Category: General IT

What is the Greatest Cybersecurity Threat: Insiders or Outsiders?

In a short two years, it is safe to say that the prospect of cybercrime has suddenly shifted to be a top concern for many decision makers around the world.

It started with the explosive hacks that rocked companies like Sony, JP Morgan, Target, and other well-known brands. More recently, it was the release of thousands of hacked emails from the DNC and John Podesta, along with the allegations of Russian hacking, that has led the news cycle.

As a result, it is not surprising that much of today’s narrative on cybercrime is centered around the devastating potential of external threats to countries or businesses. The reality is, however, that there is a whole other side of things to consider.

Infographic from Digital Guardian explains the differences, methods, and typical costs associated with each kind of cybersecurity threat.

 

cybersecurity-threats-infographic
Insiders vs. Outsiders: What’s the Greater Cybersecurity Threat? 

Source: digitalguardianvisualcapitalist

 

INTERNET of EVIL THINGS (IoET)

Traditionally, InfoSec Teams had a difficult, but straightforward, job: they need to understand their assets, know what they were connecting to, and separate them from the outside world. That standard has changed, many devices introduced into the workplace by employees, visitors, partners, and other outsiders. Any device that can connect to a network, whether it is or isn’t built to be malicious, can cause disaster to both the data and networks IT Security is responsible for protecting.

So, what exactly is The Internet of Evil Things? First, we need to define evil, by which we mean malicious or harmful… purposefully or not. For the purposes of this report, we are defining a “connected device” as any device that can connect to a network or other devices via a wired or wireless signal.

IT security professionals (rightfully) expect that connected devices will be a major security headache in 2017 – but still struggle to get a grasp on how to account for, track and monitor those devices, a report from Pwnie Express found.

IOET11

IOT—LIFE AFTER MIRAI

On October 21st, 2016, a massive Distributed Denial of Service (DDOS) attack took down large portions of the Internet across the United States. It quickly became clear that the only way an attack that large could have happened was with an unprecedented number of computers. In this case, connected devices like webcams were being used as unwitting accomplices in the biggest DDoS attack in history. How were they being “recruited”? A clever malware that took advantage of unprotected, web-connected devices with weak or non-existent passwords. Like other botnets, anybody’s devices could be a part of the zombie mob.

dyn-ddos-attack-diagram_02Historically, over 60% of IoT devices are consumer devices; which is troubling considering that consumers are the group least likely to consider or improve the default security of their device. An ESET and National Cyber Security Alliance study of 15,527 consumers revealed that 43% of end users had not changed the default passwords on their home routers. Consumer IoT devices include any internet enabled device, such as webcams, printers, routers, mobile devices, etc. There is currently a quarter of a billion CCTV cameras worldwide. In many countries, including the United States, most home users who purchase television or internet access are provided with a company specific DVR or router. These IoT devices often rely on generic or default administration credentials that most end users neglect to change. Other devices have hardcoded vendor default credentials that end users cannot change.

Default credentials pose little threat when a device is not accessible from the Internet. However, when combined with other defaults, such as web interfaces or remote login services like Telnet or SSH, default credentials may pose a great risk to a device.” “In this case, default credentials can be used to “Telnet” to vulnerable devices, turning them into “bots” in a botnet.”

Attackers hacked IoT devices via SSH or Telnet account exploiting known vulnerabilities or using default passwords that were not changed by the owner of the targeted systems.

IoET

We can find out the flawed IoT devices by using Shodan search Engine 
on the internet      https://www.shodan.io/
What Is being Done To Secure The IoT?

The IoT security issue has also given rise to new alliances. A conglomeration of leading tech firms, including Vodafone, founded the Internet of Things Security Foundation, a non-profit body that will be responsible for vetting Internet-connected devices for vulnerabilities and flaws and will offer security assistance to tech providers, system adopters, and end users. IoTSF hopes to raise awareness through cross-company collaboration and encourage manufacturers to consider the security of connected devices at the hardware level.

