Tag Archives: IP

NASA Need to Launch a New Cyber Security Program

Paul Martin, NASA’s inspector general has reported to Congress that NASA’s computer system has been successfully hacked 13 times within the last year. Martin reported that the more severe cases resulted in the hackers gaining “full functional control” of important systems. This is despite NASA’s attempt to improve cyber security by spending $58 million of its $1.5 billion budget on cyber security.

NASA’s security policies have come under heavy criticism within recent years and things haven’t got much better over the last two years as it has been revealed that they suffered 5,408 computer incidents in 2011 and 2012. This is undoubtedly a major concern for everyone associated with NASA as such incidents have resulted in malicious malware being installed or unauthorised access to their systems which could have had disastrous consequences.

Martin stated that “Some of these intrusions have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7m.”

One of the more concerning successful hacks that has taken place resulted in the hackers taking control of the systems at NASA’s Jet Propulsion Laboratory. NASA’s cyber security team managed to trace the IP addresses back to China. Another serious hack resulted in the hackers obtaining the credentials for 150 workers which could have resulted in critical data being stolen or deleted.

Martin commented on these events and declared “In FY 2011, NASA reported it was the victim of 47 APT attacks, 13 of which successfully compromised Agency computers. In one of the successful attacks, intruders stole user credentials for more than 150 NASA employees – credentials that could have been used to gain unauthorised access to NASA systems. Our ongoing investigation of another such attack at JPL involving Chinese-based internet protocol (IP) addresses has confirmed that the intruders gained full access to key JPL systems and sensitive user accounts.”

Despite NASA’s attempts to improve their cyber security by spending a vast amount of money and improving security loopholes that had been highlighted in security audits, the overall cyber security status isn’t at the level where it should be. Martin has identified that one of the more pressing security issues that needs to be addressed is the large amount of data that is kept on laptops unencrypted. Martin reported that only one percent of laptops/portable devices have been encrypted.

Martin stated “Until NASA fully implements an Agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft.”

There are still obvious major flaws with NASA’s current cyber security setup. With the vast amount of money that they have spent in an attempt to improve their cyber security, this demonstrates that they are striving to make improvements. However, they are badly lagging behind other government agencies at the moment and it will take time until their whole infrastructure becomes much more secure.

Linda Cureton, NASA’s Chief Information Officer stated “Since NASA’s infrastructure is worldwide; the agency is striving to achieve a risk-based balance between security, system operability, and user requirements. While demanding a culture of security awareness, NASA will continue to improve the defense of our IT security posture and build security into the System Development Life Cycle (SDLC) of our IT solutions and everyday work habits.”

 

Online Anonymity

Whether you go under a cloak of anonymity on the internet is becoming less and less of a choice and more of a silent submission to online giants such as Google and Facebook.

Free web analysis tools, email and search are allowing the likes of Google to be at the forefront of our lives and collate data on all of our habits. Social networking sites mean you have to take care when on a night out as your activities may well be revealed through photos and location updates.

Internet service providers have a record of your exact browsing history and anyone with the right skill set can trace your location in a matter of seconds through your IP address. This means that unless like the fictional spy Jason Bourne you only use internet cafes for very brief periods, you are very much at large on the web.

Many social networking sites don’t like people using false names. Vic Gundotra, Senior Vice President of Social Business at Google and ambassador for Google Plus argues that the company do not wish to push people into using their legal names but are merely trying to maintain a ‘positive vibe,’ drawing a comparison to enforcing collared shirts in restaurants.

The counter argument is that if people are not willing to reveal themselves online why should we pay any attention to them? Does it set a better tone if people are held accountable for their actions on the internet?

I would firmly argue however that the benefits of loosely surfing the web far outweigh the possible consequences of the odd person taking liberties of online freedoms.

Data harvesting concerns voiced over NHS Choices website

Fears that the NHS Choices website is allowing data about visitors to be gathered by social networking sites and third party firms, have been voiced to the Information Commissioner’s Office (ICO), which has begun investigating the claims.

Analysis of the privacy policy which governs visitors to the site shows that anyone who lands on a page that has a Facebook element embedded, will have data relating to their visit and actions harvested.

In particular the specific time and date, along with the page visited, browser used and operating system installed on the visitors PC, will be taken by Facebook. IP address information will also be gathered, according to reports, with those who are simultaneously logged into the social networking site having their profiles directly linked to this data.

A statement from the Department of Health explained that the data was being harvested in order to improve the way that the NHS Choices site operates, based on how users are accessing its pages and services.

The ICO spoke to V3.co.uk and said that health-related details were essentially the definition of personal, private data. It explained that it had requested for the NHS to provide details as to whether third party organisations would be privy to the specific health data accessed by each user.

Privacy expert, Mischa Tuffield, said that although the NHS Choices privacy policy pointed out that certain pages with obvious Facebook elements would harvest data about users, in her experience, this was not entirely accurate since other pages which should not be included under this definition had still been shown to send data back to the social networking site.

Tuffield said that although the NHS was within its rights to improve services both online and off by gathering user data, it should also give consideration to the privacy of its customers.

The Department of Health has dismissed claims that it has breached the terms of the Data Protection Act with the data harvesting activities of the NHS Choices website.

It said that such eventualities are brought about because of the way in which Facebook operates, not the site itself, with advice for future users being that they should sign out of Facebook before visiting, to avoid being monitored.

Data mining virus targets public organisations

A new series of attacks levelled at organisations in the public sector began last week, as reports of emails containing the malware program Bredolab came in.

Security expert Tony Millington said that although the use of Bredolab was not obviously significant in itself, the way in which the email campaign was run did raise some questions about the intentions of its instigators.

Mr Millington said that Bredolab was more usually distributed on a massive scale to as many email accounts as possible, relying on controlled botnets for the herculean campaign. However, in this instance, Bredolab has been sent to a select group of public sector organisations, suggesting that the criminals behind the attack are attempting to harvest data contained on specific systems.

Bredolab can be modified to use various forms of trickery to encourage the recipient of the email to run the attached executable. Once the process is begun, the malware is embedded on the user’s computer and it turns off the firewall, allowing the responsible parties access to the network and also giving them the chance to install many more malicious files as a result.

Mr Millington said that in this instance, Bredolab was being used to transfer data harvesting tools to the infected PCs and at the time of its appearance, these subsequent files were identifiable by only one or two of the major anti-virus vendors. As such, the potential for further infection and data theft was significant.

IT Security firms have been busy investigating the latest viral attacks via email and have established that the IP addresses from which the mail originates can be linked to several other spam campaigns which have been in operation in recent months. These IP addresses are believed to signify PCs connected in a large botnet, unbeknownst to their users.

According to Mr Millington, the emails sent in the latest batch are worded with innocuous subject lines, containing keywords such as ‘conference’ or ‘resume’ in order to dupe the recipient into activating the attached .zip file, which will usually have the same name.

The iPhone – a risk to corporate data?

Ralf DeFrangesco is just one of the many commentators who have begun to voice concerns about the security of the iPhone. As many businesses know, the more popular a device or platform the more serious the security risk. In excess of 50 million devices are now able to download one or more of the 85000 applications available in the App store. Apple’s software itself is rife with vulnerabilities and bugs. Only last month Apple released 10 iPhone software patches to plug holes in security. Continue reading

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal