Friday, September 19, 2014

Honey of the Internet

“The only way to be sure of winning a war is to prevent it.” This quote is attributed to the American military and politician George Marshall, Nobel Peace Prize winner and author of the famous Plan that bears his name. We take this principle as a guide for this post, and hopefully as a fundamental principle to be applied henceforth in the digital world.

Home Depot, the largest chain of DIY stores in America, suffered a malware attack last week that put in danger the electronic wallets of 56 million customers. Today, such malware has been removed from all its systems, and it’s time to make a recap of the event. This malware was specifically created for Home Depot, bypassing all the company’s security systems and remaining active since April this year.

Along with Home Depot, Goodwill, which sells donate clothing and household items in 3,000 stores, discovered a security breach on its payment system. Neither Goodwill, nor its payment service vendor, C&K Systems, realized the problem until 18 months after! Cyber criminals could have taken advantage of these 18 months to compromise the security of at least two other organizations.

These are two more examples of the fierce war being waged in the third environment. Such environment is shared by companies, distributors and users, affecting all of them equally. Therefore it is not surprising that large companies are securing their services as much as possible as an element to differentiate themselves from the competition and gain new customers.

You witnessed so here on yesterday's article where we told you about Apple’s statement: the customer is not the product, clearly alluding to its main competitor, Google. Nonetheless today we got Google's response, reporting that Android L will encrypt user data by default. Two strategies aimed to protect privacy, and also allow to technically avoid personal information requests from government intelligence agencies.

Protecting your users/customers as well as your infrastructure. Is your company prepared for a phishing attack? On his blog, Chema Alonso recounts a phishing attack simulation performed by his company for its workers, noting that although a minority, it still affected a significant percentage of them, which endangers all computer system accessible by the victim.

What about APTs and other malware aimed at gaining control of your servers? To perform this kind of simulations the best way to do it is by creating decoys, called honeypots in computer jargon. Encapsulated in a sandbox that prevents the spread of attack to real systems, they attract prying eyes of innocent users and allow you to monitor the attack vectors and techniques used.

We made an extensive tour just the opposite way we should address computer security. Firstly you must impose active and passive defense measures, train your workers, implement security systems for your customers and, if your defenses are still violated, warn and eliminate hazard ASAP.


Post a Comment