News in the Category "Articles"
Page 8 of 21
Identifying Perpetrators of Cyberattacks "Getting Tougher"
Cybersecurity is becoming increasingly challenging as identifying attackers by their weaponry is difficult to their invisible nature wherein attacks can be launched by a group of hacktivist or sponsored by a nation, according to an expert.
Bruce Schneier, a leading voice on cybersecurity, said a majority of organisations and individuals use the same run-of-the-mill ‘warlike weaponry’ at a time when the attackers are largely unknown, cybercrime is becoming more difficult to combat.
While the IT security industry knows how to deal with high volume, low-focus attacks, security professionals must be resilient and ensure better management of incident responses in order for organisations to thrive even in the face of a cyberattack, he said…
Video: Cloud Computing Trade-Offs
“As a business or as an individual you have to make a choice. Should I do this thing—whatever it is—on my computer and on my network or on a cloud computer on a cloud network,” asked Bruce Schneier (@schneierblog), CTO of Resilient Systems, Inc., in our conversation at the 2015 RSA Conference in San Francisco.
Whatever you choose, you’re going to be making a trade-off. Schneier recommends you first look at who your adversaries are.
“If your adversaries are a cybercriminal, I bet Google can do a better job at securing your stuff than you can. If your adversary is the U.S. government, Google will respond to court orders and not tell you about it, so maybe you’re better keeping it. It’s going to depend on what you’re worrying about,” said Schneier, who runs his personal email on his own computers, not so much for security reasons, but for control. He doesn’t want Google looking at his email or sending him advertising…
RSAC—Schneier Details Ways to Survive Catastrophic Attack
Catastrophic issues in security can occur, but there are ways to recover.
Speaking at RSA Conference in San Francisco, Bruce Schneier, CTO of Resilient Systems, highlighted the Sony Pictures attack as being an interesting case as it brings catastrophic risk uses to the fore, and not catastrophic as in a life ending sense, but in company terms.
He highlighted seven ways in which a catastrophic incident could be dealt with. Firstly he recommended keeping it internal to "incapsulate the catastrophic risk", secondly consider that attackers on two axes of skills and focus and with someone who is low skilled but has a high focus would use a basic APT, but in the case of Sony this was low skills and low targets. "Why this matters for security is the difference between absolute and low security; it doesnt matter how good security is, be more secure than the other guy and in a high skill high focus they want you," he said…
What Bruce Schneier Learned from the Sony Breach
After spending a lot of time thinking about the massive breach of Sony, security luminary Bruce Schneier came to a scary – but not really surprising – conclusion.
“The lesson is that we are all vulnerable. North Korea could have done it to anyone,” said Scheier during a packed session at the RSA conference in San Francisco.
While the IT security industry knows how to deal with high volume, low-focus attacks, Schneier said, security professionals have trouble handling highly skilled and focused attackers, commonly referred to as advanced persistent threats (APTs)…
Expert Bruce Schneier: It’s Hard Not to Despair over the State of IT Security
The more things change the more they stay the same, goes an old saying. That certainly seems to be true in IT security.
Despite decades of experience almost every day there’s another story about a data breach, software vulnerability or new malware discovered.
So perhaps it’s no surprise that the 15th anniversary edition of veteran security expert Bruce Schneier’s book Secrets and Lies: Digital Security in a Networked World begins with a foreword that admits how little things have changed since the book first came out in 2000.
Not, he said in an interview Monday, that there’s evidence the amount of malware itself has increased. But his arguments on the limits of cryptography, on authentication, threats and attacks haven’t changed. Nor in his prescription—vital to CEOs—that technology alone can’t secure the enterprise: There has to be defence in depth, and the organization has to be ready to respond to the inevitable intrusion…
Cyberattack Is Easier than Cyberdefence—Bruce Schneier
Cybersecurity guru Bruce Schneier to reveal lessons learned from the Sony hack scandal at the Gulf Information Security Expo and Conference (GISEC)
Cybercriminal attacks around the world will continue to rise as long as personal data provides the ability to commit fraud, and intellectual property is worth stealing, leaving both individuals and organisations vulnerable to harmful computer and network intrusions.
According to cybersecurity guru Bruce Schneier, one of the keynote speakers at Gulf Information Security Expo and Conference (GISEC), a cyberattack is much easier to implement than it is to install impenetrable cyberdefences.
The 3rd edition of GISEC, the region’s leading I.T. security platform, will take place from 26-28 April 2015 at Dubai World Trade Centre. The event will address key issues surrounding cybersecurity management, identity management and disaster recovery across different sectors…
How to Sabotage Encryption Software (And Not Get Caught)
In the field of cryptography, a secretly planted “backdoor” that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn’t mean cryptographers don’t appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims’ privacy from spies other than the backdoor’s creator.
In a paper titled “Surreptitiously Weakening Cryptographic Systems,” well-known cryptographer and author Bruce Schneier and researchers from the Universities of Wisconsin and Washington take the spy’s view to the problem of crypto design: What kind of built-in backdoor surveillance works best?…
Top Influencers in Security You Should Be Following in 2015
Excerpt
In December of 2011, Tripwire published a list of security’s top 25 influencers. More than three years later, we are pleased to announce a new list for 2015—The Infosec Avengers!
For each influencer whom we have selected, we include their Twitter handle, blog URL and reasoning for selecting them. We also include their answer for what infosec-related superpower they would choose to have.
This year’s list (in no particular order) has some old faces and some new. Do you agree with our choices? Who else would you have chosen?
…
Bruce Schneier | …
Bruce Schneier: Sony Hackers "Completely Owned This Company"
The Sony hack is “every CEO’s worst nightmare” and the leaked data is probably going to send someone to jail, security expert Bruce Schneier says. That, not any threat of violence, is the real power of this hack.
The “Guardians of Peace,” as the group behind the attack has called itself, posted a new dump of emails today, this time from CEO Michael Lynton. The hackers also issued a warning implying that any theater screening the political comedy The Interview, which is about the assassination of North Korean leader Kim Jong-un, could be the target of a physical attack as well…
Sony Hackers: It's Not the North Korean Government, nor an Insider, Suggests Security Expert Bruce Schneier
Cryptographer and security expert Bruce Schneier has suggested that the hackers behind the devastating hack and leak of internal data from Sony Pictures is neither the work of the North Korean government, nor of insiders.
"At this point, the attacks seem to be a few hackers and not the North Korean government. (My guess is that it’s not an insider, either). That we live in the world where we aren’t sure if any given cyber attack is the work of a foreign government or a couple of guys should be scary to us all," he wrote in a blog post.
Instead, he added, …
Sidebar photo of Bruce Schneier by Joe MacInnis.