Online Trust Alliance recommendations:
  1. Developers and manufacturers:
  • Proactively communicate to customers any security and safety advisories and recommendations.
  • Products which can no longer be patched and have known vulnerabilities should either have their connectivity disabled, the product recalled and/or the consumers notified of the risk to their personal safety, privacy and security of their data.
  • Provide disclosures, including on product packaging, stating the term of product/support beyond the product warranty
  • Update websites to provide disclosures and security advisories in clear, everyday language.
  1. Retailers / Resellers / eCommerce Sites:
  • Voluntarily withdraw from sale products being offered without unique passwords or without a vendor’s commitment to patching over their expected life
  • Apply supplementary labels or shelf-talkers advising buyers of products with exemplary security data protection and privacy policies.
  • Notify past customers of recalls, security recommendations and of potential security issues.
  1. Consumers and users have a shared responsibility. Users need to:
  • Maintain devices and stay up to date on patches.
  • Update contact information including email address for all devices.
  • Regularly review device settings and replace insecure and orphaned devices
  1. ISPs should consider the ability to place users in a “walled garden” when detecting malicious traffic patterns coming from their homes or offices. In concept, this would allow basic services such as 911 access and medical alerts, while limiting other access. Such notifications can advise consumers of the harm being incurred, and the need to make changes, replace devices or seek third party support.
  2. Government:
  • Fund outreach and education, working with trade organizations, ISPs, local grassroots organizations, media, State Agencies, and others to raise awareness of the threats and responsibilities. Focus on teachable moments such as at the time of purchase, inclusion in billing statements and emails to installed base of users and notices to ISP customers.
  • Prioritize “whole-of-government” approach to the development, implementation, and adoption of efforts and initiatives, with a global perspective. Coordinated efforts will help to ensure the industry can innovate and flourish while enhancing the safety, security, and privacy of consumers, enterprises, and the nation’s critical infrastructure.

Source: pwnieexpress,  Online Trust Alliancejoy of tech,  techcrunch,   Trend MicroProduct Hunt

What exactly is the INTERNET of THINGS (IoT)

What exactly is the Internet of Things (IoT)?

Internet of Things is an environment of smart small hosting devices (because they get attached to any device and make them smart device) which are AlwaysAnywhere and Anytime (3As of IoT) connected with each other and sending some data or information which can further be processed over cloud to generate meaningful analytic result that can help a lot or to trigger an automatic action according to the analysis. These small devices are called the “THING” of Internet of Things and this environment comprises of 3 ingredients called Device, Network and Application also known as DNA of Internet of Thing.

This particular infographics answers all your questions very well: (credit: postscapes-harbor-iot-infographics.jpg

postscapes-harbor-iot-infographics-compressor

Source: QuoraPostscapes,  harbor research

Free Network Diagram Tools

At some point, every administrator will need to diagram a network. For some, it’s their primary duty — and they tend to rely on powerful, expensive tools like Microsoft Visio. But for those who need to use a diagramming tool only occasionally, a cheaper solution is best.

Below are the best free best tools to use in Small business centers and for occasional users.

These tools could be used to create diagrams, network diagrams, flowcharts, schemas, maps and so much more. You can use predefined blocks, primitive shapes, raster, and vector images.

1. LibreOffice Draw: 

Draw is part of the LibreOffice suite, an open-source alternative to Microsoft Office. Side-by-side, Draw is similar to Visio in terms of functionality—offering the ability to create basic or complex diagrams, anything from flowcharts and organizational charts to network diagrams and 3D sketches.

LibreOffice Draw runs on Windows, Linux, and Mac OS X.

Tip: LibreOffice Portable lets you run any of the tools from a USB, local hard drive, or the cloud.

To get started, you will need to download and apply a network topology icons pack, available in the form of an extension. A couple of popular ones are VRT Network Equipment and Cisco Network Topology Icons

Network Diagram

To apply for the VRT Network Equipment icons, go to Tools > Extension Manager > Add > choose the extension file you downloaded and it will be added automatically to your extension list.

Alternatively, if you have your own icons or images you wish to use in your diagram, you can add them to your gallery. Open the Gallery by clicking on the icon on the right-hand side, or going to Insert > Media > Clipart Gallery. Here, you can create a New Theme folder and add your images or icons to that folder.

