Skip to content

Research Roundup: More Detail, Less Bono

February 9, 2011
Kapersky's ThreatPost for 2011 Overview.

The anguished cry of information security professionals.

Previously, I reviewed the Davos World Economic Forum Global Risks Report and its coverage of Cyber Security.  Shifting gears from canapés to crullers; reviewing Kapersky’s ThreatPost Security Spotlight Report for 2011, we get far more detail, which is to be expected.  The Wikileaks event plays a prominent role in this report as well.  Basically they confirm my hypothesis that this breach of executive privilege has provided the motivation to address information security concerns.  It has also pushed the concept of data security front and center in the business community. Kapersky also posits that Wikileaks and the issues surrounding Cablegate will continue to reverberate throughout 2011.   Of particular concern would be the ubiquitous availability of mobile devices and the role they may play in another “Wikileaks” event.

The ThreatPost report then covers the issue of the aging infrastructure (IPv4) and the consequences of an avalanche of mobile devices and applications boiling down the mountain-side toward the rickety Internet infrastructure.  How rickety? Well the last two blocks of IPv4 addresses were just handed out; the Internet has until around September 2011 before those are consumed.  So many years now stretch ahead for the transition to IPv6 and the outdated and insecure IPv4 protocol must be supported during that during that time.

The ThreatPost report outlines concerns over the complexity of smartphones, lack of basic email encryption regimens, and the unknown impact of third-party applications on the hardware lead to a changing and more threatening security landscape for 2011.  Also the GSM infrastructure that smartphones rely on has proven to be insecure.  At the 2010 DEFCON and Black Hat conferences, hackers showcased the vulnerabilities of the system.  Hackers will also continue to cash in via phishing, clickjacking and drive-by-download specifically targeted toward mobile devices.

Smartphone Vulnerabilities Increase No Matter the OS.

Apple and Android Both are Vulnerable. So is the Network They Run On.

Another concern ThreatPost outlines is the proliferation of Android-based devices and the open nature of the Google supported operating system. The torrent of thousands of 3rd party applications and the eerie similarity to Microsoft’s late 90’s application strategy (flood the market with software to win market share), has security professionals concerned.

The Applie iOS doesn’t escape without criticism either.  Even though Apple is a “closed” ecosystem for developers, there have been several high profile incidents that show 3rd party applications are not being vetted effectively.  As example of poor code review, the authors offer up the Handy Light application.  Not only did it not turn the iPhone into a flashlight, it allowed a user to tether the phone to a laptop and gain an Internet connection.  This circumvented the AT&T tethering restrictions; unless you went over the bandwidth cap.  This app was pulled in short order, but it proved that Apple has issues reviewing Apps available in the App Store.

Of course Stuxnet makes an appearance in the Kapersky report.  SCADA specialists are going to be in hot demand in the coming months as organizations that rely on programmable logic controllers (PLC) to control their equipment seek to secure their environments.  Additional complexity is also thrown in the mix by adding Microsoft Windows as the operating system of choice for managing these PLCs.  That and hard-coded passwords in the software does not help matters.

DTI September 2010 Issue Mike Meikle Contribution to Cyber War Article

My contribution to their issue on Cyber War. I am quoted on Smart Grid vulnerabilities.

I contributed to a September 2010 article published in Defense Technology International (page 39) that discussed the issue of Cyber War and its impact on infrastructure.  It is interesting to go back now and re-read the varied opinions of those in the industry about the possibility of a Stuxnet type of occurrence.

Finally, the ThreatPost report wraps up with the latest word on the growing malware threat.  By growing they mean from about 600,000 types of malware in 2009 to 1.5 million in 2010, with plenty of room to grow.   The report covers all the well known vectors, Adobe, Javascript, Facebook, Twitter, email, etc.  It also mentions the uptick in smartphone attacks and USB-based (Stuxnet) malware that is to be expected for 2011.

So, with the Kapersky ThreatPost report wrapped up.  I will move on to the Cisco Annual Security Report for 2010.  Stay tuned!

Report on the State of Infosec for 2011

Kapersky ThreatPost Report 2011


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: