Cyber Arms Intelligence Report for October 11th

I have always been concerned with small businesses being protected against modern threats. With the majority of my experience supporting small businesses, I have seen first-hand how devastating malware attacks can be.

If a server goes down in a large company that has thousands of servers, it becomes a priority call to the Data Center to get it back up. Many corporate Data Centers have a time limit to get systems back up and running. A standard policy might be to respond within the hour, and the server has to be back up in four. It is an inconvenience, but not always a really big deal.

If a server in a small business goes down that has a grand total of one or two servers, it could be detrimental to the business. The same is true if confidential or proprietary information gets siphoned from a small business by a botnet or other type of malware.

Small businesses also do not have large IT support centers to install updates and patches. Many times IT support is one or two people who have other jobs to perform in addition to running the servers.

Small businesses are victims of cyber-crime, and sometimes are critical to US infrastructure. According to a recent Fox Small Business Center article, Symantec found in an earlier survey that 60% to 80% of security issues could be resolved by a patch released six months or more ago, and also that 80% to 85% of critical infrastructure is in the private sector and a good portion of it is small businesses.

Small businesses need to become more aware of current security threats. In most small businesses the whole system defense scheme centers around firewalls and anti-virus. Most modern threats easily bypass firewalls and anti-virus. So, what can small businesses do?

“According to Symantec, the first step is to develop and enforce IT polices. The policies need to be clearly defined and implemented across all locations of a business. That way, threats can be identified and taken care of regardless of what office it happens in.”

And also to make sure that software patches and updates are installed. Zero day exploits, which are previously unidentified software exploits that allow hackers complete remote access to your system, are found constantly. Keeping up with these can be a chore, but is a critical step in protecting your network.

Along with security policies and update patching, I also believe that it is critical for small businesses to have some level of network monitoring installed. A full blown intrusion detection system may be overkill, but just turning logging on in firewalls, routers and network devices may help track down attackers in case the worst happens. 

Other Top Stories from Around the Web:

Inside DHS’ Classified Cyber Coordination Headquarters
The Department of Homeland Security recently brought its classified National Cybersecurity and Communications Integration Center down to an unclassified level for one day only, and InformationWeek Government was there to take photos. * Screenshot of Einstein!

Inside the Pentagon’s cyber war games
Under a constant canopy of low-flying nuclear-capable B-52s, the brand new Cyber-Innovation Center in the shadow of Barksdale Air Force Base in Bossier City, La., provided the perfect setting for the Pentagon’s latest cyber challenge — a public- and private-sector exchange focused on leveraging “the art of the possible” in a cyber war game setting.

Stuxnet ‘a game changer for malware defence’ – EU agency warning
The Stuxnet malware is a game changer for critical information infrastructure protection, an EU security agency has warned. ENISA (European Network and Information Security Agency) warns that a similar attack of malware capable of sabotaging industrial control systems as Stuxnet may occur in future.

Stuxnet Worm Reveals Default Password Vulnerabilities
On the other hand, I have many security concerns which stem from the “default” nature of their configuration. After all, an appliance usually runs on top of a general-purpose operating system combined with commonly available software such as databases. After reading an article which identified the primary attack vector as a default password on a programmable logic controller (PLC), I cringed

Libya Not Taking the Internet Light.LY
Could Muammar al-Qaddafi shut down your website for violating Libya’s religious laws? If your domain name ends in .ly — it appears so. The Libyan government removed the URL-shortening service from the Web for hosting content the country found offensive — in this case, showing bare arms.

Top 10 Ways Parents Can Protect Kids From Cyberbullying
Cyberbullying is particularly scary for parents; it goes beyond simply keeping your kids off certain websites, and it requires a deeper understanding of what’s appropriate — and what to do when the line has been crossed.

Spammers Using SHY Character to Hide Malicious URLs
Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers at Symantec Corp., spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore.

BIOS password cracking
People are bound to forget their passwords, so when you enter a wrong one three times in a row you get a message similar to the one above that locks you out until all power is removed from the system (then you get three more tries). But check out that five-digit number in the picture. That’s a checksum of the password.

Inside Phoenix Exploit’s Kit v2.3
PEK (Phoenix Exploit’s Kit) has become one of the most used by those who flood the Internet every day with different types of malicious code. * Screenshot of PEK! 

Five Famous Hacker Profiles: White and Black Hats
Hackers, like the cowboy heroes in classic Westerns, come with either a white or a black hat. Some wear both, but most can be distinctly classified according to the way they use their abilities: for good or for evil.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.