Chief IT – For IT Leaders & Decision Makers
Chief IT – For IT Leaders & Decision Makers
Latest News
Obstinately clinging to iconic obsolescence
As those around me in the Protega office will...
Championing for open source collaboration
Having been fortunate to be in California’s Silicon Valley...
Fighting financial cybercrime with data
Cybercrime is a serious threat to anyone and everyone...
India’s cyber trauma
Recently, India’s Defence and other ministries were placed on...
What’s causing the cybersecurity skills gap?
How the Industry is Strangling Cybersecurity Career Development It...
Scalable optics: New lanes laid for the ‘Internet of Things’ super-highway
Since I can remember, the digital world has always...
National Security reforms needed before the Internet of things
The half way approach putting all Australian’s at risk:...
Without security the Internet of Things is doomed and could kill millions!
Are we setting up the Internet of Things to...
Artificial Intelligence & Cybersecurity: Scaling up for the Internet of Things
The world may only get one chance at making...
Worrying statistics Inaugural cyber security survey for Australia
While it’s natural to assume large companies with large...
Digital technology vs national security threats
It’s no secret digital technologies have changed everything. These...
What really happened? Why it’s so hard to get the truth when investigating an incident
Something that all incident responders need to be reminded...
Completely at sea
Shipping companies are under attack! In the new era...
The great submarine leak
The wide-ranging data leak on India’s French-origin Scorpene submarines...
Combating financial fraud: How to save billions with a text
Fighting fraud is an ever escalating arms race, with...
Singapore Cyber Updates
Highlights from the Singapore International Cyber Week 2016 (10th...
IT executives take pause as technology vendors queue up outside your door
The global political stage is certainly an interesting spectacle...
Canalys Channels Forum – Interview with Peter Ryan
STEVE BRAZIER INTERVIEWS PETER RYAN, CHIEF SALES OFFICER, ENTERPRISE...
Executive Editor AISA National Conference 2016 Interview Series: Bruce Schneier
  Cybersecurity Guru Bruce Schneier, author of ‘Data &...
Fighting technology with technology: protecting children from cyber bullies
Technology has altered the way we live. This goes...
The non-IT expert’s guide to surviving a cyberattack
Cyber-crime is one of the fastest growing industries in...
The safe city and it’s need for interoperability
Most people today who live in cities, particularly large...
Prevention is still better than cure
There is still a defeatist attitude resonating through the...
Security industry must embrace modern technologies
The global security industry is growing at a rapid...
ISACA’s CSX Hosts Free Virtual Conference: “Cybersecurity Evolves”
The digital world is on a constant continuum of...
Instagram accounts hacked, altered to promote adult dating spam
Norton by Symantec has found that scammers are hacking...
Increased Cyber Threat Activity in Brazil
Global Cybersecurity Threat Report Provides Research on Advanced Threat...
The greatest threat to your business today
For as long as digital technology has existed, there...
Creating a culture of security to defend against social engineering attacks
The Fifth Annual Benchmark study on Privacy and Security...
Fake lockscreen app on Google Play: Pokemon GO Ultimate
ESET researchers have discovered fake apps on Google Play...
How will Australia keep up
The UK’s National Crime Agency (NCA) has recently published...
Cyber Threats to the Mining Industry
In today’s competitive global market for commodities and manufactured...
Five ways the cloud is helping retailers meet customer demands
Retailers can be more innovative, and satisfy the growing...
How to prevent security breaches when patching is not an option
Businesses should beware of relying too much on software...
Three factors to help organisations be less vulnerable to cyber attack
As long as the cost of perpetrating a cyber...
Analysis of the Cyber Security Strategy: Strategic pillars of change
Strategic pillars of change: Analysis of the Cyber Security...
CenturyLink expands its cloud platform to Australia
Launches CenturyLink Cloud node in Sydney to continue international...
Five reasons the cloud makes sense for big data projects
Big data can be powerful, giving organisations extremely detailed...
Five ways managed security helps businesses keep pace with cyber threats
Cyber crime is commercial enterprise, with new tools and...
Six business and technology trends to watch in 2016
2016 will be a pivotal year for organisations pursuing...
Android.Bankosy: All ears on voice call-based 2FA
Android.Bankosy gets updated to steal passwords sent through voice...
Security in the holiday season
For many employees, the approaching holiday season means Christmas...
Securing operational technology: big data’s big role
Convergence between operational technology (OT), the hardware and software...
BAE Systems supporting Australia’s next generation of cyber security professionals
