Out of the Box Solutions

Understanding current threats is key to ensuring that organizations and individuals are able to protect and sustain their (business/livelihood/add your own personal needs here).  That being said I have noticed a few interesting items hit the news lately, and thought to share to make more people aware.

The first is a recent attack vector for Bank of America’s SiteKey system.  The individual actually attacks the system when the user is accessing from a non-familiar system (Sitekey uses cookies that sit on your system and then present the graphic for that cookie, but if you are at another system there is no cookie and a separate authentication occurs).  He presents it with a video, and some good explanation on how it would be successful.  There are countermeasures in place for this attack, so this isn’t not a current viable attack, but does highlight the inherent weaknesses in exception handling in any controlled environment.  The exceptions in an environment tend to have weaker controls in general, similar to how back up environments are not as current on patches to their mirrored systems.  Check out the video here and his full post here.

The second highlight is a company, and while I am not one to preach I thought this company had a very interesting product and approach.  They have setup listeners around the internet (how or where is unclear) that act as targets for spam and attacks (honeypots).  They then track through IP addresses and report to their clients what type of activity is originating in their owned address space.  A very intriguing approach to a detective control, and one that is revolutionary.  There are some technical challenges regarding spoofed IP addresses, and when black hatters use rogue wireless access points to burst spam traffic, but those restrictions aside – a very interesting approach in a very different world.  Check them out here.  Full Disclosure – I am not endorsing them, I am not paid to post this, and I have not used their technology, but find it an interesting approach and an educational adventure for those seeking creative approaches to challenging problems.

Finally to complete our Friday creative solution post I wanted to highlight “Evolution”.  A crafty tool released at CanSecWest (by far the best conference for security professionals and not nearly as political or showy as a certain Vegas conference at the end of July – which is still fun).  The tool searches the web and builds a database on individuals using public site information, social networks, and any other legal means possible.  The tool can be exceptionally helpful in a social engineering attack, or for an HR department really concerned about a potential hire.  In the end the tool takes the next step beyond ZoomInfo, and presents the true value of filtering information.  These types of tools and those that are being developed strongly demonstrate the need for organizations to be aware of what information is available, by whom, where, and how if brought together could a competitor / terrorist / employee use the information.

Approaching the challenges of an interconnected society requires strong controls and exceptional thinking that embraces the medium that created the problems to begin with in the first place.

James

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s