News and another great quote – Breached (again?!)

If I kept a running commentary of all the system, service and data breaches currently being disclosed this blog would probably look like it was scrolling in real time. Thankfully a bunch of other sites do a great job of keeping us up to date on the somewhat gloomy happenings across the Internet.

The recent DNS attacks are of particular interest, and concern. DNS is part of the fabric of the Internet, and without it many people’s (click-and-mortar) businesses and livelihoods could come to an abrupt halt. In this case it was large corporations targeted, but it is easy to see smaller home-based companies suffering collateral damage.

It sometimes feels like we have built our Internet/E-commerce house on sand. What is more concerning is that the simple, well-known attacks (SQL injection in this case) are still highly effective. The DigiNotar incident audit report also puts fundamental security control failures at the root of the breach – log management, password controls, patches and network segmentation.

Why do we spend time worrying and analysing APTs and advanced cyber-crime techniques when we still can’t get the basics right?

Brian Honan summed it up well in his Editor comment on the SANS NewsBites email yesterday (Brian I hope you don’t mind me quoting you!):

“This (DNS) attack and the one on DigiNotar highlight how fragile, insecure and unsuitable the Internet is for conducting the type of transactions we are using it for.  Putting security solutions as add-ons to the infrastructure is not working.  We need a fundamental rebuild of the security architecture we are using and we need it now! ”

http://isc.sans.edu/diary/Several+Sites+Defaced/11503

http://www.theregister.co.uk/2011/09/05/dns_hijack_service_updated/ (I like the irony of posting this link)

Advertisements

One thought on “News and another great quote – Breached (again?!)

  1. Hi Rob

    Nice post and good overview of the issues we face.

    And no, I don’t mind you using my quote. Nice to see someone reads them 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s