With cyber security becoming a core concern for businesses...
McAfee Labs Report Reveals Prices of Stolen Data on Dark Web
Intel Security has released The Hidden Data Economy Report which...
Palo Alto Networks revolutionises security in Asia Pacific with the introduction of Advanced Endpoint Protection offering
Offers preventative approach to stop cyberthreats at the endpoint...
Intel Security names Nicole Kidman, Jessica Mauboy and Dr Chris Brown as Most Dangerous Celebrities 2015
Intel Security has announced the results of its ninth...
BAE Systems Applied Intelligence launches Cloud-based Cyber Security in ANZ
BAE Systems Applied Intelligence has announced it is bringing its...
How to spot insider trading through behavioural analytics in the age of big data
Following this week’s  U.S. identification of an international crime...
Cisco releases first Smart Region Report focused on digital opportunities for South East Queensland
Identifies the potential of $10 billion to the region’s...
Seven ways security can cost your business
Most organisations have a pretty good sense of the...
Cisco’s Recommendations to the Australian Prime Minister & Cabinet’s 2015 Cyber Security Review
Australia’s transition towards a more digitally-enabled economy will drive...
Cisco Midyear Security Report Reveals Sophisticated Cyberattacks Are Defining the Innovation Race between Adversaries and Defenders
Findings underscore the need for retrospective analysis to reduce...
BAE Systems Applied Intelligence: Know your cyber enemy – why cyber threat intelligence is emerging as a vital security approach
Managing cyber security on an internet that was never...
Next-generation security products steal the show at 30th annual Security Exhibition & Conference
Leading security product and service suppliers including Avigilon, Ness...
FNT Software Announces Major Enhancements to Data Centre Management Software
New FNT Command 10 Includes Expanded Visualization Capabilities, Dashboards...
Why digital security must become a boardroom issue
Mikko Hietanen, Board  Director, BAE Systems Applied Intelligence gives...
A future-focused regulator for the communications market
The Government is conducting a review of the Australian...
Wireless Network the Weakest Security Link in Enterprise IT Infrastructure, According to Fortinet Global Survey of IT Leaders
9 in 10 CIOs Report Concerns Over Insufficient Wireless...
Night Vision Australia – What’s the perfect tool for Security & Law Enforcement in Australia?
FLIR Thermal Imaging Camera’s Thermal imaging cameras produce a...
BAE Systems Applied Intelligence: Why intelligence-led penetration testing needs to be the proactive defence in every business
As the cyber threat landscape evolves, so too does...
BAE Systems Applied Intelligence: Public Wi-Fi networks a threat to your businesses’ data
Recent announcements around free and open public Wi-Fi being...
Everyone has a role to play in securing Asia’s digital future
Asia is in the middle of a digital revolution,...
Honeywell: Connected Buildings delivering real outcomes
By Michael Brookes, Honeywell Building Solutions The Internet of...
Fortinet: How the world’s financial system found it itself under attack… from the inside
By Gary Gardiner A/NZ Director of Engineering, Fortinet Recently,...
DDLS introduces more live hacking challenge Labs
DDLS, Australia’s leading IT Training provider, has introduced even...
2015 CIO Leaders Summit Australia
Media Corp International was proud to conclude the 2015...
Gallagher introduces new technology to the security market
The latest product developments from leading security technology manufacturer,...
DDoS-for-Hire Preys Upon SaaS Apps such as Joomla
Akamai Technologies, the leading provider of cloud services for...
The world’s first 3D printed jet engine made in Melbourne
Monash University researchers along with collaborators from CSIRO and...
Minister for Defence opens new Lockheed Martin Facilities in Newcastle
Minister for Defence Kevin Andrews MP has formally opened Lockheed...
Micron, Seagate Announce Strategic Alliance
Micron Technology, and Seagate Technology have announced a strategic agreement that...
RiskMap 2015: The New World Disorder
Control Risks, the global business risk consultancy, has published...
Valentine’s Day: Avoid the heartbreak of Cyber Crime
After analysing a wave of scams spreading worldwide before...
An Australian Counter Unmanned Aircraft System – ‘Drone’ – Security Initiative
The association of Australian Certified UAV Operators Inc. (ACUO)...
New Cyber Security Campaign Focuses on Everyday Australians
The Australian Cyber Security Centre (ACSC) has released a video...
Submission for Senate Inquiry into Aviation and Airport Security
  2015 Senate Rural and Regional Affairs and Transport...
Trend Micro Researchers Discover New Adobe Zero Day Attacks
Security software vendor Trend Micro has identified yet another...
Akamai PLXsert’s Q4 2014 State of the Internet – Security Report Released
Akamai Technologies, the leading provider of cloud services for...
Indago Small Unmanned Quad Copter Aids Australian Firefighters
Western Australia’s Emergency Services Commissioner called upon Lockheed Martin’s...
Trend Micro: New “Zero-day” in Adobe Flash: What You Need to Know
By Christopher Budd Recently, we learned of a new...
New lockers allow round the clock access for Hills’ customers
Hills Limited will trial new secure lockers to allow...
2015 Big Data & Analytics Global Caxton Interactive Technology Workshop – Register Now!
Event: 2015 Big Data & Analytics Date: 16-18 February...
Keeping a trusted eye on today’s government networks
Australian government agencies must continue to evolve their IT...
Horror in Martin Place – Australasian Council of Security Professionals Comments
The Australian community has witnessed a hostage situation take...
WatchGuard Predicts Five Security Trends You Should NOT Worry About in 2015 and Five You Should
From passwords and the IoT to nation state cyber...
McAfee Labs Threat Predictions outlines Top Security Issues for 2015
Intel Security has released its McAfee Labs 2015 Threat...
Seagate Launches Data Recovery Services in Australia
Seagate Technology, a world leader in storage solutions, has announced...
Australian Businesses Lose Over US$55 Billion from Data Loss and Downtime Per Year, According to Global IT Study
EMC Corporation has announced the Australian findings of a new...
Internet of Things Drives Measurable Business Outcomes
The majority of organisations that have adopted Internet of...
Cyber Threats to Increase in Scope and Complexity in the New Year as Black Hat Hackers Become More Sophisticated, According to Fortinet 2015 Threat Predictions
As the 2015 New Year looms, Fortinet, a global...
New Seagate NAS HDD Delivers Enterprise-Class Solutions for Small and Medium Businesses
Seagate Technology has announced its new Enterprise NAS HDD...
SNP Wins NSW Business Chamber Award
SNP has been recognised, winning the state award for...
Kaspersky Lab’s 2015 short-range predictions
With cybercriminals growing in confidence, Kaspersky Lab anticipates that...
Gallagher Team Takes Top Engineering Award
Gallagher has added another esteemed award to its growing...
Omlis Computer Security Day 2014: Mobile payment security and tokenization
In light of Computer Security Day on 30 November,...
Seagate Appoints New Managing Director of Sales & Marketing for Asia
Seagate has announced that it has appointed Rex Dong as...
New Generation of WatchGuard Firewalls Enable Mid-Size Enterprises to Keep Pace with Explosive Growth in Encrypted Traffic
WatchGuard® Technologies, a leader in multi-function firewalls, has announced next-generation...
Telstra Cyber Security Report 2014 – Join the conversation now!
Join Telstra specialists as they discuss findings from the recently...
Louis Tetu to Keynote GovInnovate Summit
Coveo announced that Chairman & CEO Louis Tetu will...
Akamai Warns of Yummba Webinject Tools and Banking Fraud
Akamai Technologies, Inc, the leading provider of cloud services...
Tenable Network Security’s Nessus v6 Enhances Advanced System Hardening, Malware Detection and Mobility Support to Reduce the Attack Surface
Tenable Network Security®, Inc., the leader in continuous network...
Gartner Says the Digital Economy Will Push Technology Spending in Australia up 4.1 percent to $78.7 Billion in 2015
Spending on technology products and services is projected to...
Imperva Introduces Bot Protection Services for the SecureSphere Web Application Firewall
Imperva Inc, pioneering the third pillar of enterprise security...
Former GCHQ Deputy Director Cyber Defence joins Wynyard Group
Wynyard Group a market leader in crime fighting software...
First Australian made vertical tails by Marand installed on F-35 Lightning II
The first vertical tails manufactured by Australian company, Marand, have...
HP Offers Partners the On-ramp to New Style of IT
HP has announced the new HP ServiceOne program for 2015...
Cubic Announces Partnership with Unreal Government Network to Create Next Generation Live, Virtual, Constructive, Gaming Training Solutions
Cubic Advanced Learning Solutions (CALS), a subsidiary of Cubic...
Palo Alto Networks Latest PAN-OS Release Expands Cloud Security Support for AWS and KVM
Palo Alto Networks, the leader in enterprise security, has...
Ovum and F5 Networks Complimentary webinar invitation – Register now!
Webinar: Telcos as an intelligent provider: Monetizing “consumer intelligence”...
Honeywell: 7 in 10 Australians fearful that cyber attacks could damage Australia’s economy
More than seven in ten surveyed adults (72 percent)...
Imperva Introduces Cloud Reference Architecture for Protecting Web Applications in Infrastructure-as-a-Service Environments
Imperva Inc, pioneering the third pillar of enterprise security...
Stuxnet Patient Zero: First Victims of the Infamous Worm Revealed
More than four years have passed since the discovery...
Inmarsat completes construction of the Global Xpress ground network
Inmarsat, the leading provider of global mobile satellite communications...
Shavlik Eliminates Known Vulnerabilities in Third-party Software with Shavlik Patch 2.1
Shavlik has announced the release of a new version of...
