More talent … Less technology

No one is safe from internet attacks, and A.I. defenses can’t help, Google security veteran says (https://www.cnbc.com)

Technology

A cybersecurity expert who has protected Google’s systems for 15 years said Monday no one is safe from internet attacks and software powered by artificial intelligence can’t help defend them.

Heather Adkins, director of information security and privacy and a founding member of Google’s security team, also advised consumers not to put sensitive personal information in their online communications.

“I delete all the love letters from my husband,” Adkins told several thousand people gathered for TechCrunch Disrupt 2017, a technology conference in San Francisco, after telling them “some stuff” like personal information shouldn’t be put in emails.

Network attacks “can happen to anyone … anywhere,” Adkins said during an onstage interview in which she urged startups to assume they would get hacked eventually and to prepare a response plan.

Google has said that more than 1 billion people use its Gmail program.

Adkins’ remarks came several days after the credit-monitoring firm Equifax revealed what may be the largest data breach to date.

Adkins explained that AI-powered security software is not particularly effective at stopping even 1970s-era attack methods, let alone more recent ones.

“The techniques haven’t changed. We’ve known about these kinds of attacks for a long time,” Adkins told the crowd, pointing to a 1972 research paper by James Anderson.

While AI is very good for launching cyberattacks, it’s not necessarily any better than non-AI systems for defense — because it produces too many false positives.

“AI is good at spotting anomalous behavior, but it will also spot 99 other things that people need to go in and check” out, only to discover it wasn’t an attack, says Adkins.

The problem in applying AI to security is that machine learning requires feedback “to learn what is good and bad … but we’re not sure what good and bad is,” especially when malicious programs mask their true nature, she said.

When asked what advice she would give to businesses to keep their networks safe, Adkins advised “more talent … less technology.”

“Pay some junior engineers and have them do nothing but patch,” she said.

…….Continue reading at https://www.cnbc.com

My Two Cents: I agree to disagree. The future reality is AI is here to stay and expand. Talented humans are needed to maintain, and help design the AI systems. The expansion of the Internet is alarming, and my thoughts right now are out on if this is a good thing or a bad thing. Back in the 1990s I thought it was a good thing when I lead the development of placing mechanical systems on the internet as a way of tracking and increasing productivity. I now believe this was wrong, based on the security risks that have exploded. AI is needed, we just do not have enough talented humans for the tasks at hand….

Facebook security boss says its corporate network is run “like a college campus”

Facebook security boss says its corporate network is run like a college campus (http://www.zdnet.com)

Technology

In July of 2017, Alex Stamos Facebook’s Security Chief told employees in a conference call that the company isn’t doing enough to respond to growing cyber threats: in fact, with Facebook’s “move fast” mantra, the vault that stores the keys to a billion lives is (deliberately) run like a college campus, but has the threat profile of a defense contractor, he said.

The threats that we are facing have increased significantly, and the quality of the adversaries that we are facing. Both technically and from a cultural perspective, I don’t feel like we have caught up with our responsibility.

The way that I explain to [management] is that we have the threat profile of a Northrop Grumman or a Raytheon or another defense contractor, but we run our corporate network, for example, like a college campus, almost.

We have made intentional decisions to give access to data and systems to engineers to make them ‘move fast,’ but that creates other issues for us.

The comments were part of an internal talk to employees during which he discussed the challenges Facebook had with keeping its networks secure, amid a growing danger of state-sponsored actors and advanced persistent threats, which in some cases have near-limitless resources.

For his part, Stamos, when reached, said that he had used the “college campus” line several times internally to describe challenges that the company faces, and used it as a figure of speech.

“My team runs network security for the company, and of course we secure it thoroughly,” he said Thursday.

Stamos denied that the comments were a criticism of the company’s management. “They care a great deal,” he said. “It’s not a criticism of anybody, just a statement of why our team needs to be creative in how we protect our corporate network.”

