Archive for Advanced Persistant Threat (APT)

Episodes 106 and 107- January 31, 2010

Posted in criminal forensics, darkweb, Show Notes, Vulnerabilities with tags , , , , , on January 31, 2010 by datasecurityblog

After some experiments with posting our new radio show, we return to our classic podcast sound.   If you were a fan of the Data Security Podcast, you will recognize the familiar sound in The CyberJungle from now on. Thanks for enduring the experimental phase.  We tried to edit out portions where the radio station played popular music under our voices.  Legally necessary, but we acknowledge that the result was choppy. There are also certain required live radio elements made the podcast versions longer than they needed to be.

If want the full radio show,   radio station KOH can legally post it and they retain full radio versions of The CyberJungle.  And of course, you can  listen live on Saturday mornings.  If you’re interested in a shorter show with just the meat and potatoes, get it here on our website.

On with the show notes:

Episode 106 is The CyberJungle’s su root interview for the technically advanced listener. Mandiant’s Rob Lee on the APT – advanced persistent threat.  Attacks used to be short-term and removable.  Now they burrow in for months or years, for the purpose of ongoing theft.  Episode 106 is the 30-minute, unedited version.  The short version of the interview can be heard in episode 107.  It starts roughly 40 minutes into the show.

Mandiant allows you to  download a copy of Rob Lee’s report here.

In Episode 107 we discuss the week’s top story – In “Digital Combat, U.S. Finds No Easy Deterrent”

A conference-room war game featuring sophisticated cyberattacks left top military officials perplexed. This article discusses the apparent head-scratching in the Pentagon over how to respond to digital threats to national security. The problem – at least in part – seems that the U.S. government is still using the language of conventional war.  Two things are troubling. First, a gee-whiz quality to this piece suggests that this is the first time the U.S. military is considering these challenges. It’s certainly not, but the portrayal of top military brass as stuck in low gear on this issue is unsettling at best. Second, it muses about an attack on the grid, OR the banking system, OR the emergency communication system.  Doesn’t venture any possibility of a “digital pearl harbor”  featuring these events simultaneously.

We also talked with Peter Eckersly of EFF. He’s heading up a project that measures your computer’s unique configuration…. and calculates whether you’re easy to track (even when you shut off cookies and do the other “prudent” things that should prevent tracking, but don’t). EFF is seeking participants in this analysis. You can get a uniqueness rating ad participate in the experiment. And no, they will not use your computer’s fingerprint for any other purpose.

Our conversation with Peter Eckersly starts about 15 minutes into Episode 107.

Speaking of tracking… the Google Toolbar appears to be spying on you even after you disable it.  No matter what Google says.  Read Ben Edelman’s account of his own exploration of  this matter. Ben says he followed Google’s instructions and found he was still being scrutinized.

More news from the week:

International survey: IT Security managers see disaster looming. The takeaway from this 40-page report, Critical Infrastructure in the Age of Cyber War :  Top management just doesn’t get it.

70 percent of major companies are considering iPhone adoption. A New Era For Corporate Culture: iPhone Use Doubles in the Enterprise Ira would rewrite this headline:  “Likelihood of secure business communication cut in half.”

Latest email scams tap into widespread interest in current events.  Like the one that tells colleagues  “I just wrote an article about the Chinese cyberattack. Hope you like it. Click here. ”  The attached PDF file is the Chinese cyberattack.  See this example from and earnest researcher at George Washington University at F-secure.

More email scams – we tried to deliver a package but you weren’t home. Click here for info. The bad guys are using physical addresses to discover email addresses.

Affluent individuals who live ‘the good life’ are 43 percent more likely to be victims.  A survey of ID theft victims who were hit based on activity profiling.