Island Hopping Explained | TechSNAP 149

Island Hopping Explained | TechSNAP 149

A disastrous fire strikes a major data player, and then we explain Island Hopping, and how attackers use it to exploit a network.

Then it’s a great batch of your questions, a rockin round up, and much much more.

Thanks to:


GoDaddy


Ting

Direct Download:

HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

Fire Destroys Iron Mountain Data Warehouse in Buenos Aires

  • Although it’s unclear how the fire started, it spread quickly and took hours to control.
  • Nine first-responders were killed during the blaze, while two are missing, and seven others are reported injured.
  • By the time the fire was put out, the building “appeared to be ruined” according to news reports.
  • Among the data stored there were several archives containing corporate and central bank records, a potentially huge loss that could have some surprisingly far reaching consequences.
  • Just last month, for instance, the United States Supreme Court decided to hear a case on whether creditors could seek historic bank records from Argentina regarding the country’s default in 2001. Whether or not such files have now been destroyed is unknown.
  • The Buenos Aires facility apparently was supposed to have had a team of private firefighters at the facility. That’s in addition to the sprinkler systems, and automatic containment mechanisms designed to stop fires from spreading through the building.
  • According to local reports, it appears that the storage facility this occurred at was primarily used to store physical, paper records, not digital data. Iron Mountain has yet to release any further statements on the issue, so it’s unclear if there are any digital copies of these records. There is no mention of backup copies however in either Iron Mountain’s original press release, or in any of the statement’s from Argentine officials.
  • Even with paper records (or maybe especially?), it is important to have backups, stored off-site

What happens with digital rights management in the real world?

  • This article attempts to skip over the usual arguments about DRM, Copyright vs Fair Use, Morality, etc.
  • Instead it focuses on what has actually happened with DRM in the real world
  • The only reason most DRM works at all, is the legal protection it gets from the Government
  • DRM is fundamentally technically flawed, as it relies on encrypting the valuable data, but having to give the keys to decrypt it to the attacker
  • “A good analogue to this is inkjet cartridges. Printer companies make a lot more money when you buy your ink from them, because they can mark it up like crazy. So they do a bunch of stuff to stop you from refilling your cartridges and putting them in your printer. Nevertheless, you can easily and legally buy cheap, refilled and third-party cartridges for your printer. “
  • This is no so with DRM, because it enjoys legal protections in the form of laws like the DMCA which make breaking DRM, even without committing any copyright infringement, illegal
  • “Here\’s another thing about security: it’s a process, not a product (hat tip to Bruce Schneier!)”
  • “Here is where DRM and your security work at cross-purposes. The DMCA\’s injunction against publishing weaknesses in DRM means that its vulnerabilities remain unpatched for longer than in comparable systems that are not covered by the DMCA. That means that any system with DRM will on average be more dangerous for its users than one without DRM.“
  • “However, various large and respected security organisations say they knew about the Sony Rootkit months before the disclosure, but did not publish because they feared punishment under the DMCA”
  • “But there can be no real security in a world where it is illegal to tell people when the computers in their lives are putting them in danger. In other words, there can be no real security in a world where the DMCA and its global cousins are still intact.”
  • “You see, contrary to what the judge in Reimerdes said in 2000, this has nothing to do with whether information is free or not – it\’s all about whether people are free.”

Defense Contractors Say They Remain Vulnerable To Cyber-Attack

  • The ThreatTrack Security defense contractor survey focused on a unique population of IT managers and staffers responsible for securing networks for organizations fulfilling U.S. government defense contracts.
  • One quarter of those polled work for organizations with IT security budgets of $1 million to $10 million, and another 23% for organizations with budgets exceeding $10 million
  • 88% believe “the government provides adequate guidance and support to contractors to ensure sensitive data is secure and protected against cyber-attacks.”
  • Despite the high level of confidence regarding the government’s security guidance, almost two-thirds (62%) of IT managers polled worry that their companies are vulnerable to targeted malware attacks.
  • The survey uncovered sharp differences in security attitudes and practices between defense contractors and the overall enterprise community.
  • For instance, senior leaders within defense contractors far less frequently engage in risky behavior, such as opening phishing emails, lending work computers to family members or using company-owned PCs to visit pornographic websites harboring malware.
  • And though their level of anxiety over vulnerability to cybercrimes isn’t too different – 62%
    among contractors and 68.5% in the enterprise – their reasons differ.
    Enterprise executives said they fear they lack adequate protection (based on a June 2013 ThreatTrack Security survey), while contractors worry more about the frequency and complexity of malware attacks.
  • The survey also found contractors take more precautions against cyber-attacks than their general enterprise counterparts, which is a positive discovery considering the nature of their work.
  • Asked about the most difficult aspects of defending their organizations from advanced malware, 61% of respondents cited the volume of attacks and 59% pointed to malware complexity. The number of people concerned about other aspects drops dramatically, with
    34% blaming the ineffectiveness of anti-malware tools and 29% saying they don’t have enough budget for the right tools.
  • Also notable: More than a quarter of respondents (26%) said their staffs don’t have enough highly skilled IT security experts, including malware analysts.
  • Based on the survey’s findings, the Snowden affair has had a profound impact on how defense contractors hire and train employees who handle sensitive information. Snowden’s leaks have caused contractors to restrict IT administrative rights and be more alert to any potential misbehavior by employees regarding data access.
  • 55% of respondents said employees now get more cybersecurity-awareness training, 52% said they have reviewed and/or re-evaluated employee data-access privileges, and 47% said they are on higher alert for “potential misbehavior or anomalous network activity.”
  • In addition, 41% said they have implemented stricter hiring practices, and 39% have curtailed
    IT administrative rights. Respondents who said nothing has changed were in the minority, though they still amounted to nearly one quarter (23%) of participants.

Feedback:

Join us LIVE on Sunday for LAS 300 10am Pacific / 1pm Eastern / 6pm UTC


Round Up:

Question? Comments? Contact us here!