This Article Has Been Has Been Re-Hashed Re-Hashed

Tuesday, June 14, 2011

J. Oquendo

850c7a8a30fa40cf01a9db756b49155a

Imagine for a moment you purchased an automobile from a dealer. Imagine discovering a huge security risk applicable to that car.

As a consumer, you would obviously bring the car back to the dealer as news makes its round that "Automobile manufacturer X has issued a security recall."

Imagine discovering that by bringing in your car, the dealer gives you the same make and model with the same security risk. What would you do?

This is just what RSA seems to have done [1] after the RSA breach debacle.

Lockheed Martin [2], Northrop Grumman [3], L3 Communications [4], and perhaps the International Monetary Fund [5] can rest assured that they will be given newly compromisable RSA key fobs shortly.

All the while, attackers will continue these "advanced persistent threats" otherwise known as "recurringly easy ownage."

For anyone who cares to create a timeline of the RSA attack, the initial attack was "nothing new" and nothing "advanced."

"Targeted" phishing - aka "spearfishing" attacks have been noticed since 9/11 [6] and no one seems to have gotten their act together to defend against this attack. The attack itself is almost always defendable against and I have stated this over and over again: Extrusion Prevention.

So when will some of these companies spend a couple of dollars in "security awareness training" and properly applying appropriate defenses to combat against spearphishing - honestly it's not that difficult and if your security manager tells you it is, maybe you should make his corporate homepage www.Dice.com while you seek his replacement.

Normally, I could make this into a "mini" book like post but nowadays I just scratch my head at all the news. Seems to be re-hashed news: Company gets compromised, the attackers were advanced... Spearphishing... China.

Whereas I ask myself: "You want to replace my broken car with another broken car?" Who would be the idiot here, me for accepting another broken car or the dealer for offering me one.

The dealer's role is to avoid losing customers, he'll tell me the sky is whatever color he thinks I like.

Can't blame him for making money however, I can blame myself for accepting sub-par products. Should I choose to stick with the car, I have options, learn to drive it with the risk associated with the car, or use the car and continuously complain: "Damn vendor is going to kill me..."

The title? Wasn't a typo by the way. Merely my take on security news.

[1] http://www.crn.com/news/security/230500086/partners-skeptical-of-rsa-plan-to-replace-secureid-tokens.htm;jsessionid=yZFPlImILQkfMWOFboxgZQ**.ecappj02
[2] http://online.wsj.com/article/SB10001424052702303654804576350083016866022.html?mod=googlenews_wsj
[3] http://www.eweek.com/c/a/Security/Northrop-Grumman-L3-Communications-Hacked-via-Cloned-RSA-SecurID-Tokens-841662/
[4] http://blogs.ft.com/fttechhub/2011/06/defence-group-l-3-targeted-in-hack-attack/
[5] http://blogs.computerworld.com/18451/imf_data_leak_chief_suspect_china_world_bank_runs?af
[6] https://financialcryptography.com/images/gp9.png

Possibly Related Articles:
9339
Phishing
Information Security
RSA China Advanced Persistent Threats spear-phishing SecurID International Monetary Fund Extrusion Prevention
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.