My Road to Digital Forensics Excellence

Archive for January, 2009

e-Threats for 2009

Posted by Paul Bobby on January 26, 2009

Four Threats For ’09 That You’ve Probably Never Heard Of (Or Thought About) – DarkReading

What could keep you up at night in the new year may not be what you expect — a look at some of the lesser-known threats predicted for 2009

My comments on the four threats.

The Internet e-Bomb
The possibility that attackers take the Internet offline, or even a portion offline, is not new. This particular threat has happened already to some extent, from Yahoo being DOS’d to severed undersea cables (have they all been accidents?). Based on the current attack methodology, the hackers need the Internet to remain solid, available and online just as much as we do. It is unlikely that they will destroy the very network that at this point remains so profitable to them.

Radical Extremist Hackers
Call them script-kiddies if you want. Until they do something drastic, it currently boils down to one annoying defacement after another. And if there’s no publicity associated with it – the ‘shock’ and ‘horror’ associated with terrorist acts diminishes. Unlike an 8yr old exploding with a bomb strapper to his chest, defacing a web page with the words ‘Jews suck’ hardly has the same impact.

So the compromise leads to financial gain, to support the terrorist movement – heck this is old news too. The PLA has been sponsoring this activity for years.

Attacks on Online Revenue (Ads)
We will see an increase in this for 2009 certainly – but the phenomenon is not new. The cynic in me believes that the biggest customer of ad-revenue hacking are the owners of the large ad-supported websites themselves. In this age of ad-blockers, and very little clickthrough activity, who has the most to gain from frauding the online ad-providers?

Human Casualities
Worms, hacks and other compromises are not deliberately engineered to result in the loss of life. But if your health and well-being is tied directly to the security of a hospital computer network, then shame on that institution. I’m all for modernizing hospital records and processes – but design it right please.

Okay okay, so it’s easy to criticize anothers work. What do I expect for 2009? Well unfortunately I am not creative enough to come up with 4 new things, not even 1 new thing. I believe in my Corporate Investigative role, I will see an increase in the number of employee related investigations involving fraudulent claims of time-and-attendance as well as side-businesses and other conflicts of interest.


Posted in State of Affairs | Leave a Comment »

Where are the biometrics?

Posted by Paul Bobby on January 26, 2009

Heartland Struggles To Measure Extent Of Massive Security Breach – Data breaches/Attacks – DarkReading

In what some experts are calling the largest security breach ever, Heartland Payment Systems yesterday disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants.

Couple of observations as I read this article. The market must be saturated with stolen credentials by now. This article gives the impression that the sheer size of the problem involves 100+ million unique CC combinations – what’s the likelihood that one of my X number of credit cards is in that batch? I have yet to see a problem. But why wait until I have one?

Second, where are the biometrics? So I control my credit cards religiously – little point if the attacker is able to compromise the clearing house. Security should remain at the point of sale – I need to prove my identity and clearing houses should not accept CC transactions unless accompanied with positive biometric confirmation. The devil is in the details – it’s a cryptographic problem that has been solved on paper countless number of times, why I we waiting to implement?

Posted in State of Affairs | Leave a Comment »