Tag Archives: direction

My latest Gartner Research: Cool Vendors in Security for Technology and Service Providers, 2016

The boundaries of information security are fast expanding. These Cool Vendors are pioneering new directions and potential opportunities in the security market. TSP product managers and CMOs looking to partner with these vendors should examine their innovative security technologies.

Gartner customers can read this research by clicking here.


[ISN] Hacking Team orchestrated brazen BGP hack to hijack IPs it didn’t own

http://arstechnica.com/security/2015/07/hacking-team-orchestrated-brazen-bgp-hack-to-hijack-ips-it-didnt-own/ By Dan Goodin Ars Technica July 12, 2015 Spyware service provider Hacking Team orchestrated the hijacking of IP addresses it didn’t own to help Italian police regain control over several computers that were being monitored in an investigation, e-sent among company employees showed. Over a six day period in August 2013, Italian Web host Aruba S.p.A. fraudulently announced its ownership of 256 IP addresses into the global routing system known as border gateway protocol, the messages document. Aruba’s move came under the direction of Hacking Team and the Special Operations Group of the Italian National Military Police, which was using Hacking Team’s Remote Control System malware to monitor the computers of unidentified targets. The hijacking came after the IP addresses became unreachable under its rightful owner Santrex, the “bullet-proof” Web hosting provider that catered to criminals and went out of business in October 2013, according to KrebsOnSecurity. It’s not clear from the e-mails, but they appear to suggest Hacking Team and the Italian police were also relying on Santrex. The emails were included in some 400 gigabytes of proprietary data taken during last weekend’s breach of Hacking Team and then made public on the Internet. With the sudden loss of the block of IP addresses, Italy’s Special Operations Group was unable to communicate with several computers that were infected with the Hacking Team malware. The e-mails show Hacking Team support workers discussing how the law enforcement agency could regain control. Eventually, Italian police worked with Aruba to get the block—which was known as in Internet routing parlance—announced in the BGP system as belonging to Aruba. It’s the first known case of an ISP fraudulently announcing another provider’s address space, said Doug Madory, director of Internet analysis at Dyn Research, which performs research on Internet performance. […]


[ISN] Strategic Friendship in Asymmetric Domain)

http://www.pircenter.org/en/blog/view/id/208 By Oleg Demidov PIR Center 09.05.2015 The bilateral intergovernmental Russian-Chinese agreement on cooperation in the field of international information security which was signed on May 8, 2015 during the visit to Moscow of Xi Jinping, General Secretary of the CPC and the President of China, could potentially become an important milestone in Russia’s strategy of pivoting to the East. Though in its current state the agreement rather provides a general cooperation framework, it also provides a broad range of directions for further practical cooperation steps and efforts between the two countries. It primarily focuses on systemic information exchange between special services of the two states, joint monitoring and prevention of escalation of serious incidents and especially conflicts in cyberspace, ensuring and strengthening cybersecurity of critical infrastructures, countering ICT-enabled forms and methods of terrorism, exchange of expertise and academic knowledge on cybersecurity, etc. A strong focus in made on joining efforts in countering the unlawful use of ICTs targeted at “undermining of social order, political and social stability, provoking extremism, hate and social unrest”, and even (and this is something quite new even for Russian doctrines, let alone intergovernmental agreements) “threatening to the spiritual sphere” of the two nations. Noteworthy, the agreement for the first time for a Russian official international document operates with the notion of strategic stability with regard to cyberspace and information security. Previously, a more broad and vague notion of ICT-enabled threats to international peace and security was used. Something distinct from a mere terminological equilibristic, this conceptual update serves as an indicator of the fact that Moscow now truly regards China as a strategic partner in the dialogue on political and military dimension of cybersecurity. The discourse of strategic stability was always linked to the issues of WMD strategic balance and (in Russian view) strategic antimissile defense. Now cybersecurity has a strong presence in this “elite club” of ultimate global security factors in the Russian strategic thinking, and first intergovernmental manifestation of this paradigm is addressed to and agreed with China. Accidentally or not, this aspect reveals interesting intersections with the recently published updated DoD’s Strategy for Cyberspace, which has replaced the previous document from 2011, even having in mind that an intergovernmental agreement and a national strategy are very different documents in terms of their scope and purposes. […]


My latest Gartner research: Cool Vendors in Security for Technology and Service Providers, 2015

When considering partnering with these Cool Vendors, TSP product managers and CMOs interested in the security space should examine their innovative security technologies. These vendors are pioneering new directions and potential opportunities in the security market.

Gartner clients can access this research by clicking here.


