It was a great pleasure to be with Dr. James Piecowye in Nightline at 103.8 Dubai Eye. We had a great discussion about the state of cyber security and recent activities such as Cyberattack Simulation in the U.S.
Archives for February 2010
On February 27, an 8.8 magnitude earthquake struck Chile. Join recovery efforts mobilizing around the world to assist earthquake victims. Your donation will help disaster victims rebuild their lives and their communities.
Please visit Google Crisis Response
Brussels witnessed another Worldwide Security Conference organized by the East West Institute (EWI). The 7th Worldwide Security Conference (7WSC) was different from the previous year’s conference by having different tracks for each day and an additional day on February 18, dedicated to cybersecurity.
EWI organized a cybersecurity initiative at the 6th Worldwide Security Conference in 2009 by having a workshop about cybersecurity and later on by the efforts of John Morz, the president of EWI, and Karl Rauscher from Bell Lab it became an official project under the direction of Vartan Sarkissian. In October 2009, EWI in cooperation with the IEEE Communication Society and with the support of its former president, Dr. Curtis Siller, organized The Reliability of Global Undersea Communications Cable Infrastructure (ROGUCCI) Global Summit in Dubai, to remind us of the importance of undersea cables and their vulnerabilities.
International Pathways to Cybersecurity day on February 18 was, from my point of view, a great step after ROGUCCI to take the EWI cybersecurity initiative to another level. Nevertheless this event could have been better by having more participants from industry rather than politicians. However, the presence of politicians could be useful to have a dialog at the international level and between governments. However, as long as we do not have a clear pathway to address the technical issues and prioritize them, the presence of the politicians may mean that the EWI ends up with hundreds of meetings and recommendations without any action.
Cyberspace security is an important issue to everyone including governments. The cyberspace of a country might be considered to be a territory of that country or its critical infrastructure. Although, the Internet has no border there are many possibilities to draw a line and define borders by routing protocols and filtering. This is the tough part of the cyberspace security issue because it needs to be addressed by governments for both domestic and international usage. This makes the job of the EWI cybersecurity initiative more difficult, because governments do not like to give much information about their policies and do not like to listen to others if they have a problem with liberty in the information age. In addition, there are many governments without any laws and regulations for cyberspace to address their needs. From my point of view it will be impossible for them to cooperate internationally with other countries if they have no clear pathway for their own cyberspace.
Nevertheless, the efforts of the EWI and the participants should be continued to create a very secure and reliable cyberspace without compromising information liberty.
Dr. Ali Jahangiri has been invited to speak at the Special Consultation on ‘International Pathways to Cybersecurity’ as part of the EastWest Institute’s 7th Worldwide Security Conference (WSC) on February 17th 2010 in Brussels.
Dr. Ali Jahangiri, a world leading information security and cyber forensic expert, is pleased to announce that he will be participating in the 7th Annual Worldwide Security Conference in Brussels. This year’s Worldwide Security Conference will bring together leading policy-makers, specialists, business executives, community leaders and journalists from around the world for debate and networking with the aim of stimulating progressive improvement in the way global security is managed and reviewed.
As part of the conference, the EastWest Institute will convene a special one-day consultation, ‘International Pathways to Cybersecurity’, on February 17, 2010. The consultation, to be held in Brussels, will assemble leading specialists including Dr. Ali Jahangiri, officials, business leaders and other public figures to understand, communicate and stimulate breakthroughs in international dialogue about Cybersecurity. The event itself, which is sponsored by the Financial Times, Dell and Deloitte, is invitation-only for high-level participants.
Dr. Ali Jahangiri has also been invited to participate in other WSC meetings, including the main public event, which will take place on 18th February at the World Customs Organization (WCO) headquarters. Other high profile guests at the conference will be Makhdoom Shah Mahmood Qureshi, Foreign Minister of Pakistan, and Peter Albatef, President of Dell Services.
“I am very excited to be part of the 7th Annual Worldwide Security Conference” said Dr. Ali Jahangiri. “I would also like to thank John Edwin Mroz, the President of EastWest Institute and his team members for their efforts to make the world safer and securer by organizing this conference.”
During the main event, Dr. Ali Jahangiri will be a panelist for the Cybersecurity: Asia’s Priorities workshop along with Karl F. Rauscher, Distinguished Fellow, EastWest Institute & Bell Labs Fellow and Harry D. Raduege Jr., Chairman of The Deloitte Center for Cyber Innovation.
