The Register Columnists

John E Dunn

Contact Mail Follow RSS feed

Cyber-crooks think small biz is easy prey. Here's a simple checklist to avoid becoming an easy victim

Comment One of the unpleasant developments of the last decade has been the speed with which IT security threats, once aimed mainly at large enterprises, have spread to SMBs – small and medium businesses. Today, SMBs are no longer secondary targets, and are up against exactly the same cyber-threats with the same level of sophistication …
John E Dunn, 5 Nov 2018

SIEM, UBA, UEBA... If you're suffering netsec acronym overload, then here's our handy guide

Comment In a little more than 20 years, what quaintly used to be called "network security" has gone from simple firewalling and VLANs to talk of analytics driven by self-learning machine intelligence and AI. How should we make sense of such a dramatic jump? The engine of change has been cybercrime and its remarkable ability to render …
John E Dunn, 8 Oct 2018
Man holding laptop computer and pointing finger up

Baddies just need one email account with clout to unleash phishing hell

A single account compromise at an unnamed "major university" in the UK led to a large-scale phishing attack against third parties, according to data protection outfit Barracuda Networks. With one account in their pocket, the attackers used it to compromise modest numbers at the same institution, after which they were turned …
John E Dunn, 24 Sep 2018
Old engraved illustration of battering rams being used on a castle

Some credential-stuffing botnets don't care about being noticed any more

The bots spewing out malicious login attempts by the bucketload appear to have cranked it up a notch. According to Akamai's latest State of the Internet report on credential stuffing (PDF), its customers alone were deluged by 30 billion malicious logins between November 2017 and June this year, an average of 3.75 billion per …
John E Dunn, 24 Sep 2018

The curious sudden rise of free US election 'net security guardians

Analysis Nothing super-fuels a security sales pitch like the sort of threat it’s hard to ignore. After China’s massive Aurora attacks on Gmail in 2009, it was the terror of Advanced Persistent Threats (APTs) that helped make fortunes for a new wave of security startups, post-incident forensic companies, and others peddling intelligence …
John E Dunn, 22 Sep 2018
Wall Street Charlie Sheen

Congrats on keeping out the hackers. Now, you've taken care of rogue insiders, right? Hello?

Comment It's exasperating how each high-profile computer security breach reveals similar patterns of failure, no matter the organization involved. One such reoccurring theme is that IT departments find it can be hard to stop employees going rogue, or spilling their login details into the wrong hands, ultimately leading to damage or …
John E Dunn, 20 Sep 2018
Hole in fence broken through security

C'mon, biz: Give white hats a chance to tell you how screwed you are

There have never been more white-hat researchers hunting for vulnerabilities on internet-facing systems and yet barely any organisations provide a way for them to report the issues they find. In theory, the easiest way is to publish a Vulnerability Disclosure Policy (VDP), yet recent research here and here (PDFs) from bug …
John E Dunn, 18 Sep 2018

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

Equifax was so unsure how much data had been stolen during its 2017 mega-hack that its IT staff spent weeks rerunning the hackers' database queries on a test system to find out. That's just one intriguing info-nugget from the US Government Accountability Office's (GAO) report, Actions Taken by Equifax and Federal Agencies in …
John E Dunn, 17 Sep 2018

Generally Disclosing Pretty Rapidly: GDPR strapped a jet engine on hacked British Airways

Analysis If Equifax's mother-of-all-security-disasters last year underlined one thing, it was that big companies think they can weather just about anything cybercriminals – and regulators – can throw at them. One unpatched web server, 147 million mostly US customer records swiped, and a political beating that should pulverise a company …
John E Dunn, 12 Sep 2018
Woman looks sceptical at laptop

Email security crisis... What email security crisis?

In late August, Microsoft announced a free service that arguably reveals more about the future of the email business and its struggles with security than several years' worth of earnest press releases. Called AccountGuard, it's Microsoft's answer to the phenomenon of Russian phishing meddling with the US elections and the …
John E Dunn, 11 Sep 2018

Feel the shame: Email-scammed staffers aren't telling bosses about it

The number of UK companies on the receiving end of business scams involving email has risen by nearly two-thirds – 58 per cent – in the last year, new data from Lloyds Bank has revealed. Stats from the bank showed the average loss from so-called "business email compromise" (BEC) frauds has reached £27,000. IT workers are …
John E Dunn, 7 Sep 2018
Graphs showing deviation

Could you hack your bosses without hesitation, repetition or deviation? AI says: No

Comment Businesses find themselves in a world where the threat to their networks often comes not simply from a compromise of their computers, servers, or infrastructure, but from legitimate, sanctioned users. There is nothing new about the notion of cyber-attackers seeing human beings as their biggest target. For years, real-world …
John E Dunn, 7 Sep 2018
man in headset in fake fatigues sits in front of monitor, speaks intently to unseen officer

Nope, the NSA isn't sitting in front of a supercomputer hooked up to a terrorist’s hard drive