[ISN] Cyber cold war likely to continue

http://www.chinadaily.com.cn/opinion/2014-07/18/content_17830716.htm By Colin Speakman China Daily 2014-07-18 Tensions are growing amid claims and counter-claims of cyber espionage by the United States and China. Even the just concluded Sino-US Strategic and Economic Dialogue in Beijing couldn’t ease the tensions. In May, the US charged, albeit without evidence, five Chinese nationals with breaking into US companies’ systems and stealing trade secrets, and called them “military hackers”. On July 11, US Department of Justice officers arrested a Chinese national, Su Bin, for “working with hackers in China” to infiltrate US companies’ networks and steal valuable data on military technology. Su is the owner of Chinese aviation technology company Lode Tech and has been accused of working with two co-conspirators in China to break into the computers of Boeing and other US defense contractors. Raising tensions further, Fox News’ Bob Beckel, who hosts The Five program, said: “Chinese are the single biggest threat to the national security of the US. Do you know what we just did? As usual, we bring them over here and teach a bunch of Chinamen, uh, Chinese people, how to do computers, and then they go back to China and hack us.” His remark has been strongly criticized by many, including Chinese Americans, with California State Senator Ted Lieu demanding Beckel’s immediate resignation. Lieu has said that Americans “should all be alarmed by the racist, xenophobic comments”. Alarming it is indeed, as The Washington Post recently noted that “the US-China relationship is facing its stiffest test since then US president Richard Nixon traveled to Mao Zedong’s China in 1972”, and German Chancellor Angela Merkel again expressed serious concern over the US-sponsored hacking into confidential German data. If the US cannot trust its Western allies, how can it trust China, a country it openly admits to be in a competitive relationship with? China, too, is stepping up its security protection against US surveillance. In May it announced that the Central Government Procurement Center had mandated all “desktops, laptops and tablet PCs purchased by central State organizations must be installed with OS other than Windows 8”. The Chinese media have painted Microsoft, Apple, Facebook, Google, Yahoo and other IT giants as pawns of the US National Security Agency, claiming that foreign technology service providers such as Google and Apple can become cybersecurity threats to Chinese users. That’s why it looked like a retaliatory move when China’s State-run television told iPhone owners that the device is a threat to national security because it tracks users’ movements. The warning was that iOS 7’s “frequent locations” app, which records places users have been to and the time they spend there, can help the IT giant obtain sensitive information, including State secrets. Apple has explained the app’s functionality as designed to learn important locales to provide pre-emptive information, such as directions to a frequently patronized restaurant or the estimated commute time to work. However, Chinese concerns are that Apple’s mobile phone positioning can view users’ addresses and whereabouts, because information will be recorded even if the app is turned off. From this app, someone can get a cell phone user’s occupation, place of work, home address and then obtain all other relevant information on him/her. It is understandable that such permitted culling of information would raise concerns after the “Snowden Effect” – many US technology companies’ relations with foreign governments, including China’s, have come under scrutiny and many big service providers asked the NSA to drastically change its policies before the surveillance program further harms their businesses. Apple is one of the companies at the forefront of this risk. In the first quarter of 2014, Apple said revenue from the “Greater China” region, which included the mainland, Hong Kong and Taiwan, accounted for 20 percent of its total sales, up 13 percent year-on-year. The question is: Will the future see a shutting out of potentially useful US technological advances in China as a response to the lack of trust and dearth of knowledge on what these technologies could be used for? Each side accuses the other of cyber espionage and each side views itself as a victim. China rightly cites the NSA scandal, which revealed widespread surveillance by US intelligence agencies on not only US citizens but also governments and companies worldwide, including Chinese companies. The US, on its part, continues to accuse China of using cyber warfare to steal confidential information, trade secrets and data of national importance. Since most countries engage in some form of spying and can justify it in terms of national interest, a protocol on cybersecurity and boundaries of invasive behavior should be put in place. Unfortunately, such a possibility seems a long way off. At the next Strategic and Economic Dialogue, therefore, a new formula should be brought to the table, and perhaps the economic benefits of cooperation should be allowed to drive the agenda. But whatever is agreed, spying will take place. In some form, the cyber cold war is likely to continue. The author, an economist and international educator, is director of China Programs at CAPA International Education, a US-UK based organization that cooperates with Capital Normal University and Shanghai International Studies University.