The Live Hacking CD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this ‘Live CD’ runs directly from the CD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check and ethically hack your own network to make sure that it is secure from outside intruders.
Dr. Ali Jahangiri, the well known security expert and author of Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts, is pleased to announce the launch of the Live Hacking CD, a new Linux distribution designed for ethical hacking. The Live Hacking CD contains the tools and utilities you need to test and hack your own network but using the tools and techniques that more malicious hackers would use.
As a derivative of Ubuntu this ‘Live CD’ runs directly from the CD and doesn’t need installing on your hard-drive. Once booted you can use the included tools to perform penetration tests and ethically hack on your own network to ensure that it is secure from outside intruders. As well as the standard Linux networking tools the Live Hacking CD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities.
Dr. Jahangiri, the world renowned security expert and the brain-child behind the Live Hacking CD, has made it freely available to the public to encourage IT professionals and others to enhance their knowledge and to prepare for the malicious activities of the unscrupulous hacker.
‘I am really happy to see we accomplished this public domain project and we had a strong response, from IT professionals, in the first hours of releasing the Live Hacking CD’ said Dr. Ali Jahangiri. ‘I would like to thank the Live Hacking CD team members and our senior consultant Gary Sims for their efforts and non-stop work in the past two months.’
The Live Hacking CD is based on open source technology and uses the popular Ubuntu Linux distribution as its base. All the tools included can be freely found in either the Ubuntu repositories or on the Internet. The CD is designed to be a platform to help IT security professionals (as well as those with a general interest in information security) to start, understand and conduct penetration tests and ethical hacking.
As with all community and open source projects, Dr. Jahangiri and his team welcome all comments, and suggestions along with possible cooperation opportunities to make the Live Hacking CD as complete and useful as possible.
Accompanying the Live Hacking CD is the LiveHacking.com website which contains information about Dr. Jahangiri’s book “Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts” and details of the Live Hacking Workshops which Dr Jahangiri runs internationally to introduce IT professionals to the world of hacking and empower them with the knowledge they need to thwart the criminal elements in cyberspace.
Recently it was a news on SecurityFocus.com about massive DDoS attack by flooding CIA, PayPal and hundreds of other organizations website by requesting for connection over SSL as follow:
CIA, PayPal under bizarre SSL assault
Dan Goodin, The Register 2010-02-01
The Central Intelligence Agency, PayPal, and hundreds of other organizations are under an unexplained assault that’s bombarding their websites with millions of compute-intensive requests.
The “massive” flood of requests is made over the websites’ SSL, or secure-sockets layer, port, causing them to consume more resources than normal connections, according to researchers at Shadowserver Foundation, a volSSL assault & my opinionunteer security collective. The torrent started about a week ago and appears to be caused by recent changes made to a botnet known as Pushdo.
“What do I mean by massive? I mean you are likely seeing an unexpected increase in traffic by several million hits spread out across several hundred thousand IP addresses,” Shadowserver’ Steven Adair wrote. “This might be a big deal if you’re used to only getting a few hundred or thousands of hits a day or you don’t have unlimited bandwidth.”
Shadowserver has identified 315 websites that are the recipients of the SSL assault. In addition to cia.gov and paypal.com, other sites include yahoo.com, americanexpress.com, and sans.org.
It’s not clear why Pushdo has unleashed the torrent. Infected PCs appear to initiate the SSL connections, along with a bit of junk, disconnect and then repeat the cycle. They don’t request any resources from the website or do anything else.
“We find it hard to believe this much activity would be used to make the bots blend in with normal traffic, but at the same time it doesn’t quite look like a DDoS either,” Adair wrote.
Security mavens aren’t sure what targeted sites can do to thwart the attacks. Changing IP addresses may provide a temporary reprieve. Adair asks those with better mitigation techniques to contact him. The Shadowserver advisory is here.
I do believe, there is another solution to address this kind of attack. As you are aware, the connection requests have been generated by bots, not the user’s browsers. Therefore, by detecting the type of browser we will be able to detect the bot requests. This kind of detection and mitigation is much easier to perform instead of changing IP addresses. This kind of feature should be added to the firewalls.