Analysis Not since the days of the US Clipper chip in the early 1990s, have backdoors put there by government decree to bypass encryption been this fashionable with governments. Clipper – an encryption chipset with a US-government-accessible backdoor backed by the US National Security Agency (NSA) – foundered on the stubborn resistance …
John E Dunn, 6 Sep 2018
Dog waits on a Welcome mat. photo by sHutterstock

Welcome! Mimecast finds interesting door policies on email filters

Inhouse email filters still miss millions of attacks – including malware attachments, impersonation and malicious links – the latest quarterly stats from cloud provider Mimecast have found. The company used its Email Security Risk Assessment (ESRA) tool to assess the efficiency of email security in use by 37 organisations …
John E Dunn, 30 Aug 2018

If you have to simulate a phishing attack on your org, at least try to get something useful from it

Just when it looked as if the US Democratic National Committee (DNC) had finally got one over on the phishing hackers that had been owning it since 2016, the triumph was torn away by a moment of rebellious fakery. On August 20, DNC security partner Lookout's machine-learning system spotted a site impersonating the DNC …
John E Dunn, 29 Aug 2018

No, eight characters, some capital letters and numbers is not a good password policy

Internal cybersecurity audits rarely make it to the public domain, but when they do it’s often an eye-popping read. Take the Western Australian (WA) Auditor General’s 2017 recent report on the state of user account security in an Aussie state which tends a mammoth 234,000 Active Directory (AD) accounts across 17 state agencies …
John E Dunn, 28 Aug 2018

Black hats are baddie hackers, white hats are goodies, grey hats will sell IP to kids in hoodies

The threat from rogue insiders, for so long dismissed as scare stories, has quietly bubbled back on to the official worry list. High-profile cases – like that brought against Anthony Levandowski over IP he was accused of stealing from Google's Waymo car division, and Jiaqiang Xu, who got five years in the clink for stealing …
John E Dunn, 28 Aug 2018
businessman operating virtual hud interface and manipulating elements with robotic hand

We can rebuild him, we have the technology: AI will help security teams smack pesky anomalies

Analysis With highly targeted cyber attacks the new normal, companies are finding the once-hidden Security Operations Centre (SOC) is the part of their setup they really count on. SOCs have existed in a variety of guises for decades, emerging in recent years as a natural consequence of centralising security monitoring across …
John E Dunn, 24 Aug 2018

CVE? Nope. NVD? Nope. Serious must-patch type flaws skipping mainstream vuln lists – report

The first half of 2018 saw a record haul of reported software vulnerabilities yet a high proportion of these won’t appear in any mainstream flaw-tracking lists, researcher Risk Based Security (RBS) has claimed. According to the company’s estimate, from the beginning of the year until June 30 it recorded a total of 10,644 …
John E Dunn, 14 Aug 2018

Alaskan borough dusts off the typewriters after ransomware crims pwn entire network

A ransomware infection has cast the Alaskan borough of Matanuska-Susitna (Mat-Su) back to the dark ages. The malware was activated in mid-July, infecting 60 of the borough's Windows 7 PCs. As the IT department tried to clean the infection and reset passwords using a script, the malware started "attacking back", spreading to …
John E Dunn, 3 Aug 2018
key throw

Cache of the Titans: Let's take a closer look at Google's own two-factor security keys

Analysis Intriguing news for anyone who believes that FIDO two-factor authentication keys are the obvious way to stop phishing attacks that not enough people use – Google is launching its own authentication token. Called the Titan Security Key (not to be confused with Google’s Titan security chip), its announcement at Google's Cloud …
John E Dunn, 2 Aug 2018
Man possibly shocked at what he's seeing on computer screen

2FA? We've heard of it: White hats weirded out by lack of account security in enterprise

Few companies bother to secure employee accounts with simple protections like two-factor authentication (2FA) and lockouts, an analysis by security company Rapid 7 has found. These were only the most glaring weaknesses that emerged from 268 real-world penetration tests carried out by its security staff since 2017 for the …
John E Dunn, 25 Jul 2018
Duck Hunt. Credit: Nintendo.

Mega medical tester pester: It smacked a big one, that malware scam, if indeed it was SamSam

Analysis One of the largest clinical testing specialists in the US, LabCorp Diagnostics, is coming out of recovery mode a week after being hit with ransomware – reportedly SamSam, the same malware that brought the US city of Atlanta to a standstill earlier this year. LabCorp has not confirmed that the malware was SamSam, but several …
John E Dunn, 24 Jul 2018

Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers

Up to 90 per cent of the average online retailer's login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report. The biz crunched the numbers [PDF] on 51 organizations across a range of global sectors that reported having an eye- …
John E Dunn, 20 Jul 2018
Pushy young salesman business man advertising his best product on a phone

Have you heard about ransomware? Now's the time to ask: Are you covered?

Every industry has its collection of shocking stories, but Britain's cyber-insurance sector can always be relied on to top the lot. Take the unnamed British medium-sized enterprise that recently found itself staring at a ludicrous £1m ransom demand after attackers sneaked off with some very important data. This was a straight …
John E Dunn, 30 May 2018

Biting the hand that feeds IT © 1998–2018