FBI indicts, and in some cases gets guilty pleas or sentences,
eight people they say were involved in botnet-related activities:
Secure Computing’s prinicipal research scientist Dmitri Alperovitch was quite happy about the news.
“We welcome this news and applaud the FBI’s efforts and law enforcement worldwide in attempting to cleanup the cesspool of malware and criminality that the botmasters have promoted,” Alperovitch said in a press release. “Since botnets are at the root of nearly all cybercrime activities that we see on the Internet today, the significant deterrence value that arrests and prosecutions such as these provide cannot be underestimated.”
FBI Cracks Down (Again) on Zombie Computer Armies,
By Ryan Singel,
November 29, 2007 | 4:54:32 PM
Indeed, good news.
Now where are the metrics to show how much effect this actually
had on number of botnets, number of bots, criminal activities
mounted from bots, etc.?
Baseline, ongoing changes, dashboard, drilldown?
PS: Interestingly, every blog or press writeup I’ve seen about this
misuses the word “hacker” to apply to these crackers, yet the
actual FBI announcement never makes that mistake: it says cyber crime.
This pretty much describes the larger state of the Internet.
Security professionals watch it, but can’t do much about it.
Mostly increased monitoring provokes privacy concerns.
But what if it’s objects that are being monitored?
Carolinas HealthCare System (CHS), the third-largest public healthcare system in the US, has completed the first phase of an asset tracking program that is believed to be one of the largest healthcare real-time location system (RTLS) deployments in the US. Currently about 5,000 assets are being tracked over 1.4 million square feet at five facilities.
CHS plans to extend the WiFi-based RTLS system throughout its network, which includes 15 hospitals and medical centers in the Carolinas. Additional facilities totaling about 3 million square feet are scheduled to go live by the end of the quarter.
"As a healthcare organization, we’re required to upgrade or perform preventive maintenance regularly on medical equipment," Clay Fisher, director of information service at Carolinas HealthSystem, told RFID Update. "Imagine trying to find one specific IV pump when you have thousands of them across multiple facilities. We have reduced our ‘time-to-find’ for individual pieces of equipment from hours to less than ten minutes."
Carolinas HealthCare Launches Huge RTLS System,
Tuesday October 9th, 2007
One odd side effect is that CHS says if your wireless network isn’t
configured for VoIP, you should add that, because then it will have
enough coverage to do RTLS.
Now if they can find a way to track patient orders between nursing
shifts, and which doctors sign off on drugs without seeing their patients….
Well, not quite yet, but this could be the start:
“It is learnt that taking advantage of the inability of the Myanmar military junta to provide satisfactory and affordable mobile phone services in the Shan State and the Kachin State areas of North Myanmar, Chinese companies have been operating mobile phone services in Yunnan for the benefit of the people of North Myanmar.”
Chinese Mobile Phone Services in North Myanmar,
By B. Raman,
Paper no. 2470,
South Asia Analysis Group,
Lots More Reasons Why China is the New America,
By Bruce Sterling,
Beyond the Beyond,
November 23, 2007 | 8:35:27 AM
This bears watching, also because while I’ve been predicting
the U.S. may end up buying fast Internet access from Japanese
companies, just like cars, actually it could be Chinese companies.
The U.K. Revenue ministry has been leaking massive amounts
of personal information, and now it’s affected the ruling party:
The Government will face fresh questions over the loss of millions of
voters’ personal data amid evidence the debacle has helped fuel a massive
slump in public confidence.
One poll showed those backing Labour’s ability to handle economic
problems had been more than halved to 28%, with just a quarter deeming
Gordon Brown’s administration “competent and capable”.
And another gave the Tories a nine-point overall lead, its strongest
position for 15 years, just weeks after Labour enjoyed an 11-point
advantage in the same poll.
Confidence in Labour ‘plummets’,
Friday November 23, 2007 7:03 AM
A government in risk of falling due to lack of breach security
and perceived lack of technical confidence might be what it takes
to get governments and industry to take breach security seriously.
For example by requiring breach reporting.
Bruce, seeing that the Storm Worm has sprouted stock tout popups on its own bots:
(((I’m guessing the next step is to contact Storm bot victims directly and ask them to join the Storm Network voluntarily. AFter all, if you obeyed that Storm spam pop-up, you cashed in; and this would be a valuable opportunity to become a foot-soldier in the biggest online organized=crime outfit ever.)))
Storm Worm spams its own bots,
By Bruce Sterling,
Beyond the Beyond,
November 15, 2007 | 11:34:00 AM
Having proved that it can infect much of the Internet and the
alleged security professionals can do nothing about it,
Storm now bids to get its victims to join it?
So this fellow was just arrested and some of his computers confiscated:
Dan Egerstad, a security consultant, intercepted data carried over
a global communications network used by embassies around the world in
August and gained access to 1000 sensitive email accounts. They contained
confidential diplomatic memos and other sensitive government emails.
After informing the governments involved of their security failings and
receiving no response, Egerstad published 100 of the email accounts,
including login details and passwords, on his website for anyone curious
enough to have a look. The site, derangedsecurity.com, has since been
Swedish Police Swoop on Dan Egerstad – UPDATE
Fergie’s Tech Blog,
14 Nov 2007
He got this information by installing Tor,
which people use to hide their IP addresses,
and looking to see what passed over it.
What he saw he thinks was people who had already broken into embassy
accounts using them illicitly.
He tried to inform governments, who (except for Iran) were uninterested.
Then he posted his information online,
thus probably stopping the snoopers.
So Egerstad gets arrested, yet
this man, who says “Privacy no longer can mean anonymity”
walks around free.
I keep talking about the black hats using the leverage of the Internet.
Dan Geer summarizes the situation:
The thing to remember is that the attacker’s workfactor is the cost of
a new variant, and as the production of variants (whether of malware or
URLs) is now automated, the arms race between attacker and defender can
be manipulated by the attacker to bankrupt the defender.
A Quant Looks at the Future Extrapolation via Trend Analysis,
by Dan Geer,
accessed 13 Nov 2007
“Rescaled, cumulative,” page 22,
He’s got lots of data from various viewpoints to back up that assertion.
Why do corporations and the government think
we should trust them with everything
yet they shouldn’t even have to report security breaches?
Adam notes that the Commission on Cyber Security is currently meeting
“to provide advice about cyber-security policy to the next presidential administration.”
Adam has a recommendation:
Many of our fears about what happens after a company is breached have
turned out to be false. This is the first key lesson. We have feared
that companies will go out of business, people will lose their jobs,
and customers will flee. Generally, these things happen only in extreme
outliers, if at all. (Two companies have gone out of business; average
customer churn is about 2%.)
The second lesson comes from studying the data. The dataloss list
contains less selection bias about a broader set of incidents than any
other public data I’ve ever seen.
So my goal for the 44th Presidency would be to overcome the fear that
has held us back from having national cybercrime statistics, in the form
of good law requiring breach disclosure.
How Government Can Improve Cyber-Security,
by Adam Shostack,
12 Nov 2007
This would be a big improvement.
Adam evaluates a New York Times article
about NYC school evaluations
, and sums it up:
The school that flunked has more students meeting state standards
than the school that got an A.
Measuring the Wrong Stuff,
by Adam Shostack,
9 Nov 2007
Measurement is good, but for example in information security
if your measurements aren’t relevant to the performance of the company
(economic, cultural, legal compliance, etc.), measurement
can waste resources or steer the ship of state or company onto ice floes.