Jonathan Duani

Interesting article. I do agree that this is a bit scary to read. It would have been nice though if Kevin Mandia, FireEye CEO, provided more detail to support his statement. We can all make assumptions on his reasoning behind his comment, but it would have been more beneficial to understand why he believed the U.S. would lose against Russia in a cyber-war.

This is definitely scary Jonathan for sure. Russia and America anyhow do not have good ties and political standpoint is weak. With the recent Trump election issues, Russia has taken protective stand against cyber-attacks of any kind. However the need of the hour is to have bilateral talks on security of the data on the internet and the limits on breach. Only this can be an approach to a peaceful approach to having a stronger cyber security on both the sides.

This was pretty cool- I dug a little deeper [link below] and it looks like they were getting the credit card data by scraping the memory of other processes. If I were writing this Malware, I’d just use a keylogger, since most Magstripe readers are just treated as keyboards by the machines they’re attached to.
https://blogs.forcepoint.com/security-labs/udpos-exfiltrating-credit-card-data-dns

Jonathan,
I do agree with you, anything happens to american banks will reflect automatically the country economy. That’s the reason why the government gets involved on regulate this domain. All american banks have to follow those regulations to be protected from any cyber attacks that can happen.
Thank you for such a great article.

Jonathan,

I don’t believe that only experts have to be aware of IT security. Everyone has to be cautious about it and does the best to secure their small devices such as Phones or Laptops. We recently live in a world where IT is part of of every single detail of it. Starting from doorbell to thermostat to our cars that became very smart lately.

Jonathan,
I think this is referring back to the cyber security attacks during the US Presidential elections. This is quite a shocking story and it’s still unsure how Russian cyber security software was able to penetrate network systems into the world’s most advanced networks.

Think about this, if you are bad guy, all you need to concentrate is well learn your target. How about organization. What they are dealing with is way more than security. My assumption is bad guy is always smarter than us. But they are human too. They got limit energy and time. By leveraging existing resource, like training their own people and utilizing existing technology is more cost effective. Besides, security awareness works well in defending many attack. Complicate attack is launched by pros. It can only be deafened by well-trained pros.
Only the best can survive.

Wait for the quantum computer…

Jonathan – Your article is an eye opener to the true definition of Ethical Hacking itself. It would be surprising to see such legislation practiced that allows people to hack a person who is hacking into you. I think that is not a bad idea after all because as long as people have the right tools and techniques that prevent them from such external attacks, it is good. However, there is a paradox too. The learning of such skills should not pave the way for more hacking as people now have the desired knowledge to protect or hack into systems.

I agree with the author that ‘hacking back’ is a terrible idea and should not be legal. There is no way to draw a clean line on what is ‘hacking back’ and was is just plain hacking. The writers of the bill couldn’t even do it, evidenced in the contradictory wording about when ‘hacking back’ is allowed. If you figure out that someone has hacked you and you ‘hack back’ to get your data back, how far is too far? Can you take the whole database where your data is held even if some of it isn’t your data? They’d basically be opening the floodgates for just hack whoever they want and then pretend the other side started it, essentially making the laws that make hacking illegal moot.

Jonathan,
Very interesting topic reminds us again with the fact that we became living with so much technology that put as under risk of losing our belongs. On the top of securing our homes that contain nowadays all these devices we call them smart and connected to the internet, now we have to worry about our cars just because they are full of computers and software what don’t get patched by the companies. In my opinion, these companies need to think about inversting on securing these computer technologies before they implement them in cars. However,it become necessary that they work on developing new updates all the time.