Skip Links

Security roundup: Steve Jobs, Apple and IT security; DDoS attacks against VoIP; a hot week for SIEM

Also in security: Cybersecurity threats increase exponentially and the government isn't moving fast enough to counter the attacks

By , Network World
October 07, 2011 02:12 PM ET

Network World - This week the respectful thoughts of many turned to Steve Jobs, the legendary co-founder of Apple, who passed away at the age of 56. When it comes to security, Apple computers were remarkable for the kinds of troubles they largely didn't have in comparison to Microsoft-based computers with their high rate of enterprise adoption that the Apple Macintosh never achieved. Microsoft operating systems and applications over time have been relentlessly targeted by attackers if only because Microsoft products constituted a large field of malware opportunity due to their huge market acceptance, plus the number of vulnerabilities discovered in them month after month.

The Macintosh, though hardly perfect, was spared that. Apple's Jobs was a creative force because he fiercely believed his ideas, turned into products, could compete. And competition remains one of the best hopes for product security because it works to offset the kind of software homogeneity that hackers prefer for mass exploitation. Jobs personified the defiant spirit of the early era of personal computing which, in some way, does seem to come to a close with his passing.

IN THE NEWS: Massive DDoS attacks a growing threat to VoIP services

Of course, for some, death is just something else on which to capitalize. In one case, as Sophos tells us, scammers are trying to exploit the death of Steve Jobs. As a way to lure victims into his malware trap, one scammer is saying, "In memory of Steve, a company is giving away 50 ipads tonight. R.I.P. Steve Jobs." 

DDoS attacks growing against telecom and service providers

It takes a lot of guts to stand up and talk candidly about getting hit by a distributed denial-of-service attack, but that's exactly what Don Poe, vice president of network engineering at TelePacific Communications, did at the Comptel Plus Conference in Orlando, Fla.

Poe detailed how an attacker took down the local-exchange carrier's VoIP services in a massive DDoS attack in March. It's not known who the attacker was, but a lot of attack traffic was coming from China. Poe provided insight into how TelePacific has bolstered security since then. The trade group Comptel says it organized the session on DDoS because it's learning that more and more of its membership is getting hit with DDoS attacks.

There's national security significance in all this if the U.S. telecom industry is under attack constantly. But many in the telecom industry would rather not confront these problems directly and publicly. Botnets are a big part of the DDoS problems, but trying to get the service providers to play a coordinated role in trying to battle this plague is not easy to do. Various officials from the U.S. Department of Commerce and Department of Homeland Security last week tried to get the industry interested in voluntary efforts in this regard by holding a public discussion about it at the D.C.-based Center for Strategic and International Studies. However, auditors from the General Accounting Office last week pointed out the U.S. government agencies could do a lot better on cybersecurity, too.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News