Security roundup: The triumph of hactivists, the sorrow of Symantec
- 28 January, 2012 06:22
It was another busy week for hactivists attacking the online targets of their ire. This time, hackers under the banner AntiSec appeared to have hacked the website of OnGuardOnline.gov, the U.S. government's online security website, in protest against the much-railed-against legislation Stop Online Piracy Act (SOPA) as well as other bills regarding intellectual protection. Similarly, the group Anonymous is believed to be behind the distributed denial-of-service attack on Thursday that brought down the European Parliament's website in what is thought to be retaliation for European support for the shutdown of the Megaupload file-sharing site the week before. Anonymous also opposes a treaty being ratified in Europe now called the Anti-Counterfeiting Trade Agreement. That deals with infringement of intellectual property rights.
Last week, security firm Symantec was also publicly discussing the consequences of a data breach it believes occurred in 2006 in which some older source code, including that of pcAnywhere, was seized by attackers. Symantec now says customers running older versions of pcAnywhere face heightened risk and that they should upgrade to pcAnywhere 12.5. Plus, they should apply a new patch that Symantec released Monday, Jan. 23. In addition, Symantec said in a statement that "it will continue to release updates to the product that are important to apply immediately."
MORE: Hot security upstarts
A QUICK LOOK: The Megaupload Kim Dotcom hullabaloo
Symantec also said, "Second, it's important that customers run pcAnywhere on a secure, and protected network (i.e. behind the company firewall or via a virtual private network)." It also advised customers to make sure that all of the machines that they're communicating with via pcAnywhere have endpoint protection.
Any customer of pcAnywhere unable to follow this advice should tell Symantec. Symantec says this is the first time it's ever had to issue an advisory like this about its products because of a data breach related to stolen source code. It's safe to think we may not have heard the last about all this, which has to count as one of the most wretched chapters in Symantec's history.
Saturday, Jan. 28, is National Data Privacy Day
This is getting a little harder to celebrate every year, the way things are going. In her excellent piece, "15 worst Internet privacy scandals of All time," Carolyn Duffy Marsan reminds us why that is, with her well-chosen list of privacy outrages and debacles that range from the Sony CD mess to the Google Street View fiasco and much more.
In other news
In a legal filing, Microsoft named a Russian man as the alleged creator of the Kelihos botnet, which abused the company's Hotmail service until it was shut down in September 2011. Microsoft identified the man as Andrey N. Sabelnikov of St. Petersburg, Russia, noting he freelances for a software development company and formerly worked as a software engineer for a computer security software firm. The firm, Returnil, which sells the Virtual System Pro program, told Computerworld reporter Gregg Keizer that Andrey Sabelnikov had worked in its St. Petersburg office until Dec. 21, 2011, quoting Michael Wood, Returnil's vice president of product management as saying, "We are extremely disappointed and angered that someone who was a member of our team could be implicated in this type of activity." Woods told Keizer that Sabelnikov was a "general software engineer" who worked on a "small malware analysis side project." Sabelnikov also had prior employment at Russian antivirus firm Agnitum.
Can cloud-based collaborative data-sharing be secure enough for defense systems?
Though wariness about the perceived lack of security in cloud-based services is often voiced, there are some situations where the opposite is the case. Defense and aerospace manufacturers, including Boeing, BAE Systems and Lockheed Martin, are collaborating via SharePoint in the cloud hosted by service provider Exostar. The strong security built into the service is why it has gained the confidence of those sharing sensitive design information.
6 security companies to watch ... and more
Six security startups get a close look from writer Tim Greene, who profiles Emerging Threats Pro, CloudFlare, Agari, CO3, Fixmo and Universal Secure Registry. Also, we should note here that another recent startup, Dasient, which developed a cloud-based anti-malware service, was acquired last week by Twitter.
Can Sourcefire bust into the anti-malware market successfully? This week it came out with Windows-based FireAMP, a distinctive type of malware-detection software, in the hopes of making inroads into what's a crowded marketplace. Time will tell.
RSA Conference 2012: Look for a hacking stunt stealing smartphone crypto keys via radio waves
Encryption keys on smartphones can be stolen via a technique using radio waves, says one of the world's foremost crypto experts, Paul Kocher, whose firm Cryptography Research will demonstrate the hacking stunt with several types of smartphones at the upcoming RSA Conference in San Francisco in late February. Kocher says the goal of the demonstration is not to disparage smartphone makers but to point out the way that crypto is used on devices can be improved.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.