The Top 15 Countries for Safe Data Storage

October 15, 2016 by Mengxue Ni 1 Comment

The top 15 safest nations are:

Switzerland (Data risk score – 1.6 percent)
Singapore (1.9)
Iceland (2.3)
Luxembourg (2.6)
Hong Kong (3.6)
Taiwan (3.9)
Austria (5.2)
New Zealand (5.2)
Portugal (6.9)
Denmark (7.6)
Finland (7.6)
Lithuania (7.6)
Norway (7.9)
Sweden (7.9)
South Korea (8.3)

The benchmark identified Switzerland as the least risky nation for data storage with the lowest “potential risk score” of 1.6 percent. There is a risk map (https://www.artmotion.eu/risk-map/) which includs170 countries and shows Switzerland is the safest nation and Somalia is the least safe nation. CEO of Artmotion said: “More than ever, it is important for businesses and individuals to understand the impact that location can have on the privacy and security of their data. In the age of cloud computing, it’s easy to forget that every piece of information stored still requires a physical home, and that the geographic location of that home can have a serious impact on data privacy.”

link: http://www.securitymagazine.com/articles/87494-the-top-15-countries-for-safe-data-storage

Serious security: Three changes that could turn the tide on hackers

October 15, 2016 by Mauchel Barthelemy 3 Comments

Steve Ranger, a member of ZDNet’s global editorial board, writes “Serious security: Three changes that could turn the tide on hackers” in an effort to echo the urgency of initial steps that must be taken to combat the rapidly increase of hacking. One of the shocking things that I learn reading this article is that $75 billion was spent on tech security last year; however, that didn’t prevent many people and organizations to overlook cyber security. For example, Steve state that,” It’s become so bad that it’s already generated a mirthless cliché — that there are only two types of companies: the ones that have been hacked and the ones that don’t yet know they’ve been hacked.”

Especially nowadays, cyber security should not be considered as an afterthought by anyone and Steve offers three suggestions as starting points:

The general public or consumers should start taking I.T. security more seriously in order for companies to do the same.
Organizations should design security as a fundamental part of the services for clients rather than a nice-to-have addition.
It is definitely time for strong encryption to be the standard as opposed to an exception.

You may read the full article via the link below.

http://www.zdnet.com/article/serious-security-three-changes-that-could-turn-the-tide-on-hackers/

IAEA chief: Nuclear power plant was disrupted by cyber attack

October 15, 2016 by Jason A Lindsley 1 Comment

News of another cyber attack on a nuclear power plant surfaced this week, as explained by Yukiya Amano, the director of the International Atomic Energy Agency’s (IAEA). Amano explained that the attack happened three years ago and was disruptive, however it was not serious because it did not shut down operations. The article discusses how serious this risk is and the need to take more precautionary measures to improve security in industrial systems.

I used to perform IT Audits of a utilities company, including their antiquated SCADA systems. Securing these systems is very complex and challenging. They are built to be available and have a very specific purpose to manage the energy grid. This often makes patching and currency a major issue and introduces vulnerabilities within the environment that are ripe for exploitation, as we see in this article.

I agree with the director that we need to improve security to our critical infrastructure. Hopefully, the industry heeds these early warning signs and begins to take significant action to improve security before it’s too late.

http://mobile.reuters.com/article/idUSKCN12A1OC

Introduction to Kali Linux and Other Lynda.com Courses

October 15, 2016 by Jason A Lindsley Leave a Comment

Hi everyone,

I found a few helpful courses on Lynda.com if you wanted to get more training on some of the tools we are using and I wanted to share:

Introduction to Kali Linux – https://www.lynda.com/Linux-tutorials/Introduction-Kali-Linux/455715-2.html?org=temple.edu

Practical Cybersecurity (covers Nessus, Wireshark, nmap, and ncat) – https://www.lynda.com/N-Stalker-tutorials/Practical-Cybersecurity/164982-2.html?org=temple.edu

Troubleshooting Your Network with Wireshark – https://www.lynda.com/Wireshark-tutorials/Troubleshooting-Your-Network-Wireshark/366447-2.html?org=temple.edu

Has anyone else found any helpful Lynda.com courses or additional training resources for the tools we’re using?

Week 7 Presentation

October 12, 2016 by Wade Mackey Leave a Comment

Will be teaching remotely from a hotel room in Washington DC. So thought it prudent to post ahead of time.

intro-to-ethical-hacking-week-7

Researchers Demonstrated How NSA Broke Trillions of Encrypted Connections

October 12, 2016 by Scott Radaszkiewicz 3 Comments

Article Link: Click Here

This article explains how researchers from the University of Pennsylvania, INRIA, CNRS and Universite de Lorraine have proven how the NSA broke the Diffie-Hellman key exchange algorithm.

