Monday, July 21, 2014

Day by day little victories

Victory and defeat have in common that neither is forever. Portuguese author José Saramago sentenced in other words: "The defeat has something positive: it is never definitive. However, victory has something negative: it is never definitive." If in addition the adversary to be defeated (or that has been defeated) constantly changes shape, we can be sure that war can never end.

U.S. claims they have beaten Cryptolocker, the "cryptographic kidnapping software" responsible for the biggest headaches of recent times, and lethal to any user either particular or belonging to a large corporation. Rather, the victory has been against Gameover Zeus botnet, which was chosen for its massive distribution. So said the Justice Department on Friday, and quickly security experts have already clarified that this victory can not be definitive, as they have detected new malware samples flowing through the same botnet.

While the police of half the world seek to hunt the bad, the rebellious elements are engaged in "watch the watchers". Edward Snowden has asked developers worldwide to program anti-anonymity software, so that a network of developers can be created to stay ahead companies and governments development. Two Snowden's sentences are revealing. The first one: "Generally I say [we need] encryption, encryption, encryption... but when we talk about how we fix the stuff for the futuro... association is often the problem". The second one: "How governments discover their adversaries uses the same techniques they use to discover spies [and] journalists."

Saramago is quoted at the beginning of these lines, and its "Blindness" and "Seeing" novels could well apply to the techniques of some companies to make their employees "see the light" on the issue of security: just playing. The company Salesforce claims that after this training, participants halved the ability to click on a phishing e-mail, and eight out of ten would have greater ability to distinguish, and report them.

News like these are the day-to-day Information Security. Since this blog is a space to collect the most important or urgent news, it is almost obligatory to mention "brother media" (and yes, more experienced) performing similar work to our weekend "Top 5" collection. We speak of the "Week in review" from Net Security and "Informe Flu" from Flu Project.

Indeed, and as we go back to last week, let's remember that mostly when there is a tragedy, there are people looking to take advantage. So does with the unfortunate incident of Malaysian Airlines: TrendMicro has detected a Twitter spam campaign on this issue. And also last week we get one of the most shocking headlines of the summer: Microsoft's proposal for "easy" passwords depending on what account we use. One issue that the Director of Product Management in TripWire, Tim Erlin, wanted to deepen in the blog of the company.

No victory is final. Neither is any defeat. But in our hands is to be not a frequent victim; and if so, to find recover as quickly as possible. Your votes, your comments and your social media syndication (on the right you will find the links) are a bit more for those little daily victories in Security.


Post a Comment