Information Security vs Information Privacy

Information technology conflicting with personal and information privacy has been a major topic in recent months keeping privacy organizations including the Washington D.C. based Electronic Privacy Information Center (EPIC) busy as the premiere privacy watchdog in the U.S. For example, recent issues such as Google asking the NSA for assistance in the investigation of a cyber-attack that occurred on its network. In addition, the initial roll-out of Google’s social networking application “Buzz” that caused quit a stir due to how Google automatically suggested and added Gmail contacts to its followed list. Now, with recent allegations that the Lower Merion School District in PA used remote-controlled web cameras attached to laptops to spy on high school students has surfaced and is under investigations.<!– wp_ad_camp_1 –>

Information security and personal privacy has been increasingly important as our reliance to the Internet has grown in all areas including business and play.  Many people try to understand how much privacy they are you willing to give up for security and many people often confuse the concept of security and privacy to be synonymous.

Information privacy is an individuals claim that data about themselves should not be automatically available to other individuals and organizations while information security means protecting information from unauthorized access, use, disclosure, modification or destruction.

What are you view on information security and your information privacy? How much of your information privacy would you be willing to give up to ensure your information security level?

Types of Wireless Attacks

Standard wireless communication occurs when the end user and the wireless access point are able to communication on a point-to-point basis without interruptions. There are many attack variations in existence against wireless networks that breaks the standard communication format. These attacks includes the denial of service attacks, the man in the middle attacks and the WEP key-cracking attack to name a few and are described below.

Denial of Service (DoS) attacks
The objective of a Denial of Service (DoS) attack is to prevent authorized users access to legitimate network resources by denying them service. A DoS occurs when the malicious attacker sends an abundant of garbage data to the wireless access point choking all other communications to legitimate users.

Man-in-the-middle attacks
A man-in-the-middle attack consists of a malicious user (hacker) inserting themselves into the data path between the client and the AP. In such a position, the malicious attacker can delete, add, or modify data. The man-in-the middle attack also enables the malicious attacker access to sensitive information about legitimate users such as username and passwords, credit card numbers and social security.

War driving
Wardriving is the mapping of wireless access points (WAP) by driving or walking through populated areas carrying wireless equipment such as a laptop or a PDA to detect active wireless access points. The tools used for this are available freely off the Internet in the form of Netstumbler and Ministumbler (http://www.netstumbler.com/). Once the malicious attacker located vulnerable wireless access points, they are able to mount attacks to other locations under the cover the compromised network.

Wired Equivalent Privacy (WEP)
The Wired Equivalent Privacy (WEP) authentication consists of each frame being encrypted as it is transmitted to the wireless access point. WEP possess many deficiencies such as the ability to be compromised within a short period of time. Hackers can fairly easily decode WEP-encrypted information after monitoring an active network for less than one day. An application such as WEPCrack (wepcrack.sourceforge.net/) is a freely available tool often used to implement such an attack.

The Types of Hackers: Black Hat, White Hat or a Gray Hat Hacker, Which Type are you?

A white hat hacker is a computer and network expert who attacks a security system on behalf of its owners or as a hobby, seeking vulnerabilities that a malicious hacker could exploit. Instead of taking malicious advantage of exploits, a white hat hacker notifies the system’s owners to fix the breach before it is can be taken advantage of.

A black hat is a person who compromises the security of a computer system without permission from an authorized party, typically with malicious intent. A black hat will maintain knowledge of the vulnerabilities and exploits they find for a private advantage, not revealing them to the public or the manufacturer for correction.

A gray hat is a skilled hacker who sometimes will act legally and other times may not. They are a cross between white hat and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

Which one are you?

Cloud Computing and Security Concerns

Cloud computing has been receiving a lot of press in the IT mainstream media lately and all indications points to it continuing to be a hot topic for some time. Gartner.com stated in an article “Significant innovations in virtualization and distributed computing, as well as improved access to high-speed Internet and a weak economy, have accelerated interest in cloud computing.

The concept of cloud computing pertains to an entity that involves delivering hosted services over the Internet. These services can be private or public and are divided into three categories:

Infrastructure-as-a-Service (IaaS)
Platform-as-a-Service (PaaS)
Software-as-a-Service (SaaS)
Infrastructure as a Service (IaaS) is a service in which an organization outsource the equipment used to support operations, including storage, servers and networking components. The service provider owns the equipment and is responsible for the operation and maintenance of it.