F5 Showcases F5 Synthesis™ Interoperability with VMware Solutions at vForum 2014
F5 Networks showcased at vForum2014 at Grand Hyatt Hotel,...
New Gartner report on Application Delivery Controllers
The application delivery controller (ADC) is a key component...
Kaspersky Lab sheds light on “Darkhotel” espionage campaign
Kaspersky Lab experts have researched the ‘Darkhotel’ espionage campaign,...
Goodbye Graffiti Resources
The WA Police Graffiti Team is taking orders for...
Aconex Launches Dynamic Manuals for Mobile Handover
Aconex, provider of a leading cloud collaboration platform for...
ONVIF Connects with International Audiences at Security Industry’s Largest Trade Shows
ONVIF, the leading global standardization initiative for IP-based physical security...
Cubic Awarded $46 Million Contract to Provide Training Systems Support for the U.S. Marine Corps
Cubic Applications, Inc., an operating company of the Mission...
UL receives confirmation from Visa for simulating the latest version of ADVT
UL is pleased to announce that its Collis Brand...
Seagate research reveals nearly half of Australian small businesses have lost work due to not backing up effectively
Of these 45% of businesses that have lost work...
FireEye Exposes Cyber Espionage Group Potentially Linked to Russian Government
FireEye research, analysis exposes long-standing operations by APT28 targeting...
Insider Threat Kill Chain: Detecting indicators of human compromise
More than one-third of all data breaches were perpetrated...
CIOs need to act on their cloudy good intentions, states Ovum
A recent survey of 65 CIOs at a Strategy...
Do you know a thought leader in ICT in...
Push for Australians’ web browsing histories to be stored
Intelligence agency ASIO is using the Snowden leaks to...
Trend Micro enhances Smart Protection Platform to better prevent, detect, analyse and respond to broad range of threats
Trend Micro Incorporated has announced the latest enhancements to the Trend...
The Evolution of the Data Centre – Exclusive Interview with Intel’s Balaji Srinivasan
Genetec Unveils Stratocast
Genetec has launched Stratocast™, a powerful yet easy-to-use Video...
Space to the subsea – emergence of agnostic integrated systems
By Chris Cubbage During September 2013, Executive Editor, Chris...
HGH Infrared Systems Debuts Spynel-S
HGH Infrared Systems, a global provider of 360 degree...
Crowd control using Video Analytics vs. Personal GPS. Which is better for safety and security?
BBC’s Click program highlighted how the Police used personal...
Simlat to supply Summit Avanced Systems
Simlat Ltd. has been chosen to provide its advanced...
Axis upgrades top-of-the-line pan/tilt/zoom series with launch of nine new cameras
The top-of-the-line AXIS Q60 PTZ Dome Network Camera Series...
New camera line from MOBOTIX is more light Sensitive and shows more detail than ever before
The new D25, M25 and Q25 5-megapixel IP camera...
Sony introduces new W series Rapid Dome IP Cameras to harness IPELA ENGINE™ PRO technology
Sony Electronics continues its commitment to advance the security...
All new Fisheye Dome cameras
ACTi delivers a new level of resolution and functionality...
ACTi’s latest PTZ
ACTi is proud to launch the very first product...
Canon presents world’s smallest Full HD PTZ surveillance camera
Canon unveils the world’s smallest full high definition (HD)...
World’s first Raytec lighting integration with Milestone VMS
Raytec is delighted to announce its integration with Milestone’s...
MOBOTIX launches lowlight exposure optimization – MxLEO
MOBOTIX AG has launched the new Lowlight Exposure Optimisation...
Integrated Milestone IP video surveillance monitors all district campuses
Milestone XProtect® open platform video management software (VMS) is...
Raytec protects critical infrastructure in Oman
The Oman Water and Electrical Board have chosen Infra-Red...
Arecont Vision’s New MegaView® 2 and MegaBall® 2 combine high performance, great aesthetics and ease of installation
Arecont Vision, the industry leader in IP-based megapixel camera...
UXC Connect secures $4.1 million contract to deliver IP surveillance and security solution for LNG project in Western Australia
UXC Connect has announced that it has secured a...
Arecont Vision unveils new SurroundVideo® 12 Megapixel 360° panoramic camera with true wide dynamic range (WDR)
Arecont Vision, the industry leader in IP megapixel camera...
FLIR and VideoIQ join forces for new site protection solution
  FLIR Systems is proud to announce the launch...
Imaging chips and pixels
Everything started with the discovery of the Charge Coupled...
The Past Present and Future of Video Analytics
Author:  Dr Rustom Kanga –  iOmniscient This article was...
HID Global Introduces Best-in-Class Features to the Industry’s Leading Retransfer ID Card Printer
HID Global has launched its enhanced FARGO® HDP5000 High...
Gallagher launch Command Centre v7.10
Gallagher Security has announced one of its most important...
City Surveillance Market Set to Double
El Segundo, Calif. (June 24, 2013)—The global market for...
PUBLIC CCTV SURVEILLANCE : NETWORKS & AWARENESS
As at 2011, living in modern Australia, and indeed...

