Tag Archives: Kaspersky

In light of the evidence

We tend to accept facts and given situations whenever we have a reliable source and a decent level of evidence. The interesting side is that howling to the moon like a group of sheep hoping the lone wolf will not hear them is an equally weird revelation. The question becomes at that point, who is the lone wolf and who are the sheep, because neither position nor identity is a given. Now, for the first art, we have the Guardian article (at https://www.theguardian.com/politics/2017/may/27/eu-theresa-may-combat-terror-brexit-europol), with the expected title ‘We need deal with the EU to combat terror, experts tell Theresa May‘, which of course gets them the DGSE, yet the usefulness of the rest becomes a bit of an issue. For this part we need to look somewhere else, and we will do that after the given quote in the mentioned article “Although our partnership with the US for intelligence sharing is extremely important, the fact is that the current terrorist threat is very much a European dimension issue. The Schengen database and knowing about who has moved where are all intimately dependent on European systems and we have got to try to remain in them“. This could be a valid and valued statement, yet is that truly the case? For this we need to take a little gander to another place of intelligence and Intel interest. The Cyber monkeys, or is that the cyber-mercenaries? The difference is merely a moment when you WannaCry 1.4. You will have heard, or perhaps read regarding the NHS as it was struck, here again we see: “However, it instead appears to be down to organisations and individuals failing to run keep Windows up to date“, which was actually voiced by NHS Digital, the failure of policies as they were not adhered to by IT staff, or at least those responsible for keeping those PC’s up to date with patches. The second quote given much earlier in the IT article is ““To be abundantly clear, the recent speculation concerning WannaCry attributes the malware to the Lazarus Group, not to North Korea, and even those connections are premature and not wholly convincing,” wrote James Scott, a senior fellow at the Institute for Critical Infrastructure Technology (ICIT)“, which is where I have been all along. The one nation that has less computer and internet innovation than a Nintendo GameCube sets this level of hardship? It is just too whack for thought. It is the quote “At best, WannaCry either borrowed heavily from outdated Lazarus code and failed to change elements, such as calls to C2 servers, or WannaCry was a side campaign of a minuscule subcontractor or group within the massive cybercriminal Lazarus APT” that changes the game. In addition we see: “The publication referred to “digital crumbs” that the cyber security firm had traced to previous attacks widely attributed to North Korea, like the Sony Pictures hack in late 2014″, we will exclude the quote “Shadow health secretary Jon Ashworth has said Labour would invest an extra £5 billion into new IT infrastructure for the NHS, after hospitals and services were affected by the widespread Ransomware attack on Friday“, especially as Labour had in the previous government wasted £11.2 billion on an IT system that never worked, so keeping them away from it all seems to be an essential first.

The issue is now in several phases. Who got hit (those not updating their systems). It affected according to some sources thousands of systems, yet when it comes to backtracking to a point of origin, the Cyber Intelligence groups remain unclear. The IT article (at http://www.itpro.co.uk/security/28648/nhs-ransomware-north-korea-may-not-be-behind-wannacry), gives us a few things, yet the clear reference to the Guardians of Peace, the identity the hackers had given themselves in the Sony event gives a few additional worries. Either this is clearly a mercenary group without identity, or we have a common new issue on identity when it comes to Cyber criminals. You see, as we see more and more proclaiming the links between the Lazarus group and North Korea, we do not get to see a clear link of evidence. Many sources give us ‘could be linked‘, or ‘highly likely‘, which is an issue. It makes the evidence too shallow and circumstantial. The NY Times gives us (at https://www.nytimes.com/2017/05/22/technology/north-korea-ransomware-attack.html) yet they are basically stating what Symantec game us and mention that. My issue here is “But the hackers left behind a trail of digital crumbs that Mr Chien and his colleagues had traced to previous attacks by the Lazarus Group“, what if the crumbs were an intentional side? You see, the quote “another group of hackers that call themselves the Shadow Brokers published the details of National Security Agency hacking tools that the WannaCry hackers were able to use to add muscle to their attacks” give a different light. The fact that there is a team reengineering tools and flaws to get somewhere fast is one. We have seen the lack of actual cyberpower of North Korea in the past, the fact that they are regarded on the same level as Chinese Cyber forces is a bit silly. You see, any country has its own level of savants, yet the fact that North Korea, a nation as isolated as it is, gets to be on par with China, an actual superpower that has Cyber infrastructures, experts at the University of Shanghai (the white paper on cracking AES-256, 2001), as well as a growing IT technology base is just a little too whack.

This now reflects back to the European need of Schengen. The UK needs quality intelligence and with the US breaches of Manchester, the fact that no high quality evidence was ever given regarding the Sony Hack, the growing source of all kinds of hacker names and no validity or confirmable way to identify these groups leaves us with a mess that pretty much anyone could have done this. In light of the NSA flaw finders, there is now more evidence in the open giving the speculative hacker as one with skills that equal and surpass people graduating with high honours at MIT, than anything North Korea could produce. It does not put North Korea in the clear (well the fact that the generals there had no comprehension of a smartphone should be regarded as such), and as we see the entire Bitcoin go forward, we need to take more critical looks at the given evidence and who is giving that evidence. We all agree that places like Symantec and Kaspersky should be highly regarded, yet I get the feeling that their own interns know more about hacking then the sum of the population of all North Koreans do, which is saying a lot. We see supportive evidence in the Business Insider (at http://www.businessinsider.com/wannacry-ransomware-attack-oddities-2017-5). Here we see IBM with “IBM Security’s Caleb Barlow, researchers are still unsure exactly how the malware spread in the first place. Most cybersecurity companies have blamed phishing emails — messages containing malicious attachments or links to files — that download the ransomware. That’s how most ransomware finds its way onto victims’ computers. The problem in the WannaCry case is that despite digging through the company’s database of more than 1 billion emails dating back to March 1, Barlow’s team could find none linked to the attack“, one billion emails! That is what we call actual evidence and here IBM is claiming that the issue of HOW the malware spread remains a mystery. Now, can you see that the entire North Korean issue is out of touch with the reality of Common Cyber Sense and Actual Cyber Security? Two elements, both are essential in all this. It is the lack of actual evidence that seems to be the issue, giving us the question, who wants the North Korea issue propagated? Any answer here is more likely to be political than anything else, which now gives us additional questions on where for Pete’s sake the need of European Intelligence remains as they fall short of providing answers. In light of the Schengen database. Why would that not be shared? If the US has access as a non-European, non-EC nation, why would the UK, a clear European nation be barred from access? With all the flawed acts by the US, having actual professionals look at Schengen data, seems to be an elemental first, would you not agree?

An additional question would be on how these Bitcoins would be cashed, it is not like an isolated nation like North Korea ever had a flying business in Bitcoins in the first place. It is actually (yes, I am shocked too), that quality information comes from PwC. In this case Marin Ivezic, a cyber-security partner. He gives us “EternalBlue (the hacking tool) has now demonstrated the ROI (return on investment) of the right sort of worm and this will become the focus of research for cybercriminals“, which would be a clear focus for veteran cyber criminals, yet the entire re-engineering foundation gives another slice of circumstantial evidence that moves us actually away from North Korea. So in this we have two elements. As the FBI and CIA have been all about pointing towards North Korea, the question becomes, where do they not want us to look and whatever else do they not have a handle on? These points are essential because we are shown an elemental flaw in Intelligence. When the source is no longer reliable, why would they be around in the first place? We can agree that governments do not have the goods on Cyber criminals, because getting anything of decent value, tends to require inside knowledge, which is the hardest to get in any case, especially with a group as paranoid as cyber criminals. The second side is that China and Russia were on the list as one of the few abled parties to get through Sony, yet Russia has fallen of the map completely in the last case, that whilst they are actually strengthening ties with North Korea. That does not make them guilty, yet on the sale required Russia was one of the few with such levels of Cyber skills. The fact that we see in the NY Times that it is too early to blame North Korea is equally some evidence, it gives vision to the fact that there are too many unknowns and when IBM cannot give view of any mail that propagated the worm, gives additional consideration that there are other places who cannot claim or show correctly how the worm got started, which is now an additional concern for anyone altering the work for additional harm. As the point of infection is not known, stopping the infection becomes increasingly difficult, any GP can tell you that side of the virus. There is one more side I would like to raise. This comes from a source (at http://securityaffairs.co/wordpress/59458/breaking-news/wannacry-linguistic-analysis.html), it is not a journalistic source, or a verified source, so please take consideration that this news could be correct. It is however compelling. The quote ““The text uses certain terms that further narrow down a geographic location. One term, “礼拜” for “week,” is more common in South China, Hong Kong, Taiwan, or Singapore. The other “杀毒软件” for “anti-virus” is more common in the Chinese mainland.” Continues the analysis “Perhaps most compelling, the Chinese note contains substantial content not present in any other version of the note, is lengthier, and differs slightly in format.” The English note of the ransomware appears well written, but it contains a major grammar mistake that suggests its author is either not a native speaker or possibly someone poorly educated“, that would make sense, yet how was that source acquired?

The second quote: ““Given these facts, it is possible that Chinese is the author(s)’ native tongue, though other languages cannot be ruled out,” Flashpoint concluded. “It is also possible that the malware author(s)’ intentionally used a machine translation of their native tongue to mask their identity. It is worth noting that characteristics marking the Chinese note as authentic are subtle. It is thus possible, though unlikely, that they were intentionally included to mislead.” The Flashpoint analysis suggests attackers may have used the Lazarus code as a false flag to deceive investigators, a second scenario sees North Korean APT recruiting freelance Chinese hackers to conduct the campaign” gives us a few elements, the element of misdirection, which I had noted on from other sources and the element that North Korea is still a consideration, yet only if this comes from a freelance hacker, or someone trying to get into the good graces of Pyongyang, both options are not out of the question as the lack of Cyber skills in North Korea is a little too well set from all kinds of sources. The writer Pierluigi Paganini is a Cyber professional. Now even as Symantec’s Eric Chien is from California, did they not have access to this part and did no one else correctly pick up on this? As I stated, I cannot vouch for the original source, but as I had questions before, I have a few additional questions now. So, exactly how needed is European Intelligence for the UK? I think that data should be shared within reason. The question becomes, how is Schengen data not shared between governments? The Guardian gives us “After the Manchester attack, which killed 22 people and left dozens of others grievously injured, it was revealed that suicide bomber Salman Abedi had travelled back to England from Libya via Turkey and Dusseldorf four days before the attack“, so how reliable is Turkish intelligence in the first place? How could he have prepared the bomb and get the ingredients in 4 days? There is an additional view on ISIS support active in the UK, yet as we now see that this drew attention to him, why on earth was the trip made? Also, was Libya or Mecca the starting point (source: claim from the father in earlier Guardian article)? How would sharing have resolved this?

