As I’m surfing blogs and other security related Websites these days, I’m seeing a lot of good advice on how people can protect themselves from hackers. Everyone advises people to use anti-virus/spyware software, use a firewall, update everything as required, and to be careful when opening email and browsing Websites. There is also good advice about what to do in the event someone gets hit with malware that makes its presence know by causing all types of errant computer behavior. But what many bloggers and Websites don’t seem to be writing about, are hackers that can circumvent these and other types of security measures, including network intrusion detection systems.
“We are experiencing damaging penetrations — damaging in the sense of loss of information. And we don’t fully understand our vulnerabilities,” [ James ] Miller said.
The above is a quote posted in an article up on Reuters by Dr. James N. Miller, Principal Deputy Under Secretary of Defense for Policy, during a forum on Cyber Warfare hosted by Ogilvy Exchange. In the Government Computer News article about the forum, it quotes him as saying,
“The cyber threat has outpaced our ability to defend against it,” he said. “We still are learning” the extent of our dependency on these networks and the scope of the threats against them. “We still see significant gaps and vulnerabilities. We don’t fully understand them, but we’re learning.”
Who, exactly, are the “we” that he is referring too? There are many within the U.S. government and the Department of Defense that know exactly where they are vulnerable, why they are vulnerable, the real threat associated with the millions of probes/scans he refers to in the article, and what can be done to improve the security posture of networks and computers. They have known about these things for many years.
One of the reasons why hacking continues to be a problem, is because a lot of people don’t understand computer security, or how what they do puts themselves or an organization at risk for compromise. If you know people like this – friends, relatives, co-workers, acquaintances or customers, you may want to let them know about my book, OWNED: Why hacking continues to be a problem. The book is a quick read and will teach them everything they need to know about computer security and hacking. After reading the book, you’ll notice a big difference in their knowledge and attitude about security. They can preview the first 18 pages of the book for free without having to register or sign up for anything. The book is only $9.99 (US) and comes in many formats, including Kindle (.mobi), Epub, Palm Doc (PDB) and LRF (Sony Reader). Even if they don’t have an ebook reader, they can continue to read the book online in HTML or download the PDF version.
Here are the links:
The U.S. National Security Council has an interesting document up on the White House Website about the The Comprehensive National Cybersecurity Initiative (CNCI). It’s certainly an impressive plan for addressing many of the cybersecurity issues facing the U.S. government, but is it a plan that the government can successfully implement?
The government hasn’t won the war on drugs, addressed the nationwide education problem, or many of the other major issues facing the U.S. So how can the government possibly think it can solve the country’s computer security problems? While some say that something is better than nothing, is “better than nothing” really going to make a difference?
If your network administrator/security guy implemented more than just the basic security for your network, you’ve got a Network Intrusion Detection System (NIDS) connected to your network. A NIDS inspects network packets looking for indications of hostile activity, such as exploit attempts, malicious email, port scanning, and protocols associated with specific Trojans. When implementing a NIDS, there are several different options for connecting it to the network. A common option is to mirror one or more ports on a network switch to send a copy of each packet to the NIDS. This can be accomplished in several different ways:
VMware Player is a free product from VMWare that allows you to run many different operating systems in a virtual environment on your computer. It’s like having another separate computer in your computer . There are a number of reasons why you should be using it:
- You have an environment to install trial software without polluting your regular environment. This means you can also try newer versions of software you already have on your computer without messing up the current version.
- Read more…
The U.S. Defense Information Systems Agency’s (DISA) Information Assurance training Website is open to those outside of the .mil domain. This means that you (and your staff) can get important security awareness training absolutely free, courtesy of the U.S. government. These multimedia presentations cover the basics that every business person need to know about computer security. Topics include:
- DoD Information Assurance Training
- Federal Information System Security Awareness
- Personal Electronic Devices / Removable Storage Media
- Personal Identifiable Information (PII)
- Phishing Awareness
If your company doesn’t have a computer security awareness training program in place, these are perfect. Just have your staff watch these presentations and sign an acknowledgment form confirming that they’ve watched all of them. You may want to decide which of the first two presentations is most appropriate for your organization. Even though one is targeted for DoD personnel, there is certain information you may want your staff to know. Make sure that every new staff member watches these presentations and you’ll be all set!
To make it less painful for your staff to go through the training, you may want to spread it out over several days or weeks. Don’t forget to have everyone review them annually. People have a tendency of “forgetting” little details over time, so it’s a good idea to fresh their memory.