Wednesday, December 24, 2014

Times change

A change process is the transformation suffered by a previous state into a new state. Until 1990, science understood change as an exception between two stages of stability. With the social and technological developments in the past two decades, change became a constant, something permanent in our lives, something we must adapt to and learn to cope with.


In fact, one the most traditional companies in terms of change management, which is Apple, has been forced to launch an automatic update for the first time in its desktop OS X history. This security update patches a serious flaw on the NTP protocol that could allow an attacker to remotely control any vulnerable device. Moreover it became mandatory for the first time, asking the system to auto-run it as soon as it connects to the Internet.

Some changes are so drastic. Stuxnet changed the paradigm about critical infrastructures security. This malware able to slow down up to fifty years the nuclear race of a country has been messing around since 2010. As an example of this, some people point to the cyberattack recently suffered by the German metallurgy, which is comprehensively detailed on the annual report of the German Federal Office for Information Security (BSI). The campaign began like many others, by phishing attacks aimed at workers, so the attackers can reach critical control metallurgy systems and alter the operation of the furnaces.

Even the Spanish government has proposed some changes aimed at regulating the work of security auditor as criminal behavior. Such amendments are probably written by experts in law who are unaware of the importance of this group of professionals, not only for the security of our data, but also for the nation itself.

To put an end to this article we’ll tell you a one last change regarding the recent attack to Sony by a group of cybercriminals. There are too many questions blowing in the air. Why US defends a Japanese company at such level? Is there actual evidence to blame North Korea for such attack? Which one? What about the movie? And above all, what is different about this attack compared to the several ones that we have experienced in recent years?

Merry Christmas!

0 comments:

Post a Comment