Monthly Archives: January 2014

Ranking needles

Pouring more money into infosec won’t make us more secure unless we know what’s working and what isn’t. Maybe we need a way to compare those things.

Tim White wrote for NYTimes 22 January 2014, Finding a Needle in a Digital Haystack,

LAST year the private sector spent $67.2 billion on cybersecurity services. Nevertheless, according to a recent investigation by Verizon, 60 percent of successful hacks were not detected until months after the attacks began. In the wake of recent high-profile hacker attacks against Target, Neiman Marcus and other retailers, the obvious question is: Why hasn’t all that money done any good?

It’s not for lack of trying. Much of the money is well spent, paying for armies of technical engineers and state-of-the-art security applications.

The problem is not the resources, or the personnel, or the data. It’s that many organizations simply don’t know how to arrange the data to identify suspicious patterns and weaknesses, at least not fast enough. There’s too much data, and not enough perspective.

What we need, then, is Continue reading

Charter, Comcast, and Windstream got worse in December 2013

Road Runner (Time Warner Cable) had four of the U.S. U.S. top 10 for December 2013, adding up to more spam spewed than #1 Charter and way more than #2 Comcast.

Two out of three of Road Runner’s entries got worse, and one, AS11427 SCRR-11427, popped up from #27 to join the top 10 at #9.

PaeTec (Windstream) popped up from #45 to #3 with one week’s burst of spam.

Internap‘s AS12180 INTERNAP-2BLK dropped out of the top 10, plummetting from more than 5 million spam messages in November to none observed in the CBL data in December. Congratulations, Internap! Continuum Data Centers’ AS53264 CDC-LMB1 also did well, dropping from #10 to #57, down from 1.5 million to 0.25 million spam messages.