A new front opens up in Georgia: Cyberspace

It would appear that the conflict between Georgia and Russia is not confined to the ‘real’ world. There are reports that another front has opened up: Cyberspace.

It would appear that a significant Distributed Denial of Service attack has been visited upon various Georgian Government sites and other Georgian internet servers.  A variety of Government sites have been targeted, the Ministry of Foreign Affairs, the Ministry of Defense, and the country’s president, Mikhail Saakashvili, have been blocked completely, or traffic to and from those sites’ servers have been redirected to servers actually located in Russia and Turkey.

The speculation is that infamous Russian Business Network (RBN)is behind these attacks. The RBN is a notorious malware and criminal hosting network, albeit there actual involvement is yet to be proven.

There is a trend here. Going back to April 2007, we witnessed a DDoS on Estonia that took out parts of the internet infrastructure for some days.  The attacks coincided with a dispute between Estonia and Russian nationalists about the relocation of WWII era monuments.

I am sure that as part of any countries preparations for War now, include plans and preparations as to how they can protect and defend their internet infrastructure.

August 11, 2008 | Filed Under Events, Security | Leave a Comment 

On your marks!

The Beijing Olympics start tomorrow. The World’s biggest sporting event of all time, I am sure that it will not disappoint. 

In winning the Olympics, Beijing outlined that it would harness the power of IT, innovate around it, to bring the Games to new audiences. We will see a convergence of IT and Media on a scale not seen before. Many of the big Media companies and franchises have extensive plans to bring the games to the ‘net in a big way. I know that many network administrators are bracing themselves for the impact of ‘streaming’ video of Games – if they allow it on your corporate network.  It will be interesting to see (or maybe not) what the strain will be on your ISP as well. 

Where you have a mass audience connected to the ‘net, then in the shadows the’ bad guys’ will be lurking. In the Symantec State of Spam report for August, we are already seeing Spammers peddling their wares on the back of the Olympics. Symantec Security Response have already written up a blog on an attempted Phishing attack, purporting to sell tickets for the games. The creators of the site went to great lengths to make it convincing, even using an SSL connection, believe it or not. 

So, get on your marks, get set, and it is ‘Go’ for no doubt many Olympic related Spams, Phishing attempts, links to web sites that will be showing funny/curious videos of events of the games etc. So, I say, “Citius, Altius Fortius”, to all of my colleagues in the IT Security industry, to keep you all safe and for you to enjoy the Games.

August 7, 2008 | Filed Under Events, Identity theft, Security, Spam, Uncategorized | Leave a Comment 

An Apple a day keeps the malware away?

I had the pleasure of presenting at the Apple Store in London the other day. Now, most of the time when I present, I and the people I am talking with, start from the same standpoint: they have security issues and are looking for answers or reassurance. With the Apple users, there was, and is, a healthy dose of scepticism. So, coming from Symantec, I wasn’t really ‘singing to the choir’ with respect to my audience. Well, we all like a challenge.

In terms of the actual numbers of Mac specific malware, there is no doubt, there is an awful lot less. From that standpoint you are safer and there is a benefit. The game changer that Mac users need to be mindful of, is that bad guys are now attacking the individual and not the PC. Malware is morphing into crimeware. Increasingly, the attacks are financially motivated. This gives a simple focus for the bad guys. They care not for the merits of Windows versus or the Mac, or hold any particular view on Bill Gates or Steve Jobs: it is all about the money. We are seeing attacks, whereby, the code determines what OS or browser you have and then simply adjusts itself accordingly.

At the end of my pitch, some of the audience wandered up to ask some additional questions. They seemed assured in their investment in the Mac and respectful of the bigger picture that I shared with them. The questions they asked of me at the end were interesting and insightful. They tended to be about personal experiences of being phished, spammed or duped into visiting web sites etc. They are getting drawn into the world of malware and crimeware, albeit, from a different standpoint.

May 15, 2008 | Filed Under Events, Security | Leave a Comment