Mainstream may be a little bit over reaching. Until CBC spends some time down at DEFCON meeting (and drinking) with the people they are attempting to describe, I'm not sure if a label of "Mainstream" by them is credible. The group Anonymous and the philosophy of Hactivism are two totally different things. If I were the CBC, I would be careful on labelling the group Anonymous as a Hactivist group.... Anonymous, The PoisionCrew, LuzSec and others are unpredictable in behaviour and still of unknown capability, let's pray the CBC's web servers are well protected. Attempting to assert that Hactivism is affiliated with Hacking Crews is the equivalent of sticking your penis into a hornets nest. The hornets may decide that they don't like labels, or the assertion that they are now "mainstream". To suggest that all Hactivist activities are somehow related to Anonymous (like this article does) is a misreading of the current Hactivist activities going on. These activites include items such as global hunger, open media, the green movment, human rights etc. Many hactivist groups leverage the Internet, Social networking and online petitions - they don't destory servers and dump thousands of records into Pastebin. Do some research CBC, so you don't look like morons and find out just how angry the hornets can be. Apologies to Stephen Colbert

http://www.cbc.ca/news/technology/story/2012/02/06/hacktivism-.html?cmp=rss

The second annual Cost of Cyber Crime study from a private research organization reported that the median cost of a cyber attack is US $5.9 million. That figure includes regulatory fines, lawsuit costs, brand damage, and repair, recovery, and protection for hardware and software. Although insurance companies are starting to offer more policies that cover such attacks, the premiums are extremely high. I would also like to add, the inconvenience to your customers and the obligatory training you will need to roll out to your staff post-breach, will result in substantially higher costs.

Many executives believe, erroneously, that cyber attacks on their organizations are covered by standard corporate insurance and general liability policies. Even if they have cyber policies, they may not cover all costs associated with a breach. Organizations need to be clear about what coverage they need. Input from those responsible for running organizations' information security systems and others in the IT department can be helpful when deciding on types of policies and scope of coverage. This is the critical issue with these policies, as business continuity and disaster recovery planning are still required for the organization, having a policy does not mean you don't have to plan for a disaster, or outage.

"The cyber insurance policies are expensive, cover a shockingly small part of the damage associated with most cyber attacks, and as soon as the insurance companies have to pay damages under one of them, those premiums will go up substantially. Despite those weaknesses, it may make sense to force - through contract language or regulation - cyber insurance to be acquired by organizations handling sensitive data. Insurance can force changes in cyber security that few other forces can enable.” said Alan Paller, Director of Research at the SANS Institute.

Read the fine print in the contracts and understand the role of Insurance in your business risk management strategy. Insurance is not an excuse to neglect, or skimp on robust IT and physical security, it is an attempt to provide some funds to endure an absolutely devastating event in your business history. Many people have the misguided idea that a payment from an Insurance company is like winning the lottery. If you ask a close friend of mine, who works as an adjuster for out provincial car insurance corporation, she says "The sense of entitlement that people have when making a claim is unbelievable!”

Most Insurance companies will reduce or reject coverage for criminal, willfully negligent, or reckless behavior. Just because you have the best cyber-breach insurance policy, does not mean you can open every port on your firewall, or not patch and update servers and workstations.

Having a cyber breach insurance policy may be a good idea, especially if you have been diligently executing IT and physical security bet practices. The insurance policy is really designed to deal with the unforeseen, such as a zero day attack, where the mitigation of the breach could not have been reasonably prevented. When making a claim on a cyber breach insurance policy your IT security and staff will have to do two investigations. One investigation to find out what happened and the second, to potentially prove to the insurance company that there was nothing you could have reasonably done to prevent the breach.


http://www.computerworld.com.au/article/413142/do_need_cyberumbrella_/

Three weeks ago, I presented a business analysis document for a client who is considering moving all business operations to an Internet cloud.  I advised against it. This was before the megaupload.com seizure.  In the case of this business, moving to cloud servers  would greatly reduce the hardware costs associated with owning and maintaining physical servers, in essence, the costs are shifted to monthly costs, rather than one-time costs.  The chief advantage of a primary business using cloud architecture, is business processing and operations could be conducted from any location with suitable Internet access.  

At the time, I thought the primary disadvantage of basing all business functions in an Internet based cloud, for non-disaster recovery purposes, is connectivity.  Load balanced Internet access, provided by multiple vendors is recommended at the primary business site. Any interruption or significant congestion of the Internet connection would result in immediate downtime, or slowdown of hosted services.

With the seizure of megaupload.com, I believe the idea of moving to cloud services as primary business infrastructure has to be re-evaluated.  Connectivity is one issue and generally is resolved by the ISP(s) fairly quickly. Domain seizure by the US Government along with the physical servers, will result in an outage lasting weeks if not months. 

When you consider the cloud as primary business infrastructure, you may be saving upfront money, but you still bear the responsibility to be able to conduct business.  Blaming the cloud for your inability to conduct business is not an option.  With cloud service, you have no idea who your neighbours are and your eggs are in the same basket as many other business.  If one business, or user attracts the attention of the US Government, or powerful lobbyists that influence US Government activities, you have risk of losing access to your data for, potentially, a really long time.