To add Cisco Network Topology Icons, download PMS 3015: EPS (14 MB) from the Cisco website.  To apply for the Cisco network icons, please do it as per the explanation is given below video.

For portable version : https://www.libreoffice.org/download/portable-versions/

 

2. CADE:

CADE is a compact but powerful 2D vector editor for Windows. It includes basic Visio functionality and could be used to create diagrams, network diagrams, flowcharts, schemas, maps and so much more.

Free sample diagrams are available to help you get started.

CADE is available for free download.

3. Draw.io:

Draw.io is a free, cloud-based, online diagramming software solution that allows you to create basic network diagrams from a user-friendly interface. You can save directly to Google Drive, Dropbox, OneDrive, or your own device and export the finished product in PNG, SVG, HTML, PDF, or XML format.

Click More Shapes, on the bottom left-hand side, to choose more shapes from pre-defined categories. The Scratchpad allows you to add your own images by dragging and dropping, importing from a file, or specifying an image URL.

4. Dia:

Dia is an open source, GTK+ diagramming tool that has a shallow learning curve and can help you create basic network diagrams. Like CADE, Dia was inspired by Visio — but with a much more casual approach and feel. Dia loads and saves XML-formatted documents that are gziped by default to save space. Dia is also available for Linux, Mac, and Windows.

5. yED:

yEd is freely available and runs on all major platforms: windows, Unix/Linux, and Mac OS X.  It has a great user interface and features diagram creation, auto-layout, data import (GraphML, Excel XLS, GEDCOM, GML, XML), and data export (PDF, SWF, JPG, GIF, BMP, and HTML image maps). The auto-layout feature is particularly cool. It uses a wide range of sophisticated layout algorithms to automatically arrange your diagrams, saving you time and effort.

6. Diagram Designer:

Diagram Designer is another freeware tool that suffers (like Dia) from looking a bit on the outdated side. But Diagram Designer’s ease of use should certainly make up for the old-school feel of the application. DD features include customizable template objects, a spell checker, import/export (WMF, EMF, BMP, JPEG, PNG, MNG, ICO, GIF, and PCX), a slideshow viewer, a graph plotter, a calculator, MeeSoft Image Analyzer integration, and compressed file format.

Source: neweggbusiness, solarwindsmsptechrepublic

Nobel Prize of Computing

The ACM A.M. Turing Award is an annual prize given by the Association for Computing Machinery (ACM) to “an individual selected for contributions of a technical nature made to the computing community”. It is stipulated that the contributions “should be of lasting and major technical importance to the computer field”.

According to the Nobel Foundation: “The Nobel Prizes, as designated in the Will of Alfred Nobel, are in physics, chemistry, physiology or medicine, literature, and peace. so, there was no Nobel for Computer Science.

The Turing Award is generally recognized as the highest distinction in computer science and the “Nobel Prize of computing“.

ACMThe award is named after Alan Turing, a British mathematician and reader in mathematics at the University of Manchester. Turing is often credited as being the key founder of theoretical computer science and artificial intelligence.

From 2007 to 2013, the award was accompanied by a prize of US $250,000, with financial support provided by Intel and Google.

Since 2014, the award has been accompanied by a prize of US $1 million, with financial support provided by Google Inc.

The first recipient, in 1966, was Alan Perlis, of Carnegie Mellon University.

The first female recipient was Frances E. Allen of IBM in 2006.

Dabbala Rajagopal “Raj” Reddy is an Indian-American computer scientist is the first person of Asian origin to receive the Turing Award, in 1994, for his work in the field of Artificial Intelligence.

Turing Award 2016 winner:

Sir Tim Berners-Lee, Inventor of the Web

ACM named Sir Tim Berners-Lee, a Professor at Massachusetts Institute of Technology and the University of Oxford, the recipient of the 2016 ACM A.M. Turing Award.

TimBerners-Lee was cited for inventing the World Wide Web, the first web browser, and the fundamental protocols and algorithms allowing the Web to scale. Considered one of the most influential computing innovations in history, the World Wide Web is the primary tool used by billions of people every day to communicate, access information, engage in commerce, and perform many other important activities.