The algorithm uses keys generated with large prime numbers, that is theorized that it would take hundreds or thousands of years to decrypt with today’s technology. According this article states that it took the researchers only two months, and 3,000 CPU’s to break a 1,024-bit key.

This was accomplished by “backdooring” the prime numbers used to compute the algorithm by randomly selecting very large primes from a pre-defined set which made it 10,000 times easier to solve the problem.

This article is very interesting. Most encryption is based on algorithms. While many are deemed to be secure, there are hundreds, or thousands, if not millions of people out there looking for ways to break the code. New discoveries are being made in mathematics that could possibly render some algorithms useless. the encryption is man made, and whatever can be engineered by man, can one day be un-engineered.

“Businesses Sacrifice Security to Get Apps Released Faster”

October 12, 2016 by Mengqi He 2 Comments

Recently, many organizations that struggled to deliver strong protection under the pressure of the app economy, decided to compromise on security to get apps released faster. This would be a great risk to both companies and their customers or app users. Since the app economy is bringing new cyber security challenges, companies should increase the complexity of their security practice to better protect customer’s information against attacks, instead of cutting corners. Customers also expect rapid and secure experiences. If they think that app is not secure, they would switch to an alternative app immediately. One way the article mentioned to respond to the new challenges of app economy is identity-centric security. The identity-centric approach uses behavioral analytics and predictive strategies to verify identities and mange identity-related activities without sacrificing the customer experience. In addition, the security team must work together with app development team in every phase of the development process to ensure security is integrated into the app.

Security is usually the greatest concern on e-commerce and e-banking. Even though the company is under intense pressure due to fierce competition in the market and the rising demand of customers. It is obviously not a wise decision to compromise on security for faster release. This compromise will cause serious risks to the company. The app will be vulnerable to hacking or malicious attacks, and hackers may steal customers’ information or credentials for financial purpose or illegal use. Therefore, the company may involve into litigations. Their reputation may be damaged and customers will switch to other apps since there are so many similar apps available in the market. The risk of loss outweighs the benefit of faster release.

Link: http://www.darkreading.com/application-security/businesses-sacrifice-security-to-get-apps-released-faster/d/d-id/1327151

Update on Mirai (Krebs DDOS)

October 11, 2016 by Jason A Lindsley 2 Comments

Last week, Noah posted about an here about a DDoS attack that was triggered by a botnet that compromised enough Internet of Things devices to generate 600 Gigabits per second of bogus internet traffic.

Fast forward one week and the code for this DDoS is now publicly available, has a catchy name (Mirai), and has compromised devices in as many as 177 countries. It is very simple code that targets insecure routers and devices with simple default passwords.

I was at a Cybersecurity panel discussion last week and one of the presenters said that he discovered that one of his zwave devices was recently compromised and was hogging all of the bandwidth on his network. It made me think of this story and start to wonder about my own network. So far things seem normal on my network, but has anyone else experienced any of the Mirai symptoms?

http://motherboard.vice.com/read/internet-of-things-mirai-malware-reached-almost-all-countries-on-earth

IAEA chief: Nuclear power plant was disrupted by cyber attack

October 11, 2016 by Vaibhav Shukla 5 Comments

There are three publicly known attacks against nuclear plants:

Monju NPP (Japan 2014)
Korea Hydro and Nuclear Power plant (S.Korea 2014)
Gundremmingen NPP (Germany 2016).

According to the head of the United Nations nuclear watchdog, the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three years ago.Fortunately, the damages caused by the cyber attack on the German nuclear plant did not force the operators to shut down its processes but urged the adoption of additional precautionary measures

http://www.telegraph.co.uk/news/2016/04/27/cyber-attackers-hack-german-nuclear-plant/

Crypto flaw was so glaring it may be intentional eavesdropping backdoor

October 11, 2016 by Anthony Clayton Fecondo 1 Comment

Socat, a more feature-rich version of netcat has a serious security flaw. The program uses the Diffie-Hellman method to establish a key, but it uses a non-prime parameter when it should use a prime. This flaw coupled with the relatively short nature of socat cryptography keys makes the encryption suspiciously easy to crack. There are theories that the non-prime was deliberately built in as a backdoor. The primary suspect is a guy named Zhigang Wang. The article also mentions a backdoor in NetScreen Firewalls that allowed the coders who made the program to be able to access data encrypted by VPN.

Both of these stories drive home the ‘nothing is ever really secure’ argument. Also, the idea of back doors is something to consider. If the programmers who make your privacy applications have nefarious intentions, your data is not safe. However, the flaw being identified so quickly drives home a point that we were learning about in 5209 which was that open source is better than proprietary programs when it comes to encryption because weaknesses are often found more quickly due to the variety of eyes scrutinizing the code.

Read the article here