1
NEWS May 2012 Computer Fraud & Security 3 ...Continued from front page In the past two years, the number of serious hacking attacks on large organisations has doubled, the report claims. Yet firms are struggling to come to terms with both the problems and how to address them. PwC says that the cost of response and remediation far outweighs the cost of putting in place preventative measures. But organisations are not spending in the right places and are failing to address all three elements of the issue – people, process and technology. Most large organisations (93%) had some kind of security breach in the past year, and each saw around 54 significant attacks by outsiders, with about 15% of hackers successfully penetrating their defences. Nearly half (45%) of these firms breached data protection regulations, but only 18% had contingency plans in place for such breaches. Among large firms, the most serious breaches cost the organisations up to £250,000 each. Small firms weren’t as hard hit, although that may be because they present less attractive targets. Just over three-quarters of them had security breaches in the past year and around 15% were hit by Denial of Service (DoS) attacks. A fifth lost confidential information, with 80% of those being classified by PwC as ‘serious’. The average cost of the more serious breaches was up to £30,000. Training and staff awareness continue to present problems, says PwC. Nearly half of large firms carried out additional security training after being hit – presumably in recognition of earlier shortcomings. More than half of small firms (54%) have no training schemes for staff security awareness. On average, firms of all sizes spend only 8% of their IT budget on security, and in a fifth of large organisations it’s less than 1%, although half of larger organisations say they’re going to increase their security spend next year. There’s very little attempt to assess the value of what they do spend: some 80% of larger firms don’t try to measure return on investment of security expenditure and 58% of small firms don’t even bother with finding out the effectiveness of the systems. Some of the problems may stem from a lack of control. Of larger firms, nearly three quarters have outsourced business processes to Internet-based services. With smaller businesses, social networking plays a very large part in their operations, with more than half dependent on such sites, although only 8% actually monitor what staff put on services such as Facebook or Twitter. And then there’s the inevitable Bring Your Own Device (BYOD) dimension. Three quarters of large firms now allow staff to use their own smartphones and tablets. Only 39% ensure that company information on these devices is encrypted. The report is available here: http:// pwc.to/201205breaches. Google wifi snooping not entirely accidental I t has emerged that the collection of private data from wifi Access Points (APs) by Google Street View cars may not have been quite as accidental as the firm first claimed. Google – like other firms such as Apple and Microsoft – collects data on wifi APs as a way of improving geolocation services. The position of known APs is used for triangulation to complement GPS data, or where GPS is unavailable. However, the Street View cars also snatched fragments of any unencrypted data they could find as they moved past the APs. This data most likely included emails, web session data and potentially any usernames and passwords not protected by SSL. Google claimed this was accidental – that an engineer left some test code in the software and acted in an unauthorised manner. The company was later forced to delete the data and apologise for the error. However, an FCC report into the incident revealed that Google staff knew for years that such data was being collected. The coder responsible – identified only as ‘Engineer Doe’ in the report – told colleagues, including one superior, in 2007 and 2008 what was happening and that sensitive data was involved. He also suggested that the project should be reviewed for potential privacy issues and made clear in his project proposal what was being done. Google managers said they never read it. The New York Times named the engineer as Marius Milner, author of the popular NetStumbler wifi discovery program used by many people for wardriving. For a while, the Google wifi logging software was known as Gstumbler. According to the FCC, Engineer Doe refused to assist with its investigation, taking the Fifth Amendment against self-incrimination. The FCC concluded that Google had not broken any rules, but had obstructed its investigation by failing to respond to requests for information, including identifying the employees involved. It ordered a $25,000 fine. CERT warns of gas pipeline phishing T he Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in the US has warned firms in the gas pipeline business about a concerted spear-phishing campaign that appears to be targeted at them. Spear-phishing can be an early stage in so-called Advanced Persistent Threats (APTs). While this is often an indication of criminal activity, such campaigns are sometimes part of state-sponsored cyber-espionage or cyber-attack activities targeted at critical national infrastructure. The spear-phishing appears to have started in December 2011 and is coming from a single source. According to ICS- CERT, the phishing emails are tightly targeted on specific people and have been well-crafted to appear as though they come from trusted people within the same organisation. The Christian Science Monitor, which broke the story, said that sources in the Department of Homeland Security (DHS) had issued three confidential amber alerts – the second-highest – to organisations in the industry. It’s also claimed that the DHS asked the firms not to stop the malicious activity on their networks – presumably for forensic reasons.

Google wifi snooping not entirely accidental

  • View
    215

  • Download
    1

Embed Size (px)

Citation preview

Page 1: Google wifi snooping not entirely accidental

NEWS

May 2012 Computer Fraud & Security3

...Continued from front pageIn the past two years, the number

of serious hacking attacks on large organisations has doubled, the report claims. Yet firms are struggling to come to terms with both the problems and how to address them. PwC says that the cost of response and remediation far outweighs the cost of putting in place preventative measures. But organisations are not spending in the right places and are failing to address all three elements of the issue – people, process and technology.

