Computer and Online Cyber Security
Computer Security No 15: Security Census Debacle
Corporate Computer Security
- Everybody is spying on the neighbours
- Whitelisting – strict corporate measures
I watched in astonishment how the head of ABS explained the system had been load-tested for 1 million questionnaire sessions per hour, which was clearly inadequate.
There are 10 million households in Australia and the campaign encouraged people to fill it in that very day.
This created a bottle neck in the evening of the 8th of August and combined with possibly other problems led to a situation where they were clearly more than 1 million active users per hour.
The head of ABS is now under fire and so is IBM, who reportedly scooped up $9.6 million ... a bit expensive for such a failure!
To prove the point, two uni students from QUT built a system for $500 in 54 hours.
Everybody is spying on the neighbours:
Back in 2013, NSA (National Security Agency in US) & MI6 (British Intelligence Agency) discovered hidden circuity on the boards of Lenovo computers, manufactured in China.
To quote the article:
'Members of the British and - Australian defence and intelligence communities say that malicious modifications to - Lenovo's circuitry - beyond more typical vulnerabilities or "zero-days" in its software - were discovered that could allow people to remotely access devices without the users' knowledge. The alleged presence of these hardware "Back doors" remains highly classified.'
According to ArsTechnica, NSA is not far behind, with modifications to firmware of computers and network hardware in systems shipped by Cisco, Dell, HP, Huawei and Juniper networks.
The catch? IP of course. US loses about US $250 - 300 billion per year, Germany about US $28 - 71 billion, South Korea US 26 billion, and Australia about US 1 billion.
The Australian Department of Defence, in one of its publications warns that:
"State–sponsored actors work on behalf of a foreign entity and are the most active malicious adversaries ASD (Australian Signals Directorate) has observed. They are also the most sophisticated and best resourced adversaries. State-sponsored actors seek national security information to identify vulnerabilities in our capabilities or to gain a strategic advantage. However, malicious activity often has an economic focus, with targeting of Australia's commercial sectors (for example, the resources, banking and telecommunications sectors) also prevalent."
The full articles are at:
Whitelisting - strict corporate measures
Anti-malware installed on computers and network devices is not completely effective in protecting networks. Whitelisting is an approach to only allow certain programs to run on computers. Many government departments have this policy mandated by their security teams. Again, the Australian security agencies promote this method.
Sounds reassuring, but Pros and Cons abound. Here are 10 arguments against whitelisting:
resources.infosecinstitute.com And this brings me to William Shedd’s thinking, that: - "Ships are safe in harbour, but that's not what ships are for" .. Jokes Have a nice and safe weekend!
To download the study, please go to:
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© 2011 - 2016 Advisory Boards Group website by aml websites