I’ve reported on this concern before, but Tom Spring has a
nice write-up on ThreatPost that begins:
Recent attacks against insecure
MongoDB, Hadoop and CouchDB installations represent a new phase in online
extortion, born from ransomware’s roots with the promise of becoming a nemesis
for years to come.
“These types of attacks have
grown from ones of opportunity to full-scale automated and systematic assaults
targeting misconfigured servers containing sensitive data that can be easily
hijacked,” said Zohar Alon, co-founder and CEO, security firm Dome9.
First spotted on Dec. 27 by
Victor Gevers, an ethical hacker and founder of GDI Foundation, attacks in the
past two months shot up from 200 to near 50,000.
But as I’ve noted before, we
shouldn’t call all attacks “ransomware” even if there’s a so-called “ransom
demand.” Spring writes, for example:
Security researchers at Rapid7
estimate that 50 percent of the 56,000 vulnerable MongoDB servers have been
ransomed. When it comes to similar
misconfigured databases; 58 percent of the 18,000 vulnerable Elasticsearch
servers have been ransomed and of the 4,500 CouchDB servers vulnerable 10
percent have been ransomed.
“It’s about the path of least
resistance for hackers interested in the biggest potential reward,” said Bob
Rudis, chief data security officer at Rapid7. “Hackers have decided it’s easier to end-run
an enterprise’s multi-million dollar security system and instead simply target
an open server.”
But these servers are NOT being ransomed even though there
are “ransom demands.” What researchers
from GDI Foundation have found is that the servers are just being wiped
and a ransom note left in their place. But
if entities pay the “ransom,” they still don’t get the database back
because it appears that the databases are not being copied and exfiltrated.
Read more on ThreatPost.
And read GDI
Foundation’s warning on Hadoop, as Hadoop installations have
also been attacked.
Perhaps we can get a better understanding?
DHS Uses Cyber Kill Chain to Analyze Russia-Linked Election
Hacks
… On Dec. 29,
2016, the DHS and FBI published an initial
Joint Analysis Report (JAR) detailing the tools and infrastructure used by
Russian hackers designated by DHS as “GRIZZLY STEPPE” in attacks against the
United States election. The previous
report, however, didn’t deliver on its promise, security experts argued.
While the original report included a series of IOCs, some
said that they were of low quality, had limited utility to defenders, and were published as a political tool attempting to connect
the attacks to Russia.
The new report is described by DHS as an Analytical Report (AR) providing a “thorough analysis of the methods threat
actors use to infiltrate systems” in relation to the GRIZZLY STEPPE hackers. The report provides additional details on
IOCs, along with analysis along phases of the cyber kill chain, and suggests specific mitigation techniques that could be used to
counter GRIZZLY STEPPE attackers.
DHS analysts leveraged the Cyber Kill Chain
framework created by Lockheed Martin that
describes the phases of an attack. The report summarizes the activity of the
campaign using each phase of the Cyber Kill Chain, which are Reconnaissance,
Weaponization, Delivery, Exploitation, Installation, Command and Control, and
Actions on the Objective.
It’s why I make my students give presentations.
Gartner and industry experts on the booming market for
security awareness training
Andrew Walls, research vice president for security, risk
and privacy at analyst firm Gartner, estimated the security awareness training
market at more than $1 billion in late 2014.
… A new report from Cybersecurity
Ventures states that training employees how to recognize and defend against
cyber attacks is the most underspent sector of the cybersecurity industry - a
sector that can be worth $10 billion by 2027.
… Training the
world's employees on how to detect and respond to spear phishing and other
hacks aimed at users will cost billions of dollars. But it may be the world's best ROI in the war
against cybercrime - which is predicted to cost organizations $6 trillion annually by 2021.
My students need to understand that businesses do not make
decisions like this based only on the technology.
Woolworths shifts infrastructure to Azure
… "To cater
for the [business'] extensive growth, the team made the decision that rather
than continue to host the service internally, we would seek a cloud
alternative," Rana said.
"The series of unique requirements we had made our
decision to move to Microsoft Azure clear cut."
At last count Woolworths’ technology environment spanned 550 major applications
supporting 25,000 point-of-sale (PoS) units, 7000 self-service checkouts, and
11,000 back-office workstations. It
relies on an SAP system for its core merchandising activities.
Three data centres with 6500 servers supported its
applications, alongside 3200 in-store servers and 250 servers across its
distribution centres.
… Woolworths would
only consider a locally-based, multi-region, active-active cloud solution that
could guarantee its uptime and availability, Rana said.
"Trying to replicate this internally would have been
far too costly."
… The Woolworths
IT team now no longer needs to manually scale its environment to deal with
periods of peak load, Rana said - something that was previously impossible.
Just a thought, but do you suppose Jeff Bezos designed
this for his own use and amusement?
Amazon Is Challenging Microsoft and Cisco With a Yet Another
Service
I wonder if I could do something like this for my
students.
Apple Shows Off Sneak Peek of Original Series 'Planet of the
Apps'
… In the clip
shown to attendees of the Code Media conference, app developers have 60 seconds
to get Planet of the Apps' group of advisors — Jessica Alba, Will.i.am, Gwyneth Paltrow and Gary
Vaynerchuk — excited about their projects. Those picked work directly with their
advisors, preparing them to pitch in front of a group of venture capitalists
from Bay Area firm Lightspeed Venture Partners.
My students will be amused.
Dubai To Put Autonomous Taxi Drones In The Skies
'This Summer'
When the ruling family decrees that a quarter of all
journeys in a city state will be autonomous by 2030, someone somewhere is
obliged to make that start happening as soon as possible.
… The flying taxis
are being manufactured by Chinese drone-making firm EHang and can carry a
person weighing up to 100 kilograms (about 220 pounds) along with a small
suitcase. Passengers don’t need to learn
how to fly the drones, EHang's co-founder Derrick Xiong told FORBES staff writer Aaron Tilley in an interview
this time last year.
“They just need to press a button and then it vertically
takes off, flies from point A to point B, and lands.”
(Related). Where
are we, here in the US?
Fix self-driving car rules or face needless deaths, GM warns
government
http://www.forbes.com/sites/susannahbreslin/2017/02/13/playboy-is-naked-again/#608c5193389e
Playboy Is Naked Again And It Is Awesome
Just in time for Valentine's Day, Playboy has announced
its 63-year-old magazine will return to publishing naked women.
In 2015, the magazine, faced with competition from the
internet where anything goes when it comes to sex, stopped running images of
unclothed young ladies.
By all accounts, including my own, the results were terrible.
Now, Playboy Enterprises is back in the skin game with its
March/April 2017 issue.
I took the liberty of downloading a copy. (Want one? It's $5.99.)
For the gamers at school.
https://www.humblebundle.com/freedom
Humble Bundle
This special one-week bundle features over $600 in
incredible games and books for just $30. 100% of your payments will go to the American
Civil Liberties Union, the International Rescue Committee, and Doctors Without
Borders/Médecins Sans Frontières (MSF).
Redeem the games on Steam. All of the games in this bundle are available
on Steam for Windows, and some for Mac and Linux too. A number of the games are available DRM-free
as well.
Take the books anywhere. The ebooks are available in PDF, ePUB, and
MOBI formats, meaning you can read them anywhere at any time. Instructions and a list of recommended reading
programs can be found here. The audiobooks
are available in MP3 and FLAC format, meaning you can listen to them anywhere,
too! Instructions can be found here.
No comments:
Post a Comment