 

IMG_2258

Cybersecurity Guru Bruce Schneier, author of ‘Data & Goliath’, a New York Times bestseller, discussed the Internet’s resiliency and China’s suspected cyberattacks against major US companies.

NOTE: The day following this interview an attack occurred against Dyn, a domain name service provider, that disrupted access to high profile sites such as Twitter, Spotify and the New York Times. Attackers took over tens of millions of devices using malicious software called Mirai.

Bruce Schneier, aged 53 years, is an American cryptographer, computer security, privacy specialist, and author. Having written several books on general security topics, computer security and cryptography his latest book, ‘Data & Goliath’ is not only a best seller but a MUST read!

Schneier is a fellow at the Berkman Center for Internet & Society at Harvard Law School, a program fellow at the New America Foundation‘s Open Technology Institute. He has been working for IBM since they acquired Resilient Systems where Schneier was CTO. He is also a contributing writer for The Guardian news organization.

Editor – I read some of your comments recently about the DDOS attacks and there were questions around the testing and resilience of the Internet. So I’m seeking your thoughts on who may have been testing the Internet and its vulnerability?

Bruce –   It was the first story that I have written that has a lot of unsubstantiated rumours and I was told these things by some companies and I wrote about them because nobody else had. These were about a particular style of DDOS attack against large infrastructure companies, that look like someone very much testing the defensive capabilities of these companies.

