for an Escalation of Cyber Attacks?
August 22, 2012 Added by:Pierluigi Paganini
Incidents like this are bound to increase, as attacks by political groups and governments are occurring with increasing frequency, and it is a miracle that so far there has been no loss of life. But in the near future, every company and agency will need to prepare for such events in order to avoid catastrophic consequences...
Comments (0)
Reverse Deception: Organized Cyber Threat Counter-Exploitation
August 15, 2012 Added by:Matthijs R. Koot
The intent of deception is "to get the adversary to act confidently and predictably". If you want to be inspired to think about deception/MILDEC as means of counterintelligence (CI) in cyberspace. I recommend this book. If you already work in CI, you may find it useful to evaluate your existing beliefs...
Comments (0)
State Sponsored Malware Takes Over Mars Rover
August 10, 2012 Added by:J. Oquendo
Many companies will omit many details and shift-slash-skew agendas to meet their concerns. Those concerns will ALWAYS be financial ones. At this point it is obvious that they and only they are capable of detecting the unseen, unheard of, undetectable, uberfilthware capable of infecting curiousity on Mars...
Comments (1)
On the Right to Bear Cyber Arms
July 10, 2012 Added by:J. Oquendo
An attacker is decimating my infrastructure. I have purchased and deployed every security technology I can think of. I have contacted law enforcement as a matter of relevance, but I know they will not be able to do much. I have given the service provider two fair warnings. I now fight fire with fire...
Comments (1)
Active Defense: The New Digital Wild West Justice
June 19, 2012 Added by:Scot Terban
This will just get out of hand and incredibly stupid. Sure, you can say that you are just going to maybe tarpit those attackers to prevent them from getting in quickly, but, you have to know that there will be (already are) services where blackhat types will hack back against those who “dun you wrong”...
Comments (0)
Flame: Cutting Through Media and SME Hype
June 14, 2012 Added by:J. Oquendo
Flame is a very loud piece of malware. It is a horrendous 20Mb contraption which screams: "look at me." Many of the components in Flame are borrowed, re-hashed, re-written and re-deployed. AV companies are suggesting there is "no financial gain" being sought by Flame and to that I state: "How would you know?"
Comments (0)
NATO Sponsored CyCon Tackles Cyber Security Issues
June 13, 2012 Added by:Headlines
Attribution is hard because of the nature of attacks, which tend to have several stages and the whole attack is spread over a long period of time. It is of no help either that the Internet is governed by multiple jurisdictions so international cooperation is necessary but often lacking...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)