| Syndicate
Conference Article Round Up |
| WebProNews
will be covering the Syndicate Conference with CEO Rich Ord attending sessions
and sending in reports. |
|
|
| Top
Security News |
Best
Practices Guide For Email Marketers
The Email Sender and Provider Coalition (ESPC) just released their "ESPC Best
Practices Guide." The book is a list of guidelines that help reinforce the industry
best ...
iDefense:
TrendMicro ServerProtect Vulnerability
iDefense announced vulnerabilities in TrendMicro ServerProtect. The remote user
can execute arbitrary code on the target system. The remote user will also...
Microsoft’s
Exchange “12” Beta 1
There's generally not too much in the way of silliness and fun regarding Internet
security, identity fraud and cybercrime in general. Once in a blue moon, some
Another
Problem For Patch Tuesday
The monthly Microsoft event known as "Patch Tuesday" has become somewhat of a
mixed blessing for Microsoft in recent months as they often come with caveats.
This month, the updated corrected a "Critical" flaw and an "Important flaw. It
also causes...
|
|
|
|
|
The world's most populous nation denied charges of hacking U.S. military computers
after a cybersecurity expert suggested Chinese military in southern China were
going after U.S. networks.
This current debate is just the latest in an ongoing problem for the U.S. military.
Alan Paller, director of the SANS Institute said the attacks have been traced
to the Guangdong province and he said the techniques in play suggest precision
that only comes from the military.
Paller made allegations on Monday during a conference call discussing other work
by the SANS Institute. "These attacks come from someone with intense discipline.
No other organization could do this if they were not a military organization."
The problem of these hackings has become tremendous. A number of military computers
were hacked a little over a year ago. A group called "Titan Rain" was considered
responsible for cracking four military installation systems and managed to make
off with several tidbits including the aviation mission-planning software for
Army helicopters. Not good and it doesn't stop there either.
A number of defense contractors have also been hacked. Paller said "We know about
major penetrations of defense contractors." He went on to say "they are less willing
to make it hard for mobile people to get their work done."
The Chinese government has denied these allegations. Foreign ministry spokesman
Qin Gang said in his regular briefing that, "The Chinese police will deal with
hacking and other activities disturbing social order in accordance with law."
Even if it's not the Chinese military hacking these computers, it points out a
major flaw in U.S. cybersecurity efforts. Keep in mind this isn't someone's credit
card, this is top-secret military knowledge. This isn't a case of internal spies
or anything else. This is a major security problem and right now the U.S. is losing
this particular fight. While howitzers and stealth bombers are quite effective
at what they do, but if a potential enemy knows how they work and the tactics
for them, then they can nullify them.
Others have had similar luck getting into military computers too. Earlier in the
year, a gentleman from the UK who had gotten into the Dept. of Defense computer
networks rooting around for information on UFOs was being charged by the DOD for
cyber crime. He found all kinds of things in their on anti-gravity devices and
other things. The more significant thing he noticed happened to be all the people
in the computer network who weren't supposed to be. These people were from all
over the world. He said they lacked real password protection.
This point was reiterated in a new story this week on NPR as they do a series
on cybersecurity. One security specialist they interviewed said passwords were
simple to figure out. This problem is widespread too. When one combines the defense
contractors being hacked as well as the defense department being hacked, it doesn't
leave our defenses all that intact.
There are ways to improve it. Certainly hackers may make it in but we shouldn't
open the door for them. Tie in multiple passwords and biometrics to these systems.
At least give these hackers something to work for. If we don't then all the jets
and guns won't matter.
Discuss this at WebProWorld.
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