“The idea of a web of knowledge originated in a brilliant 1945 essay by Vannevar Bush. Over the next decades, several pieces of the puzzle came together: hypertext, the Internet, personal computing. But the explosive growth of the Web started when Tim Berners-Lee proposed a unified user interface to all types of information supported by a new transport protocol. This was a significant inflection point, setting the stage for everyone in the world, from high schoolers to corporations, to independently build their Web presences and collectively create the wonderful World Wide Web.”

Berners-Lee invented several integrated tools that would underpin the World Wide Web, including:

  • Uniform Resource Identifier (URI) that would serve to allow any object (such as a document or image) on the Internet to be named, and thus identified
  • Hypertext Transfer Protocol (HTTP) that allows for the exchange, retrieval, or transfer of an object over the Internet
  • Web browser, a software application that retrieves and renders resources on the World Wide Web along with clickable links to other resources, and, in the original version, allowed users to modify web pages and make new links
  • Hypertext Markup Language (HTML) that allows web browsers to translate documents or other resources and render them as multimedia web pages.

Berners-Lee launched the world’s first website, http://info.cern.ch, on August 6, 1991. which can still be visited today even after more than two decades of its creation.

In short, the Web is what it is today because of Sir Tim’s brilliant design, based on his synthesis of several key ideas and his technical leadership. The ACM recognizes Sir Tim with the Turing Award for this enduring contribution to the computing community.

ACM will present the 2016 A.M. Turing Award at its annual Awards Banquet on June 24 in San Francisco, California.

Complete listing of A.M. Turing Award Laureates.

Source: Wikipedia,  amturing.acm, network world, the hackernews

Robert Taylor: Computer & Internet pioneer

Robert William Taylor, known as Bob Taylor a computer scientist who was instrumental in the creation of the internet and modern computer, has died on Thursday, April 13, 2017, He was 85.

Robert Taylor

Biographical Synthesis:

Robert William Taylor was born on February 10, 1932, in Dallas (Texas) and was adopted by Rev. Reymond Taylor, a Methodist minister, and his wife Audrey.

He earned his bachelor’s and master’s degrees in experimental psychology from the University of Texas at Austin. It was there while working on his master’s thesis in experimental psychology, Taylor was dismayed to find that computers of the day were focused on arithmetic and business data processing. They were not interactive; they were clumsy to use and were severely limited in their application. He soon chose to dedicate his career to re-defining computing with a focus on interactive communication, networking, and search technology.

Computer related contributions:
  • Project Manager for NASA (National Aeronautics and Space Administration) in 1961. He directed funding to Douglas Engelbart at the Stanford Research Institute, later called SRI International, who helped develop the modern computer mouse.
  • Director of ARPA‘s (Advanced Research Projects Agency)Information Processing Techniques Office from 1965 through 1969. At that time, ARPA funded most of the nation’s computer systems research. Taylor’s ARPA work is best known for his initiation of the ARPAnet, for sponsoring the continued development of interactive computing, and for funding the research base that was necessary to the creation of the nation’s first Ph.D. granting computer science departments. 
  • In 1968 Mr. Taylor and Dr.Licklider wrote a paper together, “The Computer as a Communications Device“, which drew the broad outlines of how computer networks might transform society.
  • Founder and manager of Xerox PARC‘s (Palo Alto Research Center) Computer Science Laboratory (CSL) from 1970 through 1983. CSL researchers became known worldwide for a number of important innovations necessary to the creation of the Internet. CSL invented and built Ethernet, the laser printer, and the PUP (PARC Universal Packet) protocol. PUP was introduced seven years in advance of the implementation of the Internet protocol, TCP/IP. Within Xerox, all of these technologies enabled the construction of the first internet.

    CSL also designed and built the Alto, the first networked personal computer. It was the first to support a graphical user interface, complete with mouse and a WYSIWYG (What You See Is What You Get) word processor and which was the antecedent of Microsoft Word. The Alto also contained an early page description language, the antecedent of Adobe’s Postscript. 