[ISN] Cyber warfare research institute to open at West Point

http://www.armytimes.com/article/20140407/NEWS04/304070052/Cyber-warfare-research-institute-open-West-Point By Joe Gould Staff writer Army Times April 7, 2014 The Army’s academy has established a cyber warfare research institute to groom elite cyber troops and solve thorny problems for the Army and the nation in this new warfighting domain. The U.S. Military Academy at West Point, N.Y., plans to build a cyber brain trust unprecedented within the service academies, filling 75 positions over the next three years — including scholars in technology, psychology, history and law, among other fields. The chairman of the organization, called the Army Cyber Institute, will be retired Lt. Gen. Rhett Hernandez, the first chief of Army Cyber Command, according to Col. Greg Conti, the organization’s director. The institution, which aims to take on national policy questions and develop a bench of top-tier experts for the Pentagon, will be defining how cyber warfare is waged, to steer and inform the direction of the Army. […]


[ISN] [Call for Presenters] Security BSides Las Vegas

Forwarded from: BSidesLV Info Security BSides Las Vegas, Inc. is pleased to announce that our Round 1 CFP is currently open and will remain so until 15May. Our second and final round will open on 1Jun and close on 30Jun. http://goo.gl/5S4Mdq You can also access the CFP from the Welcome page of our website at bsideslv(dot)org BSidesLV consists of the following tracks: Breaking Ground – Ground Breaking Information Security research and conversations on the “Next Big Thing”. Interactively discussing your research with our participants and getting feedback, input and opinion. No preaching from the podium at passive attendees. Common Ground – Other topics of interest to the security community. e.g., Lock-picking, hardware hacking, mental health, Burnout, Law, Privacy, Regulations, Risk, Crypto, Activism, etc. Be prepared to engage your audience – and have them engage you. Underground – OTR talks on subjects best discussed AFK. No press, no recording, no streaming, no names. Just you and your peers, behind closed doors. Think about it. Training Ground – Workshops and classes to give your students hands-on experience learning the latest and greatest. We accept proposals for 1/2 day, full-day and 2-day workshops. Proving Ground – Speaker Development Program. 30-minute presentations from up-and-coming first-time national speakers, teamed with one of our experienced volunteer mentors. Proving Ground is our flagship educational program and is a special track. For more information, please take a look at our invitation. BSidesLV is committed to selecting our speakers based on merit of current research and the abstract submitted. To ensure this, we have instituted a double-blind CFP vetting process. Names and Bios will be stripped from the abstract before it is submitted to our 7 member CFP team and no member of the team (with the exception of the Chair) will see another member’s vote or comments. This should assist in maintaining a fair and equal vetting process for all that submit. For clarification purposes, please understand that BSides’ events, including Las Vegas, are free labors of love and education, for the community, by the community, and all events – including workshops – are free to attend for all participants. No remuneration of any kind is offered to presenters*. We do provide breakfast and lunch both days of the conference, a t-shirt, a badge for you and a +1 for a friend, and a Speaker Thank You reception. If you are looking for a conference that can reimburse or off-set your travel and lodging, and offer you a stipend, please consider one of the bigger, paid admission conferences. *We are offering a travel & lodging scholarship pilot program for accepted Proving Ground speakers that qualify. Directions to apply are in the CFP. BSides Las Vegas will be held at the Tuscany Suites and Casino, Las Vegas, Nevada, on August 5th and 6th, 2014. Thank you for your interest and we hope to see you in Vegas! Security BSides Las Vegas, Inc. A 501(c)(3) Non-Profit Educational and Charitable Corporation http://bsideslv.org info (at) bsideslv.org https://twitter.com/bsideslv


[ISN] Inside Endgame: A Second Act For The Blackwater Of Hacking

http://www.forbes.com/sites/andygreenberg/2014/02/12/inside-endgame-a-new-direction-for-the-blackwater-of-hacking/ By Andy Greenberg Forbes Staff 2/12/2014 This story appears in the March 3, 2014 issue of Forbes. In the classic hacker career narrative, a juvenile genius breaks into the Internet’s most sensitive networks, gets caught and then settles into a lucrative corporate gig selling his skills for defense. Nate Fick is trying to pull off the same story with an entire company. Fourteen months ago Fick took over as chief executive of Endgame, perhaps the most controversial name in Washington, D.C. cybersecurity contracting. For years Endgame’s elite hackers worked in the shadows of the Beltway to build and sell “zero-day exploits,” an industry term for malicious code that abuses a previously unidentified vulnerability. As a contractor to military and intelligence agencies including the NSA, it enabled some of those customers’ most intrusive spying practices by offering ways to break into software from the likes of Microsoft – MSFT +0.79%, IBM – IBM +0.3% and Cisco for millions of dollars. Fick’s daunting task now: To shift his firm’s focus to the far wider market in commercial defense products