Research Roundup: ThreatPost Security Spotlight Report

Thursday, February 24, 2011

Mike Meikle


Previously, I reviewed the Davos World Economic Forum Global Risks Report and its coverage of Cyber Security.  

Shifting gears from canapés to crullers; reviewing Kapersky’s ThreatPost Security Spotlight Report for 2011, we get far more detail, which is to be expected. The Wikileaks event plays a prominent role in this report as well.  

Basically they confirm my hypothesis that this breach of executive privilege has provided the motivation to address information security concerns. It has also pushed the concept of data security front and center in the business community.

Kapersky also posits that Wikileaks and the issues surrounding Cablegate will continue to reverberate throughout 2011.  Of particular concern would be the ubiquitous availability of mobile devices and the role they may play in another “Wikileaks” event.

The ThreatPost report then covers the issue of the aging infrastructure (IPv4) and the consequences of an avalanche of mobile devices and applications boiling down the mountain-side toward the rickety Internet infrastructure. 

How rickety? Well the last two blocks of IPv4 addresses were just handed out; the Internet has until around September 2011 before those are consumed.  So many years now stretch ahead for the transition to IPv6 and the outdated and insecure IPv4 protocol must be supported during that during that time.

The ThreatPost report outlines concerns over the complexity of smartphones, lack of basic email encryption regimens, and the unknown impact of third-party applications on the hardware lead to a changing and more threatening security landscape for 2011. 

Also the GSM infrastructure that smartphones rely on has proven to be insecure. At the 2010 DEFCON and Black Hat conferences, hackers showcased the vulnerabilities of the system.  Hackers will also continue to cash in via phishing, clickjacking and drive-by-download specifically targeted toward mobile devices.

Another concern ThreatPost outlines is the proliferation of Android-based devices and the open nature of the Google supported operating system. The torrent of thousands of 3rd party applications and the eerie similarity to Microsoft’s late 90’s application strategy (flood the market with software to win market share), has security professionals concerned.

The Applie iOS doesn’t escape without criticism either. Even though Apple is a “closed” ecosystem for developers, there have been several high profile incidents that show 3rd party applications are not being vetted effectively. As example of poor code review, the authors offer up the Handy Light application. 

Not only did it not turn the iPhone into a flashlight, it allowed a user to tether the phone to a laptop and gain an Internet connection. This circumvented the AT&T tethering restrictions; unless you went over the bandwidth cap. This app was pulled in short order, but it proved that Apple has issues reviewing Apps available in the App Store.

Of course Stuxnet makes an appearance in the Kapersky report. SCADA specialists are going to be in hot demand in the coming months as organizations that rely on programmable logic controllers (PLC) to control their equipment seek to secure their environments.  Additional complexity is also thrown in the mix by adding Microsoft Windows as the operating system of choice for managing these PLCs. That and hard-coded passwords in the software does not help matters.

I contributed to a September 2010 article published in Defense Technology International (page 39) that discussed the issue of Cyber War and its impact on infrastructure.  It is interesting to go back now and re-read the varied opinions of those in the industry about the possibility of a Stuxnet type of occurrence.

Finally, the ThreatPost report wraps up with the latest word on the growing malware threat.  By growing they mean from about 600,000 types of malware in 2009 to 1.5 million in 2010, with plenty of room to grow. The report covers all the well known vectors, Adobe, Javascript, Facebook, Twitter, email, etc.  It also mentions the uptick in smartphone attacks and USB-based (Stuxnet) malware that is to be expected for 2011.

So, with the Kapersky ThreatPost report wrapped up.  I will move on to the Cisco Annual Security Report for 2010.  Stay tuned!

Cross-posted from Musings of a Corporate Consigliere

Possibly Related Articles:
Security Awareness
SCADA malware Mobile Devices IPv6 ThreatPost
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.