    In the 1970s, a number of companies essential to the building of the Internet outside Xerox did not exist: Adobe, Apple, Cisco, Microsoft, Sun, and 3Com were among them. In the 1980s, the early products from all these new companies were based primarily on software and technology created in CSL. All of this work occurred during the period of 1970 to 1983 when Taylor led CSL.

  • Founder and manager of Digital Equipment Corporation’s Systems Research Center (SRC) until 1996. SRC also became a world-class research center. It was best known for advancing distributed personal computing, high-performance/high-reliability local area networks, and search engine technology. The Alta Vista search engine created two years before Google. Taylor retired in 1996
Honors and awards:
  • National Academy of Engineering Draper Prize (2004)
  • National Medal of Technology and Innovation (1999)
  • ACM Software Systems Award (1984)
Quotes:

“The Internet is not about technology; it’s about communication. The Internet connects people who have shared interests, ideas, and needs, regardless of geography.”

Mr. Taylor died of complications of Parkinson’s disease, on Thursday, April 13, 2017

Source: computerhope, computerhistory, wikipedia, ecured, nytimes, theguardian, seattletimes

AIR-GAPPED Computers

AIR-GAPPED Computers

HOW DO YOU remotely hack a computer that is not connected to the internet? Most of the time you can’t, which is why so-called air-gapped computers are considered more secure than others.

Air-gap refers to computers or networks that are not connected directly to the internet or to any other computers that are connected to the internet.

The name arises from the technique of creating a network that is physically separated (with a conceptual air gap) from all other networks.

Air gaps generally are implemented where the system or network requires extra security, such as classified military networks, the payment networks that process credit and debit card transactions for retailers, or industrial control systems that operate critical infrastructure. To maintain security, payment and industrial control systems should only be on internal networks that are not connected to the company’s business network, thus preventing intruders from entering the corporate network through the internet and working their way to sensitive systems.

A true air gap means the machine or network is physically isolated from the internet, and data can only pass to it via a USB flash drive, other removable media, or a firewire connecting two computers directly. But many companies insist that a network or system is sufficiently air-gapped even if it is only separated from other computers or networks by a software firewall. Such firewalls, however, can be breached if the code has security holes or if the firewalls are configured insecurely.

Although air-gapped systems were believed to be more secure in the past, since they required an attacker to have physical access to breach them, recent attacks involving malware that spread via infected USB flash drives have shown the lie to this belief. One of the most famous cases involving the infection of an air-gapped system is Stuxnet, the virus/worm designed to sabotage centrifuges used at a uranium enrichment plant in Iran. Computer systems controlling the centrifuges were air-gapped, so the attackers designed Stuxnet to spread surreptitiously via USB flash drives. Outside contractors responsible for programming the systems in Iran were infected first and then became unwitting carriers for the malware when they brought their laptops into the plant and transferred data to the air-gapped systems with a flash drive.

MjIyMTQzMg

The techniques of hacking air gap computers include:

  • AirHopper that turns a computer’s video card into an FM transmitter to capture keystrokes;
  • BitWhisper that relies on heat exchange between two computer systems to stealthily siphon passwords or security keys;

 

 

Researchers in Israel showed how they could siphon data from an air-gapped machine using radio frequency signals and a nearby mobile phone. The proof-of-concept hack involves radio signals generated and transmitted by an infected machine’s video card, which are used to send passwords and other data over the air to the FM radio receiver in a mobile phone.

The method is more than just a concept, however, to the NSA. The spy agency has reportedly been using a more sophisticated version of this technique for years to siphon data from air-gapped machines in Iran and elsewhere. Using an NSA hardware implant called the Cottonmouth-I, which comes with a tiny embedded transceiver, the spy agency can extract data from targeted systems via RF signals and transmit it to a briefcase-sized NSA relay station up to eight miles away.

  • Stealing the secret cryptographic key from an air-gapped computer placed in another room using a Side-Channel Attack.This is the first time when such attack have successfully targeted computer running Elliptic Curve Cryptography (ECC).

Elliptic Curve Cryptography is a robust key exchange algorithm that is most widely used in everything from securing websites to messages with Transport Layer Security (TLS).

Source: thehackernews, spectrum.ieeewired.com