Now I can’t name the companies, but there was this Verisign report on DDOS which confirmed that what they were experiencing had mirrored exactly what I was told. (Verisign Distributed Denial of Service Trends Report LINK)

So that’s the public information. Since I wrote that article, I was approached by two other companies that said yes we are seeing this too. So this is pervasive. The companies, including Verisign thinks it comes from China. China is, for some reason, testing these DDOS capabilities. They are not taking down any of these sites. It’s hard to know why they are doing it, it’s hard to know how effective it could be and would be. Is it a diversion or is it simply some kind of cyber war unit just running tests? It reminded me very much of the US actions during the Cold War, of flying planes high over the Soviet Union, and watching their air defences turn on to learn about capabilities. It felt like that.

Editor –   Do you think it correlates to other military manoeuvres?

Bruce –   I don’t know any of that; I don’t know enough to make that connection. All I know is that for the past year and a half, this has been happening to these large Internet infrastructure companies.

Editor –   When you say it’s being sourced from China, there are other activities being sourced from Russia, according to the US. What do you think of that?

Bruce –   This is bigger than that. It’s longer term. This isn’t something happening this week or this month, this has been going on for a year and a half, off and on.

Editor –  Is the attack methodology the same? Is the Internet something they can actually break?

Bruce –   I don’t know. So far, the companies that have been victims, Verisign included, have adequate defences, to defend against these attacks. Could it work? I don’t know. Would you want to do it? I can’t tell! It wouldn’t be permanent.

Editor –   Is this the kind of thing nation states or terrorists might be preparing to use, such as during a 9/11 style attack?

Bruce –   When you think about nation states using DDOS, it has to be in conjunction with something else. So, you can easily imagine China using it on themselves when there is a Tiananmen Square level of political unrest. Like Turkey, lots of countries sensor themselves during times of political unrest. You can imagine a country like China doing this against Taiwan for some reason. My guess it is just done as some testing capability. The companies involved were US companies, so I spend a lot of time with the Harvard Kennedy School and a lot of people there are working on cyber war, the Americans and occasionally the UK and other ‘five eyes’ countries, come in and test our cyber warfare readiness. That’s what military officers do, they plan for war and it’s my guess that it’s Chinese military officers that are doing this, like ours, like yours, like everybody’s, are planning for war. And this is one of the things that is being done in the eventuality. I think it is a risk!

Editor –   So you wouldn’t be surprised if you saw these attacks – or stress tests – as a component of major military exercises?

Bruce –   No it probably wouldn’t be that correlated. No, it’s a separate unit. This is going to be the cyber unit, who is all the way off over there. They’re not the same unit that runs submarines or does tank manoeuvres, they are the cyber people.

Editor –   You don’t think they would be thinking at that scale?

Bruce –   They might be thinking like that but the tests wouldn’t be correlated, because why bother?

Editor –   Or it would be setting off too many red flags?

Bruce –   A lot of what I am saying here is pure speculation. I saw this pattern and I thought we should make this public. I have been trying to get these companies to talk on the record, there is no shame here, but with the exception of Verisign, they never talked to me, but they published that report and I link to that in my article.

Editor –   This leads me to the Internet of Things. What’s your view there?

Bruce –    That’s the Brian Krebs story. Brian Krebs was attacked by digital video recorders, CCTV cameras, vulnerabilities in random devices, not computers.

Editor –   That is something I was interested in. Princeton did some research on this, to find out how many devices are out there with just default, root passwords and there were about 13% of all devices on the Internet that were vulnerable.

Bruce –   It’s really bad. The article I wrote after the Krebs attack is worth reading. I talk about the difference in the economics that means it’s not going to be like this [holding up his smartphone]. There is an entire team of security researchers that make sure this [smartphone] is secure. There is no such team for DVRs, and this thing gets patches every month, or every week! The DVR never gets patched and I throw this away every 18 months and buy a new one.

Editor – Thanks Bruce. Can you please sign my copy of Data & Goliath?

Get your copy at https://www.schneier.com/books/data_and_goliath/

Comments are closed.

Subscribe to our newsletter