“If you know the enemy and know yourself you need not fear the results of a hundred battles.” – Sun Tzu
Know the Enemy – We have some interesting statistics from a recent large scale malware attack launched predominately from Latvia against mostly UK targets. Their goal was to drive people to a fake AV site. The interesting part is the cocktail of 9 exploits being used. What were they targeting?
2 against Microsoft
2 against Adobe Reader
5 against Java
The take away here? Keep your applications patched with the newest security fixes and pay particular attention to Java, the bad guys are.
Know yourself – RSA, the large and well respected security division of EMC has announced hackers extracted certain information from RSA’s systems. Seems the bad guys were after information about RSA’s two-factor authentication product, SecurID. It’s no surprise, since this product is used by a large number of Financial Institutions and Governmental organizations. What can we learn from this incident? Here are some of the recommendations RSA made in a filing with the SEC.
1) We recommend customers increase their focus on security for social media applications and the use of those applications and websites by anyone with access to their critical networks.
2) We recommend customers enforce strong password and pin policies. We recommend customers follow the rule of least privilege when assigning roles and responsibilities to security administrators.
3) We recommend customers re-educate employees on the importance of avoiding suspicious emails, and remind them not to provide user names or other credentials to anyone without verifying that person’s identity and authority. Employees should not comply with email or phone-based requests for credentials and should report any such attempts.
4) We recommend customers examine their help desk practices for information leakage that could help an attacker perform a social engineering attack.
5) We recommend customers update their security products and the operating systems hosting them with the latest patches.