Now look at this in light of the US leaks and the Cyber Intelligence of a dubious nature. There is a growing concern that the larger players NSA, DGSE, GCHQ have flaws of their own to deal with. As they are relying more and more on industry experts, whilst there is a lack of clear communication and reliable intelligence from such sources, the thoughts now become that the foundation of fighting terror is created by having a quality intelligence system that recognises the need for Cyber expertise is becoming an increasing issue for the intelligence branch. Should you wonder than, then reconsider the quote: ‘demonstrated the ROI (return on investment) of the right sort of worm and this will become the focus of research for cybercriminals‘, if you think that cyber jihadists are not considering the chaos that they could create with this, then think again.  They will use any tool to create chaos and to inflict financial and structural damage. They might not have the skills, yet if there is any reliable truth to the fact that the Lazarus group is in fact a mercenary outfit, there would be enough critical danger that they will seek each other out, that is providing that ISIS could bring cash to that table. I have no way of telling how reliable or how certain such a union could be. What is a known is that Sir Hugh Orde is not answering questions, he is creating them, as I personally see it. The quote “UK membership of EU bodies such as Europol and Eurojust, which brokers judicial co-operation in criminal cases, not only allowed access to huge amounts of vital data, but also meant UK police could set up joint inquiries with German police or those from other national forces without delay“. You see, the UK remains part of Europe and Interpol existed before the EC, so as we now see the virtual creation of red tape, the question becomes why the EU has changed rules and regulations to the degree that the UK would fall out of the boat. Is it not weird that the EU is now showing to be an organisation of exclusion? Even if we laugh on the ridiculous promises that Corbyn is making, just to be counted shows that there is a larger problem in place. Why is there suddenly a need for 1,000 more intelligence staff? Can we not see that the current situation is causing more issues then resolve them? As such, is throwing money and staff on a non-viable situation nothing less than creating additional worries?

The last part is seen in “The Schengen database and knowing about who has moved where are all intimately dependent on European systems and we have got to try to remain in them“, yet this does require all players to enter the data accurately, in addition, that only applies to people entering Schengen, yet as has been shown in the past, after that getting locations on people is becoming an increasingly difficult problem. The fact that after the Paris attacks, some people of interest were found to be in Belgium is one side, the fact that these people could have met up with all kinds of contacts on the road is another entirely. The truth is that the intelligence branch has no way of keeping track in such details. In addition we have seen that the list of people of interest is growing way beyond normal means and organising such data streams and finding new ways not just to find the guilty, but to decrease the list by excluding the innocent is growing in complexity on a nearly daily basis. And that is before the cyber mess is added to the cauldron of nutrition. There is at least a small upside, as the technology stream will soon be more and more about non-repudiation, there will be additional sources of information that adds the branches by pruning the list of people of interest. The extent of pruning is not a given and time will tell how this is resolved.

It all affects the evidence that the parties hold and how it is applied, it remains a matter of time and the proper application of intelligence.

 

Leave a comment

Filed under Finance, IT, Law, Media, Military, Politics, Science

Where to focus?

This is an issue on the best of days, we are overwhelmed with information, real news, fake news and of course the Direct marketing waves that hit our internet eyes nearly 24:7. The internet is no longer some child, it is a grown adult and adults tend to lack a certain sense of humour, well the adult eyes of the beholder that is. Yet, what matters to us? When we move beyond the job that feeds you, the partner that … you and the family that gives you (usually) strength. When these things are dealt with, what matters next?

