The past several weeks have been an exciting time in the realm of cyber security – and especially the more narrow, less understood field of (potential) “cyber war”. Starting approximately two weeks ago (writing on 25 June 2019), there began a bombardment of news, with reports that: The XENOTIME activity Read more…
I recently had the pleasure to spend time in Krakow, Poland for the CONfidence event, where in addition to enjoying the conference I was fortunate to catch up with old friends. During several discussions with a colleague, we kept returning to NATO’s cyber posture vis a vis potential adversaries and Read more…
The vulnerability MS17-010, patched on 14 March 2017 but rising to prominence with the Shadow Brokers leak of an exploit called ETERNALBLUE in mid-April 2017, has fueled multiple information security headaches. First and among the most prominent was the global WannaCry ransomware event in May 2017 (two months after the Read more…
A topic I’ve complained about previously (and one of the motivating reasons for the existence of this blog) is the impermanence of knowledge within the information security discipline. Specifically, information security as a field of study and area of practice remains pitifully immature relative to other disciplines as so much Read more…
Many public discussions on information security tend to identify or claim the existence of an “information security community”. On its face, this seems a rather innocuous term that merely designates a collective of individuals dedicated toward relatively similar goals or ends – yet when delving a bit deeper, the term Read more…
Recently Juan Andreas Guerrero-Saade and Silas Cutler presented new research on the cluster of activity encompassing Stuxnet, Duqu, and Flame at the Kaspersky Lab-sponsored Security Analyst Summit. (Note for those reading this from US, Canadian, and related government networks: accessing the research link previously will display potentially leaked, non-public information Read more…
In Germany (as well as Austria), there is a type of company referred to as the “Mittelstand”. Generally speaking, these are small- to medium-sized companies, non-public and typically family-owned, providing technical expertise (if not excellence) in a specific niche, usually manufacturing or engineering oriented. Although small, such organizations have outsized Read more…
A common statement heard in information security circles these days is “the perimeter is dead.” The concept behind the statement is simple and seemingly obvious. Historically, security professionals only dealt with two networks: the “home” network (which was managed, safe, and trusted) and the “outside” or “external” network (regarded as Read more…
The concept of praise and blame – or moral responsibility more generally – is a central concept in ethics that features many responses. Of note in evaluating various approaches to the problem is the concept of human fallibility in the face of ethical decision-making. For Aristotle, humanity is intrinsically flawed Read more…
When reporting on cyber-attacks, articles and media frequently (if not exclusively) focus on the damage or immediate result: how many machines were impacted, how much data was compromised, or what (if any) physical consequences emerged from the event. The latter is especially the case with ICS-focused attacks, from Stuxnet to Read more…