10 ways to make sure your data doesn't walk out the door: UPDATED

By Debra Littlejohn Shinder

March 29, 2010

Unfortunately, the same security precautions that prevent DoS attacks, viruses and worms, and other high profile attacks may not be addressing a much more insidious problem: theft of company data for corporate espionage or other purposes. Yet the disclosure of your trade secrets to a competitor or the release of private company information to the media could, in some cases, result in a much greater loss than network downtime.

1: Practice the principle of least privilege and put policies in writing

Two opposing philosophies regarding network access policies:

1. All Open Policy, presumes that all data is available, unless explicitly restrict access.

2. Least Privilege Policy, operates on the assumption that all data is off-limits to a given user unless that user is explicitly given access to it. LPP is like the "need to know" policies of government intelligence agencies: Unless a user has a demonstrated need to have access to a particular file, that user can't access it.

Your policies should be specific and give examples of what's prohibited. Workers may not understand, unless you spell it out, that emailing a company document as an attachment to someone outside the network (or even to their own home account) is just as much a violation of policy as copying that document to a USB drive and physically taking it out the door.

2: Set restrictive permissions and audit access

CYBER ATTACK?!?

Stuxnet Virus Could Target Many Industries
The New York Times: 11/17/2010

WASHINGTON (AP) — A malicious computer attack that appears to target Iran's nuclear plants can be modified to wreak havoc on industrial control systems around the world, affecting the production of everything from chemicals to baby formula, government officials and cyberexperts warned Wednesday.

Experts told senators that attackers can use information made public about the so-called Stuxnet virus to develop variations targeting other industries, and that the worm's consequences go "beyond any threat we have seen."

Stuxnet
The New York Times: 9/30/2010

The Stuxnet worm is a fast-spreading malicious computer program that has turned up in industrial programs around the world. Its most striking aspect may not have been how sophisticated it was, but rather how sloppy its creators were in letting a specifically aimed attack scatter randomly around the globe. Iran said it had appeared in the computers of workers in its nuclear project.

Fighting the Evercookie

The next front in the cookie wars: Fighting the Evercookie

• Date: November 1st, 2010
• Author: Michael Kassner

Samy Kamkar: Evercookie is a Javascript API that allows storing cookie data in a number of different locations when a user visits a web page. Normal sites would typically just store data (such as a session identifier) in something like a cookie.

However, Evercookie not only uses the cookie, but a number of other locations such as Flash cookies, Silverlight isolated storage, and various locations of HTML5 storage. When a user deletes their standard cookies, the other locations remain and are able to rebuild the original cookie.

I built Evercookie as a proof of concept, wanting to show how web sites are able to track users even if they delete standard cookies and LSOs. Evercookie also sheds light on the fact that there are numerous methods for storing cookies locally. Finally, Evercookie acts as a litmus test for users who want to see if they’re protected from web sites that track like this.

NSA Chief Outlines Cybersecurity Plans

Gov 2.0 Summit: NSA Chief Outlines Cybersecurity Plans
By Elizabeth Montalbano, InformationWeek September 8, 2010 01:14 PM

Teamwork, global leadership and respect for privacy are necessary as feds work to secure critical infrastructure, the National Security Agency's Gen. Keith Alexander said.

Addressing challenges to the federal government's cybersecurity efforts, the head of the National Security Agency (NSA) said that teamwork, global leadership, and a respect for citizens' privacy are necessary to secure U.S. critical infrastructure against cyber attacks.

There are 250,000 probes trying to find their way into Department of Defense (DoD) networks every hour, and cyber attacks on federal agencies have increased 150% since 2008, Gen. Keith Alexander, NSA director and commander of the U.S. Cyber Command, said Tuesday at the Gov 2.0 Summit at the Grand Hyatt in Washington, produced by O'Reilly Media and UBM TechWeb.

MORE

IN THE NEWS

ManTech wins $100M contract for FBI cybersecurity services

Five-year award includes round-the-clock support

• By David Hubler
• Aug 16, 2010

ManTech International Corp. will provide cybersecurity services to the FBI under a five-year contract that could be worth as much as $99.5 million.

Under the contract from the FBI’s Security Division, ManTech will provide round-the-clock cybersecurity support, including intrusion-detection monitoring, security engineering, and incident identification and response.

The company also is obligated to provide vulnerability assessment and penetration testing, cyber threat analysis, and specialized cyber training services.

ManTech will use ISO 9001-compliant security processes and will introduce new security technologies to reduce the risks associated with cyber threats, the company said in its announcement today.

ManTech International, of Fairfax, Va., ranks No. 31 on Washington Technology’s 2010 Top 100 list of the largest federal contractors.

About the Author: David Hubler is the associate editor of Washington Technology.

White Papers

Ten Ways Hackers Breach Security

James Michael Steward, Global Knowledge Instructor

Introduction

Hacking, cracking, and cyber crimes are hot topics these days and will continue to be for the foreseeable future. However, there are steps you can take to reduce your organization's threat level. The first step is to understand what risks, threats, and vulnerabilities currently exist in your environment. The second step is to learn as much as possible about the problems so you can formulate a solid response. The third step is to intelligently deploy your selected countermeasures and safeguards to erect protections around your most mission-critical assets.

This white paper discusses ten common methods hackers use to breach your existing security.

1. Stealing Passwords

2.Trojan Horses

3. Exploiting Defaults

4. Man-in-the-Middle Attacks

5.Wireless Attacks

6. Doing their Homework

7. Monitoring Vulnerability Research

8. Being Patient and Persistent

9. Confidence Games

10. Already Being on the Inside

DETAILED LIST

New BotNet Comm Vectors

Botnet: The Six Laws And Immerging Command & Control Vectors
Richard C. Batka
New BotNet communication vectors are emerging. The industry is not prepared. For the next 20 years, BotNets will be what viruses were for the last 20.