The fearful will look at North Korea, on how they are a threat and when we look at the Washington Post, a very respectable paper we see (at https://www.washingtonpost.com/opinions/the-north-korean-nuclear-threat-is-very-real-time-to-start-treating-it-that-way/2017/05/18/d60cbeec-39a4-11e7-8854-21f359183e8c_story.html) on how the threat is real. Even as we saw two failed launches, and in addition, we have yet to see anything from North Korea to get any missile that far (reaching the US), that an opinion piece states: “Stephen Rademaker, a principal with the Podesta Group, was an assistant secretary of state responsible for arms control and nonproliferation from 2002 to 2006“, so here we see the message, yet the core truth is: “The Podesta Group is a lobbying and public affairs firm based in Washington, D.C.. It was founded in 1988 by brothers John Podesta and Tony Podesta, it can be found at 1001 G Street, NW Suite 1000 W Washington, DC 20001“. Basically it is a marketing firm working a very niche market. Don’t get me wrong. I am not ‘attacking’ them, I would accept a position in such a firm any day of the week. Whether we call them marketeers, government strategy councillors or even diplomatic assistants, they are professionals and I do love working with professionals, especially in an environment I am not fully comprehensive of. You see, when you are out of your waters, most people tend to get to be a little apprehensive. Not me, it invigorates me, whether it is working as a document carrier for Faisal bin Abdullah, or Salman bin Abdulaziz Al Saud, doing work for google (which has been one of the most mentally intoxicating and invigorating environments ever) or merely finding new data solutions, working through data and solving the puzzle I see. So is North Korea a real threat or a perceived one? The safe bet is too see them as a real threat as they have access to Uraninite. You see, the world tends to be a little more complex than that. Having the stuff is not enough, getting the delivery method working correctly is an entirely different matter. It can be by having people from Pyongyang masked as South Koreans attending international universities in science and engineering would be a first, which is not that far a stretch. I literally (by accident) I told this Korean student “Does your family still have that bar in Pyongyang?“, he turned pale and said ‘How did you know that?‘, which was not the response I was going for, but OK, such is life, full of surprises. So as you ponder this, wonder on how China has little or no worry. If North Korea ever actually launches a missile towards America, do you think that the President of the USA would not instantly retaliate (especially the current one), what happens to places like Shenyang (in China), also consider whatever hits the water will make fishing no longer an option for decades, Japan learned that the hard way, so there you have it. In addition, we have seen the North Korea military look at systems like they were magical and those were computers the current European generation laughs at. That can be corroborated by the press as they were on a North Korean press tour a little over a year ago. The ‘minders‘ of those groups had NEVER seen a smart phone. I think that North Korea talks a lot, but for now has no real byte. Now the last part of that the Podesta group is a professional organisation. So was it merely an opinion piece or was the article their business, business they charge for? I will leave you with that thought.

The older American would look at the danger of pensions, which we also see in the Washington Post (athttps://www.washingtonpost.com/news/powerpost/wp/2017/05/18/trumps-budget-calls-for-hits-on-federal-employee-retirement-programs), the article ‘Trump’s budget calls for hits on federal employee retirement programs‘ describes on how it impacts. The article is a really good read and gives me the feeling that US retirement plans are an awful mess, with the additional danger that they seem to be running dry slightly too soon, which is what you get with a 20 trillion-dollar debt I reckon. The quote “A preliminary budget document released in March called for a domestic discretionary budget decrease of $54 billion, with an equal increase for defense, homeland security and veterans. Nineteen 19 small agencies would be eliminated, along with their workforces“, the additional “Increasing the FERS employee contribution would result in the average federal employee losing nearly $5,000 per year in take home pay, that’s per year after the phase-in is finished, he estimated. “Phasing this outrageous pension cut in over several years does not make it any more palatable. If this change is made, federal employees will no longer have a secure retirement. Period.”” is even more food for thought. The one equaliser in American business has for the longest time been that those people had a secure retirement, when this is off the table the one part of quiet governmental officials was that there was a long term benefit, with that off the table the environment in government positions will change. Now, we might think that this is not a bad thing, but it will result in chaos, and when we have seen and known that the American infrastructure has no real way to deal with chaos in its ranks, we will see different whirly waves of discontent, a few will leave marks on everyone. So when we read “The budget proposal President Trump plans to unveil Tuesday would give to federal employees with one hand, while taking away with five others” is an interesting one and I reckon that when the full paper is released this coming Tuesday, the US national papers will give it high visibility, because the United States federal civil service has a total of around 3 million people, which is 1% of the US population, making it decently important to cater to them. Perhaps those trying to sell the change might have been better off talking to the Podesta group first?

