INFORMATION

Site Map - IT Security

Spot the Bot

- “bot” is a small software program that is often used on Internet Relay Chat (IRC) channels to gather information or interact with human users. Some bots on IRC are used by hackers to control “botnets,” or a series of tens of thousands of compromised computers, according to Know Your Enemy: Tracking Botnets, a paper from The Honeynet Project & Research Alliance.

Quick Bytes: A new NOC.

- The Cyber Incident Detection Data Analysis Center (CIDDAC), a service to share real-time cyberthreat information, recently launched its National Operations Center at the University of Pennsylvania.

Quick Bytes: Grading the graders

- Each year, federal agencies receive “grades” on a computer security report card, issued by the House Government Reform Committee. It’s based largely on each agency’s compliance with the Federal Information Security Management Act (FISMA).

Trouble in the Blogosphere

- The problem with blogs, the threat posed by bots, and a system backup tool.

A new NOC

- The Cyber Incident Detection Data Analysis Center (CIDDAC), a service to share real-time cyberthreat information, recently launched its National Operations Center at the University of Pennsylvania. CIDDAC will collect information about cyberthreats through intrusion-monitoring devices attached to corporate networks of companies that pay the $10,000 annual membership fee. The member companies will get alerts, reports, and “red phone” access to the operations center.@ There’s more about CIDDAC at SM Online.

Grading the graders.

- Each year, federal agencies receive “grades” on a computer security report card, issued by the House Government Reform Committee. It’s based largely on each agency’s compliance with the Federal Information Security Management Act (FISMA). Now, for the first time, the CISOs of those agencies have their chance to grade FISMA. In a survey from Telos Corporation, 60 percent of respondents found FISMA reporting helpful in understanding the state of their department’s IT security, and respondents gave the report card itself a “C” grade.@ The executive summary of Grading the Graders: Examining the True Impact of FISMA is at SM Online.

Forensic Discover

- Forensic Discovery is not for technical novices; readers must have a solid understanding of computer file systems, networking concepts, and computer processes. The authors focus on computer forensics for UNIX (Solaris, FreeBSD, and Linux) computers, with scant information provided about Windows. The authors explain how to obtain reliable digital evidence from running UNIX systems, uncover changes to system utilities and kernel modules, and identify suspicious activity. Sample computer compromises illustrate the concepts.

DEFINING MOMENTS

- Test your knowledge of tech terms. Wireless cards are typically set up to connect to the strongest connection that they detect and are authorized to join. In most cases, that’s just how you want it to work. But if someone sets up a computer as an access point with a strong enough signal and gives it a name that sounds like a real network, nearby computers may automatically connect to it and use it to access the Internet. If that happens, it’s possible that sensitive data can be captured by this imposter without the knowledge of the victim. What is this predatory access point called? Hint: Think of a doppelgänger who doesn’t have such a nice personality. Answer: Evil twin

Quick Bytes: Five steps to cybersecurity

- In a new paper, the Business Software Alliance calls on lawmakers to take five steps to deter cybercrime: Ratify the Council of Europe’s Convention on Cybercrime; improve cross-jurisdictional cooperation to make investigating cyberattacks in other countries easier; ensure that law enforcement has the proper tools and training to fight online lawlessness; create a presidential commission on organized cybercrime and identity theft that will make recommendations for raising awareness of, and fighting, these problems; and increase enforcement by setting up an inter-agency organized task force to fight phishing, spam, spyware, and other online threats.

Worth a Look.

- To make the network secure, it was necessary to log onto the router’s Web-based user interface. I first customized the wireless network’s name (this name is known as the SSID) to something that would be easily recognizable to me in case multiple wireless networks are available. By default the SSID is visible to any computer scanning for a wireless network to attach to. That doesn’t mean they can necessarily attach to it, but turning this off—accomplished by removing a check mark—makes the network invisible.

Digging Up the Dirt on Pharming.

- The dirt on pharming, solving Internet annoyances, the latest in wireless routers, a study of insider attacks, and more.

Five steps to cybersecurity

- In a new paper, the Business Software Alliance calls on lawmakers to take five steps to deter cybercrime: Ratify the Council of Europe’s Convention on Cybercrime; improve cross-jurisdictional cooperation to make investigating cyberattacks in other countries easier; ensure that law enforcement has the proper tools and training to fight online lawlessness; create a presidential commission on organized cybercrime and identity theft that will make recommendations for raising awareness of, and fighting, these problems; and increase enforcement by setting up an inter-agency organized task force to fight phishing, spam, spyware, and other online threats.@ Securing Cyberspace in the 21st Century is available via SM Online.

When Insiders Attack.

- A study based on interviews with insiders who had been apprehended after attacks on company networks found that systems were vulnerable to the simplest exploits. The study is called Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.