Home Authors Posts by cyberparse
Companies in the UK and around the world are key to replicating Microsoft’s strategy of disrupting cyber criminal operations, says Richard Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit. Microsoft plans to expand its botnet disruption strategy beyond the US through public-private partnerships (PPPs), but private-private partnerships are also important, he said. “A lot of these companies are going to be our enterprise customers, who we work with in evaluating what is hurting them and what they feel is a problem for their business,” said Boscovich. As part of these collaborative efforts, Microsoft provides office space for private partners within the company’s Cybercrime Center, the DCU’s world headquarters in Redmond, Washington. A current occupant of the partner area between the malware lab and situation room is Fidelity Investment Services (FIS), a global provider of technology and services to the financial services industry. “FIS is working with us to see what is impacting FIS and its customers, some of whom are Microsoft customers, as is FIS,” said Boscovich. “I encourage companies to engage with us because I would love to see more organisations, especially outside the financial services sector, work with us on the threats they are seeing,” he said. Many large enterprises have sophisticated investigators and security operations centres (SOCs) that are able to provide extra pieces of the puzzle in mapping out the infrastructure for the command and control operations of a botnet, said Boscovich. “They may also have malware samples that we have not seen yet that we can analyse, and vice versa, so they bring with them technical assistance as well as forensic evidence, which is the main way we collaborate with our partners,” he said. And by correlating all the big data from Microsoft and its partners, Boscovich said investigations are able to get a very good picture of the threat landscape, enabling disruptive actions to be more effective. Bryan Hurd, director of advanced analytics at Microsoft’s DCU, said partners are not only global companies, but also include local companies. “There is a great willingness among security researchers to work in partnership and in the public-private partnerships I am seeing greater trust in the process despite natural caution about sharing security information,” he said. Hurd believes believes businesses are approaching a turning point. “Before, the perception was that the benefit of participation did not match up to the returns. “But as more CIOs around the world see the massive impact on their sector, or their businesses specifically, of cybercrime, they will realise that not participating is no longer an option,” he said. Hurd said it is increasingly obvious to members of the business community that it is of mutual benefit to align themselves against a common threat. “I call on all organisations to participate in anti-cybercrime, information-sharing partnerships because this kind of crime will be stopped only if everyone works together,” he said. Hurd said fighting cybercrime demands “all hands to the oar” and that every company in the UK or elsewhere is capable of making a contribution. “Industry groups are the most common way of establishing enough trust to enable companies to feel comfortable about sharing their experiences and talk about trends without giving specific data,” he said. “Such groups are also good for sharing information on attacker attributes without compromising their own security, but their technical people need to help them understand that and give senior decision makers the right options,” said Hurd. But, he said, companies can make a start internally by asking specific questions about the number of times a spam bot has affected operations, how many times someone has tried to carry out a denial of service attack on the organisation, and how many times the organisation’s computers have been used to do something to somebody else. “If you want to start locally, those would be great strategic boardroom questions to be asking, and the next step would be to ask what the organisation is doing to fight the bigger, global problem, because it is the trust in each of those sectors that enables us all to play, live, work in this digital environment,” said Hurd. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Rep. Mike Rogers criticized Snowden and introduced CISPA.
Speaking at a recent event in London, Andy Archibald, deputy director of the National Crime Agency National Cyber Crime Unit, addressed the challenge of attracting cyber security professionals into the public sector. While hackers potentially make lar...
The banking regulator is to conduct an investigation into banks' computer systems following high-profile IT failures at Lloyds Banking Group and Royal Bank of Scotland (RBS). The Financial Conduct Authority (FCA), the successor to the discredited Financial Services Authority, will on Monday announce the review of the systems at the major banks in the UK as part of its annual business plan presentation. The investigation will examine the resilience of the IT systems at the main high street banks - just weeks after a glitch saw half the cash machines operated by Lloyds shut down for several hours. RBS, meanwhile, has suffered three major outages over the course of the past two years, at least one of which has prevented customers from making or receiving payments. Speaking to Computing, insiders say that the problems at RBS stem from the bank's many acquisitions since 2000 and a failure to consolidate disparate ageing systems. "To access and manage our money we depend on the banks' IT systems being reliable. But IT outages continue, interrupting key banking services. We want to make sure that the banks have resilient IT systems in place that are able to cope with consumer demand, so customers aren't left financially stranded or disadvantaged," Clive Adamson, director of supervision at the FCA, told Sky News. The FCA's investigation will be carried out alongside the Prudential Regulation Authority, which is part of the Bank of England, and will examine how banks and building societies manage their exposure to IT risks, according to Sky News. It also carries with it the risk of swingeing fines for banks and building societies whose systems and IT management are found to be not good enough. RBS is already subject to an investigation by the FCA following a major week-long crisis during the summer of 2012. RBS has increased its annual IT budget by £450m in response in a bid to address its manifest IT shortcomings.