For me, the news was not in a newspaper. It was found in Digital health article. It re-iterated the issue of ‘urgent change‘ I voiced in my blog yesterday. In there I showed the NHS digital part regarding the endgadget quote “NHS digital had notified staff on patches” which would have diminished the Cyber attack gives us two sides. One, would there have been diminished damage, because that would suffice as evidence. Yet in Digital health we see: “a small team of developers is recommending the health service reduce its reliance on Microsoft“, which is overall not a bad idea, yet the NHS is too big to just make a shift in policy like that. I would be in favour of a shift towards something a lot safer like Linux, but that requires expertise. Another option is to rely on an android option where the NHS is all about apps, equally optional, but it will require massive amounts of resources on programmers, testers, upgraders and cyber monitoring. All these options require a drastic shift in IT operations. When we accept that in too many places there is no minding the NHS IT store (by not patching) the dangers will increase. As I quoted: “It is also my personal belief that in many cases the person claiming ‘urgent action is needed’ is also the person who wants the ‘victim’ to jump the shark so that they can coin in as large a way as possible“, which is what we see right here in the article. Now consider the quote: “To demonstrate that there is a licence-free alternative, GP Marcus Baw and technologist Rob Dyke have adapted the open source Linux-based Ubuntu operating system specifically for the NHS. They call it NHSbuntu“. So why not just use the foundation called Ubuntu? I cannot judge the intent (noble or not), but consider that technologist Rob Dyke has to pay for rent and so much, where is his interest? Do not get me wrong, we should not just dismiss any idea that might work, yet will it? You see any IT environment needs oversight and maintenance. The NHS is in no position to make such drastic changes as it is short on basic needs (nurses and doctors), I do agree that the IT needs to be addressed, yet two Labour governments wasted the IT budget of close to 10 years, lets leave it alone until we can actually address solutions. In this, one additional quote from Beta News. they give us “The report reveals that 12.8 percent of non-Microsoft programs were un-patched in the first quarter of this year“. If patching is so important, and it is, why give voice to 12.8% of additional risk? As stated, I am no Microsoft fan, but it does work in the current NHS environment and if we believe NHS Digital and the trusts do actually patch their stuff, the danger would have been a lot lower. As the evidence is at present, this issue would have been addressed by mere policy and replacing those not adhering to it might be the cheapest and best solution. In all this IT News gives us one more part, the fact that Microsoft is actually releasing a patch for operating systems that are no longer supported is also evidence. I do not see it as merely “to protect the company’s customer ecosystem“, which is a decent answer if you believe that. You see they could have merely told the customers to freely upgrade to Windows 10. I believe that, as they state it “to protect users against NSA-derived ransomware“. I believe that someone has evidence on a Microsoft-NSA cooperation in the beginning of the data snooping age and somehow the makers of the Ransomware (less and less likely to be North Korean) got access to the information needed. I reckon that anyone upgrading will be removing the digital evidence on their computers of that event. If you doubt me, consider the quote in that same article “Current versions of WannaCrypt use two exploits leaked by the ShadowBrokers hackers, who gained access to systems at The Equation Group, which is linked to the United States NSA, last year“, if that is true, how did North Korea get this? If they are good enough to be allegedly part of the NSA (source: Kaspersky), how come that the bulk of the cyber intelligence world has no knowledge of North Korea being such a threat against a player like that? It does not matter how it got out. Whether it was a disgruntled ex-employee. Some hacker that got sucked and suckered by a honey trap, there are enough options nowadays. The reality is that somehow the intel got out. It is being addressed and fixed. It does not make the issue go away, it merely tells us that remaining up to date and properly patched was the way to go. Urgently addressing does apply to systems being reasonable up to date, which does mean that there are costs, pushing yourself away from Microsoft (not the worst idea) comes with a cost, one that the NHS cannot afford, no matter how ambitious it seems and they got plenty of that, especially with non working systems. So, lets not make that error twice!

So when you wonder where you need to focus, I am merely suggesting that when your private house is in order, consider playing a video game or watch a nice blu-ray. It seems to me that a balanced life is the most important thing you can arrange for yourself, let the circus play its game and decide not to watch every show they offer, in the end it could just be merely Direct Marketing.

Get what you actually need, not what others state you need!

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics, Science

Fraud, deception or Ignorance in IT Safety?

