About Me

Brian Contos

Brian Contos
Senior Director & Customer Security Strategist Brian Contos, CISSP, is senior director of emerging ...

Read More

Enterprise Blogs

Feeds & Podcasts

Meet the Bloggers

Archive

Tags

#McAfeeFOCUS, #MFETrivia, #SecChat, #SecurityLegos, 12 Scams of Christmas, 2012, 2012 Security Predictions, Acquisition, Advanced Persistent Threat, Android, android antivirus, Android Malware, Android security, android security app, anti-phishing, anti-theft, anti-virus, antivirus, APIs, App Alert, Apple, application blacklisting, application developers, application security, app protection, apps, app safety, ATM scams, attacks, authentication, automotive, Bad Apps, balanced scorecard, best practices, Big Data, big security data, BlackBerry, Blackhat, Black Hat, black hat hackers, botnet, Brazil, breach, Business IT, car hacking, certification, Change Control, China, CISO Executive Summit, Citrix, class action lawsuit, cloud, Cloud city, Cloud computing, Cloud Expo, cloud security, Cofer Black, collaboration, Compliance, Conficker, consolidation, Consumer, consumerization, consumerization of IT, Content Protection, counter identity theft, credit card fraud and protection, credit card skimming, critical infrastructure, CSP, cyber attack, Cybercrime, cyberespionage, Cyber Insurance, Cyber Intelligence Sharing and Protection Act of 2011, cyber security, cybersecurity, cyber security awareness, Cyber Security Mom, cyber threat, cyberthreats, data, database activity monitoring, database security, data breach, Datacenter, data center, data center security, Data Classification, data loss, Data Loss Prevention, Data Protection, Data Protection Act, Dave DeWalt, Dave Marcus, dedicated security appliances, Deep Command, Deep Defender, DeepSAFE, DefCon, DefCon Kids, Department of Commerce, device, Device Control, devices, dewalt, DLP, Dmitri Alperovitch, easter, Ecuador, Eelectric Vehicle, Email & Web Security, Email & Web Security, email security, embedded, embedded devices, Embedded Security, Emerging Markets, Emerging Market Security, EMM, encryption, Endpoint Protection, Endpoint Security, enterprise, enterprise mobility, enterprise resource planning, enterprise scurity, enterprise security, epayment, epo, ePO Deep Command, ePolicy Orchestrator, ERP, ESM, espionage, EV, exploit, exploits, facebook, Facial recongnition, Family Safety, FDCC, file sharing, Financial Security, firewall, FISMA, Fixed Function Devices, Focus, Focus11, FOCUS 2011, forrester, Foundstone, Friday Security Highlights, Garter, Gartner, Gartner Security and Risk Management Summit, George Kurtz, Global Cybersecurity, Global SecurityAlliance Partner Summit, global threat intelligence, google, government, GTI, Hackers, hacking, Hacking Exposed, Hacktivism, HB1140, Healthcare, Heuristics, HIPAA, host intrusion prevention, Host IPS, HV, Hybrid Vehicle, ICS, IDC, identify potential cyber-threats, identity protection, identity theft, IDF 2011, Incident Response, Information leak, Information Protection, Information Security, Information Warfare, Insider Threats, Integrity, Integrity Control, intel, intellectual property, Internet Explorer, internet security, Interop, IntruShield, In vehicle Infotainment, IP, iphone, IPS, IT, IT Security, japan earthquake safe donation, japan earthquake scams, kurtz, labs, laptops, Larry Ponemon, law, legal, legal risk, linkedin, live-tweeting, lizamoon, Lockheed Martin, mac, Mac OS X, malware, Malware research, managed security services, Management, Mariposa, mass sql injection, mastercard, Maturity Model, McAfee, McAfee Application Control, McAfee Cloud Security Platform, McAfee Data Loss Prevention, Mcafee DLP, McAfee Email Gateway 7.0, McAfee Enterprise Mobility Management, McAfee ePO, McAfee ePolicy Orchestrator, McAfee Firewall Enterprise, McAfee FOCUS, McAfee FOCUS 2011, McAfee Identity Protection, McAfee Labs, McAfee Mobile Security, McAfee MOVE AV, McAfee Network Security Platform, McAfee NSP, McAfee Policy Auditor, McAfee Risk Advisor, McAfee Security Journal, McAfee Security Management, McAfee Security Webinars, McAfee SiteAdvisor, McAfee Vulnerability Manager, McAfee Vulnerability Manager for Databases, mcafee wavesecure, Microsoft, Microsoft Security Bulletin, Mid-Market, Mobile, mobile antivirus, mobile app, mobile data communications, mobile device, mobile devices, mobile devices and security threats, mobile malware, mobile phone spyware, mobile security, mobile security app, mobile smartphone security, mobiles security, mom, MS12-020, MySQL, NACACS, near field communication, Network Perimeter Security, Network Security, Network Security; Email & Web Security; Security-as-a-Service, network security server security, new year resolution, next-gen IPS, Next Generation IPS, NFC, Night Dragon, NIST, NitroSecurity, NitroView, OMB, online banking, Open Source, operational risk, Operation Aurora, Optimized, outages, OWASP, passwords, password security, patch, Patch Tuesday, Patmos, PCI, PCI Compliance, PCI DSS, Peer to Peer file sharing, perception, personal information over mobile phones, phishing, PII, Ponemon Institute, PostScript, Potentially unwanted program, power grid, power loss, Pre-detection, Pre-Installed Malware, Printers, privacy, protection, Public-Private partnerships, Public Sector, pup, QR codes, reference architecture, regulations, reporting, reputational risk, retail, risk, Risk Advisor, Risk and Compliance, Risk Management, ROI, Rookits, Rootkits, RSA, RSA 2012, SaaS, SaaS security solutions, safe searching, Saviynt Access Manager, SCADA, scam, SCAP, SEC Guidance, SecTor, secure cloud computing, secure container, security, Security-as-a-Service, Security and Defense Agenda, security attacks, security awareness, security breach, security conferences, Security Connected, Security Connected Reference Architecture, Security Influence, security information and event management, security management, security metrics, security optimization, security policy, security threats, Sentrigo acquisition, Shady RAT, SharePoint, shortened URLs, SIA Partners, SIEM, SiteAdvisor, Situational Awareness, Small Business, smartphones, smartphone security, SMB, social business, social media, social networking, social networks, Software-as-a-Service, spam, Spearphishing, sql attacks, SQL Injection, State of Security, stealth attack, stealth crimeware, stealth detection, Steve Jobs, storage, Stuxnet, Support, Symbian, T-Mobile, Tablet, tablets, tablet security, targeted attacks, TCO, technology development, Telecommunications, threat reduction, TJX, TPM, Trusted Computing Module, trustedsource, twitter, Twitter online security, U.S. Cyber Challenge Camps, urchin.js, Vericept DLP, ViaForensics, Virtualization, VIrtual Machines, visa, Vontu DLP, vPro, vulnerability, Vulnerability Manager, vulnerability manager for databases, Web 2.0, Webinar, web protection, web security, Websense DSS, Web services, white hat hackers, Whitelisting, wikileaks, Windows 7, Windows Mobile, Wind River, Xerox, youtube, Zero-Day, zeus
Enterprise : Security Connected :

