Hactivism is making possible to bring wars and revolutions on the cyberspace, the fifth domain of war. In particular the Arab Spring has given the definitive consecration to politically driven hacking actions that have proven to be a key factor inside the protests that are changing the political landscape in the Middle East: non conventional weapons used together with “traditional” methods by both parties involved on revolutions: cyber-opponents vs cyber-supporters.
Hard times for Information Security and for the authentication models it had been built upon. The inglorious falls of SecureID and Certification Authority Authentication models were not enough in this troubled 2011 and now it looks like the last authentication bastion was breached after Thai Duong and Juliano Rizzo unleashed their BEAST (Browser Exploit Against SSL/TLS) attack.
Le Cyberwar sono state definite il quinto dominio della guerra. Ma se doveste spiegare in parole semplici a cosa corrisponde una Cyberwar come la definireste? In queste slide divulgative, redatte in occasione di un convegno al quale sono stato invitato, ho cercato di inserire la mia personalissima risposta con gli esempi più famosi del 2011 e alcuni collegamenti, apparentemente improbabili, alla vita di tutti i giorni.
So here it is, also for this month, the first part of My Cyber Attacks Timeline covering the first half of September.
Apparently It looks like the wave of the Anonymous attacks that characterized August has stopped. Even if several isolated episodes occurred, their impact was slightly lower than the previous months.
Do you remember Mobile Phishing and the related risks? Well This morning I had a bad surprise and could see it anction with my hands (or better with my fingers on the display of my Android Device).
This morning I woke up early (6 AM) since I previously arranged a travel to my hometown which takes approximately 4 hours. As usual I have the bad habit to check email upon awakening, directly from my Android device. This morning found a strange DM strange DM on my Twitter Account:
Yesterday, September the 13th 2011, the Information Security Arena has been shaken by a couple of
announcements earthquakes unleashed by two of the most important players in this market.
The first earthquake was detected in San Francisco, at the Intel Developer Forum, where McAfee announced DeepSAFE, a jointly developed technology from McAfee and Intel that enables to build hardware-assisted security products that take advantage of a deeper security footprint. According to McAfee, sitting beyond the operating system and close to the silicon, DeepSAFE technology allows to gain an additional vantage point in the computing stack to better protect systems. Although initially conceived as an anti-rootkit (and 0-day) technology, McAfee promises that DeepSAFE Technology will be the foundation for its next gen security products, maybe landing also on the Android Platform (but not on Intel’s MeeGo Mobile Platform).
Easily Predictable, the 10th 9/11 anniversary turned out to be a too tempting opportunity for unscrupulous hackers and cyber pranksters. Probably the NBC News Twitter account (and its 130,000 followers) will remember this anniversary eve for a long time after, late on Friday September the 9th, the Twitter account started to tweet false reports of a plane attack on ground zero.
9/9/2011: Globalsign admitted evidence of a breach to the web server hosting the www website:
Today we found evidence of a breach to the web server hosting the www website. The breached web server has always been isolated from all other infrastructure and is used only to serve the www.globalsign.com website. At present there is no further evidence of breach other than the isolated www web server. As an additional precaution, we continue to monitor all activity to all services closely. The investigation and high threat approach to returning services to normal continues.
I built a brand new web page which I called master index, collecting all the Main Cyber Attacks for 2011 according to my personal Criteria. You can find it in the top menu bar or at this explicit link. Of course I will keep it up-to-date as soon as I will publish my monthly reports.