Platform as a Service (PaaS) is a service for which the development tool itself is hosted in the cloud and accessed through a browser. Developers can build web applications without installing any tools on their computer and then deploy those applications without any specialized systems administration skills.

Software as a Service (SaaS) is a software service application that allows users to purchase a software service to be used over the Internet that is developed and managed by an independent or third party. The software is not downloaded onto the user’s computer, but is simply accessed via an Application Programming Interface (API) over the World Wide Web with a login and a password.

Cloud Security

Due to the nature of cloud computing, many security concerns have been raised as researchers, security professional and management examines the models. Cloud computing does not allow the organization to physically possess their data on site unless it is backed up on a secondary storage device. Customers of the cloud-computing model need to be aware the service provider is conducting regular backups, have an incident response plan and have a disaster recovery plan in place. This is for continuity of business functions as well as the need for meeting regulatory compliance such as FISMA and HIPPA to name a few.

Cloud computing has the ability to assist many organizations, but intensive research, review and audits should be conducted before doing so. The organizations that choose to rely on using a cloud service model will have to consider additional responsibility to be able to understand the services being offered in order to understand the effects on their operations and security.

Computer Malware and Preventive Recommendations: Botnets

It’s often what we don’t know can hurt us the most…

That is the case when it comes to the effects of malware such as computer viruses, worms and Trojans.

Botnets are one of the fastest growing and the most dangerous threat on the Internet today. “Bot” stands for robot, which is a piece of software with some intelligence to perform a task and the “net” stands for network which is the collection of these individual bots under one controlling person called a bot herder.

The interesting thing is not all bots are bad, for example, intelligent software agents used in Microsoft Word or the ones used by search engine sites like Google are here to help the end user, whereas bots such as the Storm and Kragen botnet collection are here to disrupt end user activities.

The bots are small executable files that are very easy to spread. They can be spread through spam, music files located on file sharing systems, various Microsoft vulnerabilities that are not patched and host on a web site that pushes it to visitors in a technique call “drive-by download” (Very nasty and stealthy).

The thing that makes these bots so dangerous is their exponential growth factor. As more systems are infected, they also begin to scan to look for vulnerable system. Since additional computer systems use their recourses to recruit other systems, the growth can be enormous in a short period of time.

SecurityOrb.com, an information security media company based in the Washington, D.C. metro area recommends the following:
* Use a Mac OS X based system or even a Linux-based system if possible, if not

1. Make sure you have security controls in place (eg. Firewall, Anti-Virus, Anti-Spyware and IDS)
2. Make user they are licensed and updated regularly
3. Make sure you run them frequently or have them run at a time your computer will be on
4. Do not download free miscellaneous software from the Internet (eg. Screensavers and games)
5. Do not open attachments if you do not know from whom it is from or what the attachment is.
6. Just be smart

For more information on botnets, their effects and detailed recommendation to prevent and remove malware, check out https://securityorb.com/

Mac OS X: A Threat is growing…

As a devoted Mac user since 1994, it scares me every time I hear other Mac users say, “ The Mac is so safe, I don’t worry about viruses or apply any security features”.

Even though to date, there have not been any damaging viruses or attacks successfully applied to the Mac OS X operating system, it is increasingly becoming a target for hackers and malware authors.

Security researchers are discovering serious vulnerabilities in the Mac OS X system. Even though we have not seen specific malware to exploit these vulnerabilities, they do exist in the labs and technical papers as proof of concepts.

According to Symantec, as Apple increases its market share–with new low cost products such as the Mac mini–its user base is likely to come under increasing attack.

So we are lead to believe as the popularity of Apple’s new platform continues to grow, so too will the number of attacks directed at it. If that is the case, then vulnerabilities that allow attackers to carry out information disclosure, authentication bypass, code execution, privilege escalation, and DoS attacks will soon be common headaches for Mac OS X users.

Washington DC based SecurityOrb, LLC stated, “Even though none of these events have yet to occur, it is important for Mac OS X users to start changing their mind-set they are immune to the threats that are common with Microsoft Windows users. The Mac OS X has many built in security features as well as some security configuration recommendations on www.securityorb.com that can prevent malicious activities from taking place on your Mac-based system.”