Friday Security Highlights: Black Hat, DefCon and Operation Shady RAT

Friday, August 12, 2011 at 12:36pm by Brian Contos
Brian Contos

As several of our contributors mentioned in our July #SecChat, the only way to learn is to stay current on the latest trends in cyber security. In honor of those suggestions, this week we are introducing a new segment: Friday Security Highlights. Each Friday, we’ll be wrapping up some of the week’s most talked, tweeted and blogged-about cyber security news and events.

This week’s post begins with a recap from the Black Hat cyber security conference, which kicked off last Wednesday with a patriotic call to action.

“My world of terrorism has gone,” said Cofer Black, reaching out to the thousands of infosec leaders in the audience before him. “Now it’s your turn.”

Black, chief of the CIA’s counterterrorism group during 9/11, raised concerns during his Black Hat keynote about what he called an impending “Code War”. He pointed to Stuxnet, the cyberweapon discovered in July 2010 designed to sabotage the uranium enrichment infrastructure in Iran, and its unique ability to impact real-world infrastructure. Since its discovery, the traditional top three terrorist threats – chemical, bacteriological, radiological – have shifted to KBC: kinetic, bacteriological and cyber.

“I am here to tell you, and you can quote me on this: The Stuxnet attack is the Rubicon of our future,” he said. “Your world, which people thought was college pranks cubed and squared, has now morphed into physical destruction. This is huge.”

Black’s words carried particular weight, as they came the same day that McAfee published a detailed report that uncovered Operation Shady RAT: a hacking group that penetrated 72 companies and organizations in 14 countries, a massive operation that stole national secrets, business plans and other sensitive information. And, like Stuxnet, it appears to be the work of a state actor.

Dmitri Alperovitch, Vice President of Threat Research at McAfee, stated that the goal of making these attacks public was to raise awareness about the scale and impact of cyberespionage, helping people to realize that these sophisticated penetrations are not just a concern for government agencies or defense contractors.

Similarly, Cofer Black discussed the United States’ counterterrorism strategy with an eye towards raising awareness, and for good reason. The former US ambassador for counter-terror was credited with warning the Bush administration about an al Qaeda terrorist attack in August 2001. As he told his audience, while the threat was real, there was a delayed validation from world leaders who lacked the experience and understanding to prepare for such attacks.

“They didn’t understand it. They had no personal experience with it,” he said. “The decision-makers of today are in the same boat [with cyberattacks]. They hear it, but they don’t understand it.”

With this gap in intelligence between threat researchers and decision makers, collaborative, educational events like Black Hat have risen to critical importance across all industries. And as if in fulfillment of this need, a second cyber security conference descended upon Las Vegas last week: Defcon. Dubbed “The event that scares hackers”, Defcon is perhaps the best place on earth to get a healthy dose of security awareness. (An e-mail sent to attendees before the conference advised: “Do not use the ATM machines anywhere near the conference” – most will have already been hacked.)

Considered side by side, the conferences appear to represent two polar opposites of security culture. The difference is literally palpable; as Black Hat attendees button up their collars and iron their slacks, the typical hacker or cracker at Defcon is throwing on a wrinkled black t-shirt, accented tastefully by a head of neon purple hair.

Even Dave Marcus, Director of Security Research at McAfee Labs, couldn’t help but join in on the Defcon fun:

Yet, despite their differences, all of these events, Black Hat, Defcon, and the revelation of Operation Shady RAT, were undertaken for a singular purpose: to promote awareness and unity of action by exposing existing vulnerabilities.

“This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries,” Alperovitch concluded in his blog post detailing the RAT. “The only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing.”

Stay tuned for another wrap up next Friday, and feel free to tweet @McAfeeBusiness with blog posts, tweets, or other insightful commentary for us to include in the next summary.

Bookmark and Share

Tags: , , , , , ,

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

CAPTCHA Image

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (1)

  • Gite December 14, 2011 1:38AM

    Above all, a well written blog post..

    Reply