…….Continue reading at http://www.zdnet.com

My Two Cents: I would locate the Facebook employee or contractor that tapped this phone call that leaked this information to zdnet. Cyber Security teams are facing very tough challenges. The bad guys can be wrong multiple times, the Cyber Security teams cannot be wrong once… but we can all learn from our mistakes. I am sure the next conference call will be secure.

North Korea Escalating Cyber-Attacks

North Korea Escalating Cyber-Attacks With Little Fear of Retaliation (http://www.eweek.com)

Technology

Online attackers from North Korea reportedly stole confidential military documents, including war contingency plans drawn up by U.S. and South Korean forces. Without any downside, such attacks will continue, security experts say.

The data, part of a massive haul of 235 gigabytes taken during an intrusion spanning the months of August and September 2016, was only recently identified as the South Korean government pieced together what was taken.

Lee Cheol-hee, a South Korean lawmaker and member of the parliamentary defense committee, said that attackers had infiltrated the Defense Integrated Data Center, according to The Washington Post. The stolen data includes war plans and a scheme to assassinate North Korean dictator Kim Jong-un in the event of war, according to the South Korean lawmaker. The attack happened last year, but only 20 percent of the documents have so far been identified.

…….Continue reading at www.eweek.com

My Two Cents: I read that the documentation stolen was located in a network not connected to the internet. That a so called maintenance port was accessed with a laptop that acted as a go between the North Koreans and the South Korean systems. I am shocked that such a high classified network did not alert the South Koreans that a unknown device had attached itself to their system and was accessing data. But of course spies have access if they are already in the inside and are authorized access. I would review all the authorized user access records and locate the spies within the organization…. but then again don’t believe what you read…

Big Data Needs Bigger Security

Big Data Needs Bigger Security (http://www.usnews.com)

Technology

The Equifax breech shows why data companies must be held accountable.
The age of big data is here, along with a growing list of big data breaches and the big mess created for millions of affected consumers. The only thing missing is big consequences for companies that are causing these big losses. Last week, Equifax lost highly confidential personal and financial data on as many as 143 million people. The worst part? You didn’t even give them permission to obtain this information. They can legally collect, store and share it regardless. Although banks have a self-serving track record of their own (Wells Fargo, anyone?) at least as a client, you have a direct relationship that permits you to use the law to hold them accountable……Continue reading at www.usnews.com

My Two Cents: After reading this I would have to agree. If corporations are going to store highly confidential personal and financial data and they lose this data based on hacking which means this data was exposed to the internet, then this company would be responsible. What bothers me about Equifax is the time it took to notify everyone, and I mean everyone’s personal information in the USA has been exposed. This is huge. Sadly security software systems do exist that would have secured this data, but these Big Companies appear to not care to invest in these systems.

Global Cyber Attack Imminent

A devastating global cyber attack is imminent (http://www.dailymail.co.uk/)

Technology

Experts have warned that a devastating global cyber attack is imminent.
The hack, called ‘ExplodingCan’, targets computers running on Microsoft Windows 2003, which means that it could be used to attack 375,000 computers worldwide.
This puts it in the same risk category as last month’s WannaCry ransomware attack which caused mayhem around the world, crippling vital servers such as those used by the NHS.
ShadowBrokers, the group behind the WannaCry hack, stole the ExplodingCan from the NSA, along with an arsenal of other cyber weapons.

The hack targets Microsoft Windows 2003 servers running the Internet Information Services version 6.0 (IIS 6.0) web server.
According to Manchester-based security company, Secarma, Exploding Can exploits a known flaw in the IIS 6.0 servers, triggering a buffer overflow.
This in turn can be used for remote access to the computer, and could allow hackers to plant ransomware in a similar fashion to the WannaCry worm.

Continue reading at http://www.dailymail.co.uk/

My Two Cents:
Another reason supporting moving to the Adept Secure Platform. Microsoft Windows Server 2003 has been retired for many years, outdated software is just one little problem…