Captain Raymond "Jerry" Roberts, one of the last surviving Bletchley Park code-breakers, has died. Roberts worked as a linguist and during the Second World War became one of the first members of the Testery, working to unravel the encryption codes used to send messages between Hitler and his generals. This work, later assisted by the Colossus computer, is widely believed to have shortened the war by two years. Andy Clark, a trustee of the National Museum of Computing, said: "He told us he did not fully appreciate the significance of his work until the early 2000s, when the story of Tunny and Colossus began to be released in greater detail. "It was then that he started to campaign for recognition of the work of the code-breakers – not himself, but for Bill Tutte, Tommy Flowers, Alan Turing and others. The energy and effectiveness of his campaigning was a marvel and an inspiration to us all." Computer Weekly spoke to Roberts in 2010 as part of the Unsung Heroes of IT series of articles. Watch the video >> Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Google has said that requests by governments for information about its customers have increased by 120% since 2009. “Though our number of users has grown throughout the time period, we’re also seeing more and more governments start to exercise their authority to make requests,” Richard Salgado, Google’s legal director of law enforcement and information security wrote in a blog post. He said Google is working with eight other companies to push for surveillance reform, including more transparency. “We’ve all been sharing best practices about how to report the requests we receive, and as a result our Transparency Report now includes governments that made less than 30 requests,” he wrote. From July to December 2013, US authorities made 10,574 requests for information on 18,254 accounts, according to Google’s latest transparency report for data requests by government agencies. The US made the most data requests in the period, followed by France with 2,750 requests for information about 3,378 accounts and Germany with 2,660 requests about 3,255 accounts. The UK was fourth in the rankings with 1,397 requests for information about 3,142 accounts, followed by Brazil with 1,085 requests for information about 1,471 accounts. Google, Apple, Facebook, Twitter, AOL, Microsoft, LinkedIn, and Yahoo, formed an alliance called Reform Government Surveillance group in December 2013. The group is pressing for greater transparency and urgent reform after whistleblower Edward Snowden’s revelations about internet surveillance programmes such as Prism in the US, and Tempora in the UK. In the first sign of progress, the US recently allowed technology giants to disclose the broad number of national security letters (NSLs) they receive. NSLs are used to obtain information about a subscriber from telephone and internet companies, but recipients of NSL had previously been barred from disclosing any details about them. But the technology firms want further reforms and met president Barack Obama last week to push for clearer limits on the information the US authorities can collect, more oversight and accountability. The firms are concerned that public loss of trust in technology will hurt their businesses, and are calling on governments to help restore that trust. In related efforts to distance themselves from US and UK internet surveillance programmes, Microsoft, Twitter and Yahoo have introduced advanced encryption methods to protect customer data. Microsoft, Yahoo and Google have also published transparency reports on the overall number of government requests for data. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Turkey appears to be trying to block YouTube a day after a court ordered an end to the ban imposed on Twitter a week ago. The Turkish telecoms authority said it had taken an “administrative measure” against the site after an audio recording was uploaded anonymously of what sounds like Turkish officials discussing Syria. The recording relates to possible military operations in Syria and was accompanied by photographs of Turkey’s intelligence chief, foreign minister and the deputy head of the armed forces. While some YouTube users found access blocked, others could still use the site, reports the BBC. Turkish prime minister Tayyip Erdogan denounced the leak as "villainous" and foreign minister Ahmet Davutoglu called the posting a "declaration of war," according to Reuters. The escalation of tensions between Erdogan and his rivals in the run up to elections comes a week after he vowed to shut down Twitter after it failed to remove allegations of corruption in his inner circle. Erdogan, who faces local elections on Sunday, has accused social media of spreading misinformation and has previously threatened to ban YouTube and Facebook. On Wednesday, a court in the capital, Ankara, ordered the lifting of the Erdogan-backed ban on Twitter, but reports said it could be weeks before the order takes effect. Earlier in the week, Turkey increased its efforts to block access to Twitter after many users, including the country’s president, found ways around the ban. Twitter said it had filed a challenge to the ban and was concerned about a court order to suspend an account which had accused a former minister of corruption. The ban has been met with national and international outrage, with EU officials, human rights organisations, the US government and the UN expressing concern. Turkish authorities have a long history of monitoring and filtering web content, even intermittently blocking access to online services. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
If you're an IT security expert, Google is asking for your help in making the Internet safer for everyone. The search giant has just posted a "Security Advice Survey" online, asking IT security experts for their best tips and tricks about how to stay safe on the Internet—from not clicking on links in emails to not downloading files from sites that might be dangerous. "At Google, we're constantly trying to improve security for our users," wrote Rob Reeder of the company's user experience research team, in a March 26 post on the Google Online Security Blog. "Besides the many technical security features we build, our efforts include educating users with advice about what they can do to stay safe online. Our Safety Center is a great example of this. But we're always trying to do better and have been looking for ways to improve how we provide security advice to users." The company's latest idea is the survey, which Reeder calls "a new research project to try to pare down existing security advice to a small set of things we can realistically expect our users to do to stay safe online." That's where Google needs the help and advice of qualified IT security experts, he wrote. "If you work in security, we'd really appreciate your input. With your input we can draw on our collective expertise to get closer to an optimal set of advice that users can realistically follow, and thus, be safer online." The online survey asks a wide range of targeted questions, including "What are the top 3 pieces of advice you would give to a non-tech-savvy user to protect their security online?" Also featured are questions about how IT security experts approach their own safety online, including asking about the three most important things they do for themselves and their computers. In addition, survey takers are asked how they learned about the things they listed, whether they install and use antivirus software on their computers, how they keep track of their passwords for their online accounts, and whether they use a password manager for such tasks. Also asked are whether the experts use two-factor authentication for any of their online accounts, whether they check to see if Websites they visit use HTTPS and whether they check the URL bar in their Web browsers to verify that they are visiting the Websites they intended to use. So if you have a few minutes and are an IT security expert with the experience and expertise to back it up, Google would love your help. The advice you give could help someone you know.
