Google Analytics

Search This Blog

Monday, January 06, 2014

Computer Security Updates: Global Cyber Security Review 2013

Ok. Let's take a deep look back into what really matters had emerged out of year 2013 with respect to cyber security in the global perspective.

Q1 2013:

For Q1 2013, on week 4 of Mar 2013, DDoS attack of SpamsHaus rocked the entire industry.

Tuesday, March 19, 2013, it was reported that CloudFlare was contacted by the non-profit anti-spam organization Spamhaus. They were suffering a large DDoS attack against their website and CloudFlare was asked a favor to help mitigate the attack.

CloudFlare eventually deployed Anycast which served to effectively dilute the situation by spreading the threat across CloudFlare's facilities.

In terms of key trends of Q1 2013; 1.) the whole industry agreed that Mobile computing trend such as BYOD was the biggest catalyst for security vulnerability; 2.) enterprise security solution began to pay a lot of attention into providing intelligent security features to deal with matters in a more proactive approach.



Q2 2013:

For Q2 2013, on week 4 of June 2013, Reuters reported that Facebook admitted year-long data breach which had exposed 6 million users. Also during that time which Reuters began reporting stories of Internet big boys denial of granting servers access for U.S Government.

On week 3 of May 2013, Reuters reported one of the biggest ever bank heists cyber crime: a global cyber crime ring stole $45 million from two Middle Eastern banks by hacking into credit card processing firms and withdrawing money from ATMs in 27 countries.

In terms of key trends of Q2 2013, it was observed that more solutions for DDoS attack emerged.

Previously not available because counter-DDoS measures would be most effectively carried out at the network level or data center level - while most security solution vendors are software based - two networking-based companies Juniper Networks and Barracuda Networks had since announced solutions for DDoS.

Another interesting trend was the unprecedented calling by industrial experts for software vendors to be held accountable for security loopholes such as zero-day vulnerabilities.

The biggest headline was a report originally by Washington Post which reported information pertaining to the fact where U.S. National Security Agency and the FBI were "tapping directly into the central servers of nine leading U.S. Internet companies" through a secret program known as PRISM.

Q3 2013:

For Q3 2013, On July 1, 2013, Malaysian .com.my domains were compromised by hacker Tiger-m@te, allegedly Bangladeshi origin.

msn.com.my were hacked

Supposedly social-politically motivated, Malaysian authority performed formal investigation into the incident, however, no official report were exposed to the media.

On week 4 of Sep 2013; Symantec announced that they have successfully 'sinkhole' the massive ZeroAccess Botnet.

ZeroAccess leveraged click-fraud and Bitcoin mining to carry out two revenue generating activities – potentially earning tens of millions of USD per year in the process.

Symantec has sinkholed more than half a million bots – making a serious dent to the number of bots under the attacker’ control.

In terms of key trends of Q3 2013, it was observed that massive DDoS attacks stopped abruptly.

Q4 2013:

On week 3 of Oct 2013, USA Today reported that Adobe loses 2.9 mil customer records, source code.

On week 4 of Oct 2013, The Telegraph reported claims that U.S had spied on other key people; it was also during that time which USA Today reported that the FBI had shutdown Silk Road.

The Silk Road offered to users a marketplace for malicious trades that include drugs, guns, porn, fake passports, forgers and etc.

According to the report, the authority has since arrested Ross Ulbricht, the alleged operator of Silk Road.

Silk Road uses a technique known as 'The Onion Router' or TOR which enables tracing real location of servers almost impossible by relaying messages across a virtual network consists of TOR software installed on supporting servers.

On Dec 5, 2013, USA Today reported that Hackers stole almost 1.6 million login credentials and 320,000 e-mail credentials.

On Oct 31, 2013, USA Today reported claims that major Internet players' Data Centers were intercepted.

USA Today, Oct 31, 2013

On Dec 18, 2013, USA Today reported that Tech leaders dialogued with US President on NSA surveillance issues.

Grand conclusion:

1.) Mobile threats - Mobile trends such as BYOD serves as catalyst for growth in security vulnerability

Verizon DBIR 2013 confirms that 71% of breaches targeted user devices than servers.

2.) Proactive approach - Security companies focused on introduction of proactive security solution powered by intelligent security features.

Nevertheless, not much APTs were recorded on 2013 - Verizon DBIR 2013 confirms that only 25% of breaches are APTs related while others are opportunistic and 78% graded as less sophisticated.

3.) Cyber-espionage, Edward Snowden - the biggest hit was the exposure of cyber-espionage related activities involving government agencies - most of the chain reaction was triggered by the leak of Edward Snowden.

4.) Bitcoins were used heavily for cyber-espionage and cyber-terrorism activities.

5.) New actor on the APT stage appeared: cyber-mercenaries.

No comments: