Flame

The Flame worm that has targeted computers in the Middle East is being called "the most sophisticated cyberweapon yet unleashed" by Kaspersky Lab researchers who discovered it The virus reportedly captures sensitive information through a variety of means — “sniffing” data sent across the Internet and internal networks, recording keystrokes, capturing screenshots while applications like messaging programs are running, even turning on a computer’s built-in microphone and recording audio of conversations, according to three cyber labs that detected it.

Computer Security Day - 2012

 Computer Security Day is an annual event that is observed worldwide. This event is observed to increase the security awareness and the need for best practices to be adopted with computer operations.  It is evident that the exponential increase in computing gadgets miss out on the aspects of the need for security. Security is an important consideration when working with computers, the Internet or indeed any electronic devices. The focus of security day is to create awareness on the aspects of security and information management.

Sality

Sality is a file-infecting virus that has been around for more than nine years. Sality has been ranked by Symantec as the number one malicious code family in 2010 by number of endpoint detections. It was apparently named after the Russian town of “Salavat City”, although the command and control servers are thought to be in the US, UK, and the Netherlands. It has been used to push spam, steal passwords, crack SIP accounts, and various other nasty things. 

Zeus botnet - Operation b71

Zeus, often referred as Zbot is one of the popular crimeware  botnet typically engaged in data theft.  The term Zeus is used to refer to an entire family of trojans and their respective bot nets. It was reported by 2007. Zeus botnets are fundamentally simple computer networks otherwise called as a group of interconnected computers,  built by a group of interested parties with a criminal motive,  using the Zeus infection crimeware toolkits. The Microsoft blog claims that it has detected more than 13 million suspected infections of this malware worldwide, with more than 3 million in the United States alone.

For a better understanding, Zeus is a toolkit pack which aids a the user with a tool set required to build and administer a botnet. These tools are designed with a focus of stealing banking information. However they can also be used used for other types of data or identity theft.  The toolkit is a marketable product of commercial value, which is sold to potential customers. They are also distributed freely. Like most botnet families, standards framework, Win32/Zbot is built on the client-server model and requires a command and control (C&C) server to which the bots connect to receive instructions from the botnet operator.

Digital Cyber Forensics: Conference related info

The Internet has made it easier to perpetrate crimes by providing criminals an avenue for launching attacks with relative anonymity. It is evident that  illegal activities are more often buried into large volumes of data which calls for extensive analysis in order to detect crimes and collect evidence. Most of the time the investigations are of cross-border in nature, requiring coordinated policing  efforts in heterogeneous jurisdictions.

Security: Know your APT

Advanced Persistent Threats (APTs) has been estimated to grow faster than other technologies. APT is a a part of the classified category of cyber crime directed at  business at large and / or political targets. They are built with a high degree of stealithiness over a prolonged duration of operation in order to be successful. APTs are built with a fixed goal of remaining invisible as long as possible. As such, tahe APT operators tend to focus on “low volume” attacks and over time they would have covered a large area,  stealthily crawling from one host to the next as it is being compromised., and ensuring to avoid generating regular or predictable network traffic. Damballa predicts that the volume of persistent attacks directed at large corporations will continue to increase and the victims will continue to feel as though they have been specifically targeted in the year 2012. McaFee is clear in commenting that the solutions in silos don’t enrich each other with relevant data and introduce greater complexity to analysis and remediation, giving the advantage to the perpetrators of the APT. 

Security: Know your DNS

The Domain Name System (DNS), has been defined by RFCs 1034 and 1035. It is a  hierarchical, and distributed database used for providing a service to resolve names for various Internet applications. A zone as understood by everybody is a collection of nodes, forming a contiguous tree structure, with  the start of authority, or SOA. The purpose of SOA is to delegate the naming authority downward, to delegation points, terminating with leaf nodes. The elements of the SOA are made available from the DNS authority servers to recursive DNS servers.

Cyber Operations - Ghost Click

The largest internet cyber sting operation taken by FBI was named as Ghost click. Since 2007, a group of cyber group had deployed a special class of malware called DNSChanger. It is understood that the FBI had arrested six Estonians accused of running a botnet that controlled more than 4 million computers in 100 countries equating  the infections to approximately 4 million computers. It is estimated that there were more than 500,000 infections in the U.S. alone, in a composition of computers belonging to individuals, businesses, and government agencies such as NASA.

Digital Warfare - Use of struxnet is a test run or failed mission? Speculations are ON?

The birth of struxnet has opened up an New era of  discussions in the security community. Since its discovery earlier this year, the sophisticated Stuxnet worm has infected at least 15 industrial plants in a variety of countries. Security experts have universally accepted that the the worm had the ability to target a  specific computer and inflict damage to controls equipment at industrial facilities.

Digital Warfare - Duqu: Struxnet family of BOTS

Stuxnet, the first military-grade cyberweapon known to the world.  Stuxnet was believed to have been released in late 2009 and millions of computers were infected as the worm though there are other references which claim that it was release as early as 2007. Stuxnet was designed to cripple control systems. The list of modules built as a part of Struxnet provide different kinds of permutations and combinations to reassemble the code with variations. One such example was the birth of Duqu.
Duqu, acts as a Trojan, stealing data, potentially acting in the planning stages of an attack. It can be said that DuQu was used as an intelligence gathering tool, possibly  aiming to prepare the ground for future attacks.  According to Alex Gostev, the main module consists of three components:

• a driver that injects a DLL into system processes;
• a DLL that has an additional module and works with the C&C; and
• a configuration file.

Digital Warfare & Struxnet - Where are we in security?

Enisa has come up with a statement that Stuxnet is a specialized malware targeting SCADA systems running Siemens SIMATIC® WinCC or SIMATIC® Siemens STEP 7 software for process visualization and system control.  The software consists of a series of software block, which are combined into a project.Some of the blocks include Function blocks, Operational blocks, and Data blocks. These software system command the components that control speed in gas-enrichment centrifuges, used for separating radioactive isotopes by spinning at supersonic speeds.

Cyber threat Stuxnet & Big data analysis

Cyber threat to national economy is an emerging menace. Countries world wide have started realizing this and have taken their stand. What was once a war on the land is getting shadowed as history.  The new sophisticated warfare has opted for cyber weapons as their gadgets. For example the same blog has mentioned about Federal Trojan and its capabilities. The Trojan was used to intercept skype transactions and other such online transactions. 

BigData & Digital footprint

Big-data is painting the data canvas with novel techniques and methods to handle new forms of business built on predictive intelligence. Going by the statement”Nothing is free in this world” organizations provide certain e-services to capitalize on the fact that  if a customer is not paying for service, then he is the product who can be used to leverage the existing business. Customers at large including free users have chiseled their digital footprints which were hitherto ignored. Thanks to the emergence of big data; the values of such digital footprints have been recognized. Going by the law of survival, when left in wild, there is a need to establish and track the digital footprints in order to profile the customer base. Big data analytic is emerging as a digital foot print tracker and modeler to provide the razor sharp strategic edge for organizations to leverage their existing business and cross pollinate.

Federal Trojan

Federal Trojan aka R2D2 is considered to be one of the SKYPE interceptors as understood from the register. This trojon is also called by other names "0zapftis" or "Bundestrojaner",This trojan has the capability of running on 32 bit systems; with support for 64 bit versions of Windows. The technology works via a local installation of malware on the clients computer. BOTs and Trojans are  classified generally under Malware.

Big Data association and aggregation

Organizations are dependent on Information technology, They are forced to collect information as a part of their day to day electronic transactions. Such collected information silos are scattered across various cooperating and independent organizations. Management models have evolved into collaborative business models leading to a win win for member or partners of the coalition. Such organizations with excellent chemistry have exercised partnerships to exploit their combined strength to win. These firms include, enterprises, large organizations and government departments have aggregated volumes of data on individuals, spread across their verticals, profiled individuals, and are today looking for synergies and opportunities for cross-fertilization leading to better insight and better business. Such firms churn data with a greater velocity and variability through the multitudinous elements composing the business canvas.

Big data ecosystem

Digital data explosion is beyond control as evident from the digital data being pumped into the digital world without relevance. The data so generated calls for special techniques, to manage and distill the essence out of it. Data follows the data lifecycle. In a larger parlance data co-exist  in a digital world and is a part of digital ecosystem. The digital ecosystem is still at its infancy. To start with digital data is brought to life through the interaction with digital gadgets by the digital users on a minute by minute basis. This is followed by aggregation of such data, analysis, and interpretation. There are other elements like the data platform, associated operating system, data storage, access mechanisms, data processing software, specialized resource, associated vendors, etc forming a part of this large ecosystem. Digital data ecosystem contributes to the genesis of bigdata ecosystem. Big data initiated by Douglass Read Cutting is an envelop term describing the management of very high volume data.  Interactions within the digital ecosystem by itself a study and calls for larger understanding of the system and their dynamics.

MoneyWise-Topline and Bottom line

Information technology (IT) is today woven into our daily life. In a globalized economy, business life without informational technology driven applications would be impossible transforming information technology as a commodity. From a niche market, information technology has evolved into a commodity market. In order to sustain, information technology is envisaged to create value.  Today business with information technology is adopting bottom-line strategy to increase efficiency by reducing overall costs and top-line strategy to generate new revenue through new products and services.