Most large organisations (93%) had some kind of security breach in the past year, and each saw around 54 significant attacks by outsiders, with about 15% of hackers successfully penetrating their defences. Nearly half (45%) of these firms breached data protection regulations, but only 18% had contingency plans in place for such breaches. Among large firms, the most serious breaches cost the organisations up to £250,000 each.

Small firms weren’t as hard hit, although that may be because they present less attractive targets. Just over three-quarters of them had security breaches in the past year and around 15% were hit by Denial of Service (DoS) attacks. A fifth lost confidential information, with 80% of those being classified by PwC as ‘serious’. The average cost of the more serious breaches was up to £30,000.

Training and staff awareness continue to present problems, says PwC. Nearly half of large firms carried out additional security training after being hit – presumably in recognition of earlier shortcomings. More than half of small firms (54%) have no training schemes for staff security awareness.

On average, firms of all sizes spend only 8% of their IT budget on security, and in a fifth of large organisations it’s less than 1%, although half of larger organisations say they’re going to increase their security spend next year. There’s very little attempt to assess the value of what they do spend: some 80% of larger firms don’t try to measure return on investment of security expenditure and 58% of small firms don’t even bother with finding out the effectiveness of the systems.

Some of the problems may stem from a lack of control. Of larger firms, nearly three quarters have outsourced business processes to Internet-based services. With smaller businesses, social networking plays a very large part in their operations, with more than half dependent on such sites, although only 8% actually monitor what staff put on services such as Facebook or Twitter.

And then there’s the inevitable Bring Your Own Device (BYOD) dimension. Three quarters of large firms now allow staff to use their own smartphones and tablets. Only 39% ensure that company information on these devices is encrypted.

The report is available here: http://pwc.to/201205breaches.

Google wifi snooping not entirely accidentalIt has emerged that the collection

of private data from wifi Access Points (APs) by Google Street View cars may not have been quite as accidental as the firm first claimed.

Google – like other firms such as Apple and Microsoft – collects data on wifi APs as a way of improving geolocation services. The position of known APs is used for triangulation to complement GPS data, or where GPS is unavailable. However, the Street View cars also snatched fragments of any unencrypted data they could find as they moved past the APs. This data most likely included emails, web session data and potentially any usernames and passwords not protected by SSL.

Google claimed this was accidental – that an engineer left some test code in the software and acted in an unauthorised manner. The company was later forced to delete the data and apologise for the error.

However, an FCC report into the incident revealed that Google staff knew for years that such data was being collected. The coder responsible – identified only as ‘Engineer Doe’ in the report – told colleagues, including one superior, in 2007 and 2008 what was happening and that sensitive data

was involved. He also suggested that the project should be reviewed for potential privacy issues and made clear in his project proposal what was being done. Google managers said they never read it.

The New York Times named the engineer as Marius Milner, author of the popular NetStumbler wifi discovery program used by many people for wardriving. For a while, the Google wifi logging software was known as Gstumbler. According to the FCC, Engineer Doe refused to assist with its investigation, taking the Fifth Amendment against self-incrimination.

The FCC concluded that Google had not broken any rules, but had obstructed its investigation by failing to respond to requests for information, including identifying the employees involved. It ordered a $25,000 fine.

CERT warns of gas pipeline phishingThe Industrial Control Systems

Cyber Emergency Response Team (ICS-CERT) in the US has warned firms in the gas pipeline business about a concerted spear-phishing campaign that appears to be targeted at them.

Spear-phishing can be an early stage in so-called Advanced Persistent Threats (APTs). While this is often an indication of criminal activity, such campaigns are sometimes part of state-sponsored cyber-espionage or cyber-attack activities targeted at critical national infrastructure.

The spear-phishing appears to have started in December 2011 and is coming from a single source. According to ICS-CERT, the phishing emails are tightly targeted on specific people and have been well-crafted to appear as though they come from trusted people within the same organisation.

The Christian Science Monitor, which broke the story, said that sources in the Department of Homeland Security (DHS) had issued three confidential amber alerts – the second-highest – to organisations in the industry. It’s also claimed that the DHS asked the firms not to stop the malicious activity on their networks – presumably for forensic reasons.

In Defense of Snooping Employers

In Defense of Snooping Employers

Documents
Universal Chip Based Smart Card Snooping Device

Universal Chip Based Smart Card Snooping Device

Documents
Cisco Nexus 7000 Switch Architecturesaloperie.com/docs/BRKARC-3470.pdfIngress MAC table lookups IGMP snooping lookups IGMP snooping redirection Egress MAC lookups IGMP snooping lookups

Cisco Nexus 7000 Switch Architecturesaloperie.com/docs/BRKARC-3470.pdfIngress MAC table lookups IGMP snooping lookups IGMP snooping redirection Egress MAC lookups IGMP snooping lookups

Documents
Configuring IGMP Snooping and MVR

Configuring IGMP Snooping and MVR

Documents
11 – Snooping Cache and Directory Based Multiprocessors

11 – Snooping Cache and Directory Based Multiprocessors

Documents
IGMP/MLD Snooping in Bridge Driver · Introduction to Internet Group Management Protocol(IGMP) /Multicast Listener Discovery(MLD)Snooping cumulusnetworks.com

IGMP/MLD Snooping in Bridge Driver · Introduction to Internet Group Management Protocol(IGMP) /Multicast Listener Discovery(MLD)Snooping cumulusnetworks.com

Documents
Stepwise Multiple Testing as Formalized Data Snooping

Stepwise Multiple Testing as Formalized Data Snooping

Documents
Cat 6500 DHCP Snooping

Cat 6500 DHCP Snooping

Documents
Strategic snooping

Strategic snooping

Documents
Is your smartTV snooping on you?