The idea that a non-US based cloud service is somehow immune to the reach of the US Government, is an argument which is short-sighted.  As were about to find out with the megaupload.com trial, the US Government does not care about where your business lives.  They care if you do business in the United States.  The US Government believes that if you do business in the United States, you are subject to their laws, and they will enforce them, no matter where you are physically based.

Today, this megaupload.com case appears to be about the legality of file sharing media files. As law enforcement gains a better understanding of the cloud, and what may be hosted on cloud servers, I expect to see more seizures of hosting servers which contain content such as Child Exploitation, or Extremist Islamist  material.  In the cloud, your data does not know your neighbours data and that may put you at risk of a very long outage.

http://www.eweek.com/c/a/Security/FBI-Megupload-Shutdown-Cuts-Users-Off-From-Personl-Files-Business-Data-234883/?kc=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+RSS%2Feweeksecurity+%28eWEEK+Security%29&utm_content=Google+International

Akamai’s Real-time Web Monitoring site is still reporting a 24% above normal, on IP based Attack Traffic worldwide, as the fallout from SOPA/PIPA and the US Government seizure and shutdown of megaupload.com continues to enrage the Anonymous hacktivists.  As much as a sustained attack on the networking infrastructure of the FBI, Department of Justice and Motion Picture Association among others, is exciting for the mainstream media. This latest spat of large Distributed Denial of Service (DDOS) is just going to land some kids in jail. This display of stupidity on the part of Anonymous and sympathisers, also moves the US legislative agenda forward which seeks to put Al-Qaeda terrorists next to Hackers as threats to the national security and economic interest of the US.  Under the US PATRIOT and DMCA act, things were extremely challenging for independent security researches, the legislative agenda that will result from this internet vandalism will  exacerbate the challenges.  This full on cyber attack by anonymous is a harbinger of things to come.  Had these attacks been directed at critical, Supervisory Control and Data Acquisition Systems (SCADA) based infrastructure, life in the US and Europe would have been severely disrupted.  This latest “State of the SCADA” article (below) indicates to me, the nature, escalation and massive inconvenience the world may face in the months ahead.

 http://threatpost.com/en_us/blogs/researchers-lay-bare-woeful-scada-security-worrying-government-and-industry-012012 

_ I think were going to be hearing a lot about this over the next couple of days, maybe even weeks.  To coin the phrase from Hackers “Zero Cool? Crashed fifteen hundred and seven computers in one day? Biggest crash in history, front page New York Times August 10th, 1988”.  I expect Anonymous will crash a few more systems before the backlash from SOPA/PIPA calms down.  I would like  to see the answer to the US Governments Threat Risk Assessment of the public backlash from SOPA/PIPA that asked - “Umm, do you think the fall out of SOPA/PIPA may enrage the Hacktivist community? and if so, How do you think they will respond?” Popular culture has the words to describe a planning failure like this - “He is as clumsy as he is stupid. General, prepare your troops for a surface attack.” – Lord Vader.  Maybe the Myans were right, the world as we know it may end in Cyberspace over the months ahead.

 

http://arstechnica.com/tech-policy/news/2012/01/anonymous-strikes-back-against-justice-universal-sopa-supportersattack-on-whitehousegov-underway.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

From a military Force Protection perspective this is as bad as it gets.  If you’re military is about to start hostilities with a middle-eastern country the absolute last thing you want to worry about is the security of your (secure) communications.  This piece of Malware is “new and interesting”.  Those are words crusty old generals do not want to hear from their Cyber-threat Analysts, nor are they excited to hear that it has been in systems since March of 2011. Now where did I put my SMART Card?

http://www.computerworld.com/s/article/9223423/Sykipot_Trojan_hijacks_DoD_smart_cards?taxonomyId=17

In my presentations and private consultations I spend a lot of time talking about the cost of a data breach and how those numbers can help IT staff move security training and security solutions forward.  All too often, managers with great ideas have problems quantifying the return on investment (ROI) from security training, or the adoption of a security solution.  The 2010 numbers are in from this report (link below) and it works out to $214.00 per record.  That’s right, $ 214.00 PER RECORD.  So, let’s put that in perspective - a laptop which goes missing from your organization with 5000 customer records will potentially cost your business $ 1,070,000 in direct and indirect costs. The cost of a monthly Lunch and Learn session focusing on best practices in IT Security ranges from 500 to 1000 per month, you can do the math and here is the report to help you move your 2012 IT Security plans forward.

http://www.symantec.com/content/en/us/about/media/pdfs/symantec_ponemon_data_breach_costs_report.pdf?om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2011Mar_worldwide_costofdatabreach

Cyber attackers have hit the websites of the Israeli stock exchange, El Al airlines, and several banks. The activity began last week with the posting of stolen Israeli credit card details. An Israeli hacker then
retaliated by posting personal information hundreds of Saudis, Egyptians, and Syrians online. The most recent spate of attacks did not interrupt trading or scheduled flights.

http://www.msnbc.msn.com/id/46012902/ns/technology_and_science-security/