Skip Links

Security roundup for week ending Nov. 18: Facebook, Norway oil-industry cyberattacks, and why virtualization and mobile devices mean security stress

Symantec takes a look at small-business security hubris

By , Network World
November 18, 2011 12:50 PM ET

Network World - Last week's flood of pornographic and violent images that hit Facebook was a coordinated spam attack that caught the attention of the world. But less remarked-upon and perhaps more sinister was what may have been a denial-of-service attack on many organizations' DNS servers, based on an exploit of the BIND 9 protocol, temporarily knocking their networks offline. The Internet Systems Consortium (ISC), which maintains several software products essential for Internet infrastructure, released a patch that's something of an interim fix for this and said it would conduct an investigation. This kind of attack -- which incapacitates entire networks, as it did in this case -- is truly worrisome.

And now we hear of what appears to be an "advanced persistent threat" against Norway's oil industry to steal business secrets. The BBC has reported that Norway's National Security Agency said that oil, gas and defense firms there had been targeted by sophisticated attacks in which industrial secrets and information about contract negotiations were stolen. About 10 companies are deemed to have been subject to these attacks, and at least some of them were fooled by "customized emails with viruses attached which did not trigger anti-malware detection systems," according to the BBC report. This email was sent to specific individuals in the targeted firms and was crafted to appear as though it came from legitimate sources. The BBC report says the Norwegian security agency indicated this was the first time Norway has revealed this type of wave of cyber-espionage, though it did not identify a source.

IN OTHER NEWS: 11 cool robots you may not have heard of

In other news, Romanian authorities arrested a 26-year-old hacker accused of breaking into multiple NASA servers and causing $500,000 in damages to the U.S. space agency's systems. Robert Butya was arrested in the city of Cluj, following an investigation by the Romanian Directorate for Investigating Organized Crime and terrorism. He's expected to be tried in Romania.

What the Ponemon survey on "State of the Endpoint" tells us

In trying to size up the main pressures coming to bear on the enterprise IT and security divisions right now, the Ponemon Institute polled 688 information and security managers on where they see their greatest risks. Their responses clearly indicate they are struggling with the security associated with virtualization software they deployed that has become the foundation for their organizations. It's mainly based on the VMware or Microsoft Hyper-V platforms, though Citrix Xen is also there, and IT and security managers are turning to their virtualization software vendors and security vendors with virtualization expertise for help. It appears that virtualization has become a classic case of a transformational technology that everyone rushed to get for its benefits, such as server consolidation, before really understanding or caring about the security and networking management consequences.

And the disturbing aspect of the Ponemon survey is that 41% of the 688 respondents said the responsibility for virtualization security isn't clearly defined by department or function. In other words, maybe no one is really in charge? 40% in the survey also admit collaboration between the IT operations and IT security overall is "poor or nonexistent."

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News