Seems to be a busy summer so far. Barely finished up with WannaCry and now we are dealing with Petya. Here are some useful links
About Petya:
I have followed with great interest the ...
Continue Reading →I was a guest on Sarah Westall’s web radio program, Business Game Changers. The YouTube video is below. It’s 53 minutes, so get a beverage, sit back and enjoy.
Continue Reading →
I read an interesting article in the New York Times earlier this month, about how the United States is using cyber-warfare tactics against North Korea to slow the development of an inter-continental ballistic missile that can reach the United States. The effective range maps were startling. (see below)
It seems that Trump has inherited a cyber war program from the Obama administration that was started 3 years ago and targeted the North Korean missile development program. Since that time, there ...
Continue Reading →
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
SHA-1 or Secure Hashing Algorithm 1 was developed in 1993 by the National Security Agency (NSA). It has been used to provide both hashing functions and digital signatures that validate that a certain document, web site, or other resource is genuine, original, and unchanged.
SHA-1 is used in common services such as SSL (secure websites) and TLS (secure email). There has been discussion about the low security of SHA-1 going back to ...
Continue Reading →
We were interviewed again by Sarah Westall on her web radio show Business Game Changers. Our discussion wove together different threads I have been following about cyber warfare and our lack of national preparedness. Since reading Ted Koppel’s book Lights Out and watching the documentary Zero Days, this has become a bigger issue for me, and maybe it should be for ...
We have written about Stuxnet a couple of times. (Here and here) My fascination with this incredible piece of malware writing is that it represents the first documented case of cyber war between nation-states. As we now know, Iran, specifically the nuclear facility at Natanz, was attacked by the United States, and our ally Israel. I recently watched a ...
This is not a new story, and I decided not to write about it when this “sale” of pilfered NSA hacking tools was offered last August by a group identified as the Shadow Brokers. But this story has taken an amusing turn, so I have included it in a Tuesday post.
The stolen trove of NSA goodies was originally offered as a ...
Continue Reading →
Back on Sept 18 we criticized presidential candidate Jeb Bush, FBI Director James Comey, and other politicians for complaining that encryption was making it too hard to fight the “evil doers” and suggesting that some sort of “master key” or “backdoor” was needed by law enforcement and intelligence services to do their jobs. We of course disagreed.
Around the same time ...
Continue Reading →On Monday we looked at the origins of TOR, and on Wednesday we looked at how TOR works. Today we tackle some of the vulnerabilities that have been discovered about TOR.
So just how did the FBI beat the anonymity of TOR? The story is a complicated one, and has not been fully revealed by the FBI. Although in the ...
Continue Reading →