Fraud, deception or Ignorance in IT Safety?
Again it was the Dutch NOS last night that gave me the idea of reflection on today’s blog. Their newscast and articles on NOS.nl is all about cybercrime. The news was that last year (October 2012), cyber criminals using the botnet Citadel was able to acquire over 750 GB of data. The data is coming from computers involving the Energy industry, Media corporations, Hospitals, Universities and airlines. The data seems to have gone to eastern European cyber criminals. Over 150.000 computers infected in the Netherlands alone.
Watching it, you could see login details, passwords, network layouts, detailed notes from a doctor and the medication prescribed. The amount of information was staggering! I looked a little further into this botnet. Its name is Citadel. It seems to be an ingenious piece of work. This is something the NSA, GCHQ or the FSB and several other Boy Scout units of a governmental type. When looking at the info, there was an implied strength that it could go passed and ignores many anti-virus systems. When looking at my own provider, there was an interesting lack of information regarding this botnet.
So we are looking at a three edged sword.
Are anti-viral protectors committing fraud? When looking at a Norton protection plan, and I see the green ‘Secure’ sign. Am I really secured? Tracy Kitten from Bankinfo security wrote: “Segura notes that hackers claim PCs relying on anti-virus solutions from Microsoft Security Essentials, McAfee, and Norton were infected. ‘That’s kind of worrisome,’ he says. ” So, am I paying for security I am not receiving?
It seems that this secure statement is also a case of deception. My Norton anti-virus states a secure setting, yet, citadel was initially designed to collect bank information for cyber criminals. From the two facts earlier, I must also conclude that the banks have been insincere to me on more than one occasion (big surprise I know). They claim safety and security, whilst 150.000 computers in the Netherlands seem to prove the opposite. Especially considering that banks have been trimming down on staff because much more goes on-line, yet there is no clear information that the cyber divisions of the financial industry is making any kind of strong progress. The BBC stated on Oct 10, 2012, that GBP 341 million was acquired through card fraud in 2011. The events involving Citadel imply that the losses in 2011 are not likely to go down any day soon.
Last is about Ignorance. That would be you the reader and me. These anti-viral dealers leave us with a false sense of security while we are charged $70-$100 a year, whilst it lowers intrusions, but not remove the threat. I must confess that we are all likely a lot safer with then without anti-viral protection. So stopping anti-virus protection is the worst of ideas.
I feel slightly safer as I have always refused any kind of on-line banking option. From the 90’s I knew that their X-25 protocols had several weak spots, which is now getting me to the last part of this.
If Windows is so weak, volatile and easily transgressed upon, then the dozens of security updates seem little more than a smoke screen. I reckon a lot of us should seriously consider moving to another system like Linux. Linux has proven to be a very secure system. We used to consider Apple to be very secure as it was a Unix based system, which has all matters of security or a much higher level than Windows ever had. However, that it is now an INTEL based system with Microsoft attachments makes me wonder if it remained that secure.
What is my issue with this all is that Yesterday’s news on Citadel was known with the Dutch cyber security for months, and little was done, the newscast even mentioned that many had not been alerted to this danger. I reckon that IF there is truth on transgression on ‘secured’ systems, we need to consider the dangers of connected networks. This likely endangered the infrastructure, and it definitely endangered personal information of millions. With that state of mind, how should we see the security of corporate and personal systems in the UK, US and Australia?
Consider that the implied ignoring of Cyber security is mentioned (but unproven as far as the validity of sources go). Yet, when I seek places like Norton, I get no answer (connection was reset). If we can believe people like Tracy Kitten then the financial sector that relies on massive internet presence, we are in serious trouble. On the other side is the opinion showing on the NOS site by Professor Michel van Eeten from the TU Delft. It is not really created to a directed attack. He compared it to a buck shot into the internet. It was designed to acquire login, passwords and bank details.
My issue is the fact that 150.000 systems were infected! The one flaw in the NOS newscast is the absence of the cyber safety factor. Whether Common Cyber Security was used by those infected. If so, then why are these questions not openly directed at the makers of Norton Anti-Virus, McAfee, Kaspersky and a league of other Cyber Safety providers?

2 Comments

Filed under IT