NEWS ANALYSIS: The PCI-DSS assessor for Target is named in a lawsuit. Where does responsibility sit? With all IT data breaches there is a common cycle. First there is the fear over who is at risk, then theories on how the breach occurred, and finally the blaming and lawsuits start to roll in. In the breach of retailer Target, the lawsuits are now coming in, but in a surprising move, one lawsuit isn't just going after Target; it's also going after security vendor Trustwave. Target first revealed that it had been breached by attackers on Dec. 9, 2013, and ever since, there have been lots of speculation on what went wrong. All U.S retailers are required to be compliant with the Payment Card Industry Data Security Standard (PCI-DSS), in order to securely process credit card transactions. The question of Target's PCI-DSS compliance status has been an important part of the conversation surrounding the data breach, and now the company that conducted the PCI-DSS compliance testing for Target is being named in a legal action. In a class action lawsuit filed on March 24 in the U.S. District Court, Northern District of Illinois, Trustmark National Bank and Green Bank have named Trustwave alongside Target in their complaint. According to the legal complaint, "Target outsourced its data security obligations to Trustwave, which failed to bring Target's systems up to industry standards." Trustwave declined to comment to eWEEK about the allegation or even admit if Target was in fact a Trustwave client. The legal complaint alleges that Trustwave scanned the Target network on Sept. 20, 2013, and at the time told Target that there were no vulnerabilities in Target's systems. "Additionally, on information and belief, Trustwave also provided round-the-clock monitoring services to Target, which monitoring was intended to detect intrusions into Target's systems and compromises of PII (Personally Identifiable Information) or other sensitive data," the complaint states. "In fact, however, the Data Breach continued for nearly three weeks on Trustwave's watch." The accusation that a key security vendor for Target is somehow also culpable in the data breach is very serious. The issue with many PCI-DSS compliance assessments has long been that the assessments are point-in-time check marks for compliance. It's a lesson that the newer PCI-DSS 3.0 standard that came into effect in January of this year takes to heart, with a stronger emphasis on process and continuous monitoring efforts. If an organization is certified to be PCI-DSS compliant, it doesn't necessarily mean it is invulnerable to attack either. It means that at a point in time, the organization had the security controls in place that made it compliant. The idea that a PCI-DSS assessor could be liable in the event of a breach is a dangerous one. The assessor doesn't typically run the day-to-day security operations, although in this case, the legal complaint alleges that Trustwave was in fact providing "round-the-clock" monitoring. If a managed service provider (in this case, Trustwave) is on the job and a breach occurs, is it liable in that case? Every security contract I've ever seen has had its fair share of terms and stipulations. Rarely, if ever, have I seen a managed service contract that can guarantee that an enterprise will 100 percent not be breached. Typically, the contracts include service-level agreements (SLAs) and response time stipulations and not iron-clad statements about making an organization invulnerable. The reality is that the absolute truth about the Target breach has not fully been disclosed publicly. Whether it was a managed service provider like Trustwave or Target's own staff that sits at the root cause of the breach still remains to be seen. The Target breach has already claimed the former CIO of Target as a victim. Will it now claim the reputation of Trustwave as well? No security vendor or technology can make any organization invulnerable. Security is a combination of people, process and technology and should never be the domain of just one individual, vendor or product. Time will tell where the actual faults are to be found in the Target infrastructure and who in fact is liable for those faults. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
It's Michael Robertson's second feud with record labels and his second big loss.
Proposed rules to let one judge authorize "remote access" essentially anywhere.
New report on terrorism "blacklists" suggests it won't be easier the next time.