Is your smartTV snooping on you?

Documents
Configuring IGMP Snooping - · PDF fileConfiguring IGMP Snooping ThischapterdescribeshowtoconfigureInternetGroupManagementProtocol ... settingis disabledwith thenoformof thiscommand,

Configuring IGMP Snooping - · PDF fileConfiguring IGMP Snooping ThischapterdescribeshowtoconfigureInternetGroupManagementProtocol ... settingis disabledwith thenoformof thiscommand,

Documents
Howto Config Dhcp Snooping Rapier1

Howto Config Dhcp Snooping Rapier1

Documents
Detecting Traffic Snooping in Tor Using Decoysmikepo/papers/tordecoys.raid11.pdfDetecting Tra c Snooping in Tor Using Decoys Sambuddho Chakravarty, Georgios Portokalidis, Michalis

Detecting Traffic Snooping in Tor Using Decoysmikepo/papers/tordecoys.raid11.pdfDetecting Tra c Snooping in Tor Using Decoys Sambuddho Chakravarty, Georgios Portokalidis, Michalis

Documents
Snooping TCP

Snooping TCP

Education
Record Snooping: More common than you think

Record Snooping: More common than you think

Healthcare
IPv6 Snooping - Cisco · How to Configure IPv6 Snooping Configuring IPv6 Snooping on an Interface SUMMARY STEPS 1. enable 2. configureterminal 3. ipv6snoopingpolicysnooping-policy

IPv6 Snooping - Cisco · How to Configure IPv6 Snooping Configuring IPv6 Snooping on an Interface SUMMARY STEPS 1. enable 2. configureterminal 3. ipv6snoopingpolicysnooping-policy

Documents
18 Configuring IGMP Snooping and Filtering

18 Configuring IGMP Snooping and Filtering

Documents
Snooping 2

Snooping 2

Education
NSA Snooping Scandal

NSA Snooping Scandal

News & Politics
3560 SW Confi IGMP Snooping & MVR

3560 SW Confi IGMP Snooping & MVR

Documents
Lecture 11: Snooping Cache Coherence: Part II

Lecture 11: Snooping Cache Coherence: Part II

Documents
04-IGMP Snooping Configuration

04-IGMP Snooping Configuration

Documents
PoE+ Series Switches DHCP- SnoopingConfigurationGuide-series-switches-dhcp-snooping...PoE+ Series Switches DHCP-Snooping Configuration Guide丨FS - Fiberstore Author: FS - Fiberstore

PoE+ Series Switches DHCP- SnoopingConfigurationGuide-series-switches-dhcp-snooping...PoE+ Series Switches DHCP-Snooping Configuration Guide丨FS - Fiberstore Author: FS - Fiberstore

Documents
Multicast - Extreme Networksextrcdn.extremenetworks.com/wp-content/uploads/2014/04/Multicast.… · configure igmp snooping vlan ports add dynamic group.....100 configure igmp snooping

Multicast - Extreme Networksextrcdn.extremenetworks.com/wp-content/uploads/2014/04/Multicast.… · configure igmp snooping vlan ports add dynamic group.....100 configure igmp snooping

Documents
FISA Court Opinion on NSA Snooping

FISA Court Opinion on NSA Snooping

Documents
Living with RFI at AO (aka rfi snooping)

Living with RFI at AO (aka rfi snooping)

Documents
Technical Trading -Rule Profitability, Data Snooping…andromeda.rutgers.edu/~yangruwu/tbn_trd4.pdf · Technical Trading -Rule Profitability, Data Snooping, and Reality Check: Evidence

Technical Trading -Rule Profitability, Data Snooping…andromeda.rutgers.edu/~yangruwu/tbn_trd4.pdf · Technical Trading -Rule Profitability, Data Snooping, and Reality Check: Evidence

Documents
User’s Manual of GS-4210 Series - PLANET · 2015. 9. 10. · IGMP Snooping . IGMP (v2/v3) Snooping . IGMP Querier : Up to 256 multicast groups . MLD Snooping . MLD (v1/v2) Snooping,

User’s Manual of GS-4210 Series - PLANET · 2015. 9. 10. · IGMP Snooping . IGMP (v2/v3) Snooping . IGMP Querier : Up to 256 multicast groups . MLD Snooping . MLD (v1/v2) Snooping,

Documents
Multiprocessors—Cache Coherency, Snooping Protocol

Multiprocessors—Cache Coherency, Snooping Protocol

Documents
Virtual Machine Snooping on VXLAN-based overlay networks

Virtual Machine Snooping on VXLAN-based overlay networks

Technology