The IT Security Attaché » security

TITSSN is looking for mobile security vendors to participate in our Mobility/Endpoint Security Summit “MESS” on Tuesday February 16th 2010 at the local Microsoft Briefing Center in New York City.

Brett A. Scudder — Fri, 08 Jan 2010 19:47:08 +0000

Good day to you,

If you are a security vendor that provides solutions for mobile devices I am interested in talking with you about being a part of our MESS in February. Please feel free to contact me directly for further discussion.

Here is more information about the summit.

The Summit will be focusing on the proliferation of mobile devices (laptops, Tablet PCs, Pocket PCs, UMPCs, Smartphone’s, media players, mass storage devices and add-on cards) and the threats they present to the consumers/businesses and the data that resides on them. We will provide the products and solutions that will allow the management and control over these devices through the endpoints.

Live hands on demos will be available. There will be test/demo systems configured and setup to facilitate the effective use of the information and products being presented and demo’d. There will be mobile devices from the industry vendors such as HTC, Palm, Motorola, Google, Samsung and more.

We are all aware of how these devices can be used to steal data/information off the target system unbeknownst to the user.

The Summit will focus on 3 key areas of mobility and security.

1. The Devices – A look at the mobile devices on the market today.

a. Netbooks, Laptops, Tablet PCs, Mini PCs, UPMCs
b. Smartphone’s/Pocket PCs – HTC’s, Motorola’s, HP Smartphone’s, Samsung, Cell phones
c. Apple’s iPhone and Google’s Nexus One
d. Media Players – iPod’s, MP3 players and more
e. Mass Storage Devices (USB Flash drives, Compact and SD cards, mobile phone memory sticks, and more)
f. Wireless capabilities – Infrared, Bluetooth, Wi-Fi, WiMax,
g. The Operating Systems – Windows Mobile, Symbian, Apple, Android

2. The Threats – A look at the threats that affects these devices and how they are targeted and attacked from internal and external sources.

a. Viruses/worms proliferation from devices to network to world.
b. Unauthorized connectivity to and from unscrupulous devices and sources (wired and wireless).
c. The use of these devices for storing critical business data and information.
d. Sharing data and information to and from the device through messaging and wireless connectivity.
e. The availability of over the air messaging and other communications tools and the problems they present.
f. Data loss/Theft of these devices and the business impact it presents.
g. Addressing the myths about over-the-air wiping of the device and why it is not effective today. The device is still a threat if lost.

3. The Protection – How to manage, protect and secure these devices from the threats.

a. How to manage the devices on and off the network.
b. How to protect and secure your endpoints from these unauthorized devices.
c. How to secure the devices against malicious codes (viruses, worms, Trojans, keyloggers, hackers) with viral protection.
d. How to secure the data/information residing on the devices local store and storage cards with data encryption.
e. How to secure the wireless connections of the device.
f. What to do in the event of a device loss or theft – the incident alert/response, damage control and alerting process.
g. How to make the over-the-air wiping feature effective and to mitigate the loss of data if device is lost.

Please feel free to share this request with any vendor that may find it of value.

Thank you and have a great day,

~Brett A. Scudder~

How serious is my messaging identity, 150+ domains, multiple mail services and providers, no public webmail accounts

Brett A. Scudder — Fri, 16 Oct 2009 04:13:00 +0000

So here I was caught up in another messaging discussion and the use of online mail services. I don’t mind having a discussion on mail security but when it comes to infrastructure people tend to think I over extend the value and need, do I?

Ever since I started my very first business I have always had my own domain name and had my own mail server/services. I had this identity crisis that always led me to believe that the real value of a businessman was to reflect the value of his infrastructure across the board. I was never a fan of webmail services because I always felt that the manipulation of my messages should be handled by me alone. I always felt that some visibility was always in the hands of the service provider and that didn’t sit well with me.

Setting up an email server was the slickest thing and didn’t require any high end technical knowledge if you had technical knowledge at all. So over the years I built on that and continued that practice. So today here I am with 150 domains under my name and the access, resources and availability of adding messaging services to all. So I settled on one domain name as my primary and then two secondary with two backups.

Hmm, what does that mean you ask, simple.
I manage one account that is copied to two other accounts as backup and then aggregated into a catchall on two others. All five accounts are on different servers so the chance of losing/missing a message is less than .0001%. I may have a task finding it depending on which layer of the mix I am looking for it.

So does that sound like I take this messaging thing too seriously?

It’s your call but for me, it is critical that I have and can find my messages even if my primary account is down or inaccessible. The other aspect of that is identity, identifying myself as the owner of that domain and all other associated domains in that name sequence. There are nine major domain extensions, .com, .net .org, .info, .ws, .biz, .me, .mobi, .us (varies depending on the country you live in) and whenever I’m getting a new domain I get all of them. I get them because I want to ensure that the name is owned across the nine for/by me. There are a few rare instances where I may like something that is already taken and if it is the .com only then I base the need on severity. Again, this is a rare case as I always try to find unique names that most people wouldn’t come up with. Take TITSSN as an example.

So now you know how I end up with over 150 plus domains and my various hosting infrastructure allows me to fire up a new mail infrastructure on any one at anytime.

So how many email accounts do I have?

We’ll leave that for another time lol. Let’s just say I left the people with that blank look of awe on their faces. It was a nice conversation though and it made the train ride home much quicker.

Have a great day,

~Brett A. Scudder~

TITSSN launches its Technology / IT Security Social Network which is now live and open for membership. Please join us for some good education and awareness

Brett A. Scudder — Sun, 03 May 2009 09:12:11 +0000

Good day to you,

On May 1^st 2009, TITSSN answered the call of providing a converged resource to address the needed online training, education, awareness and resources of the technology and security issues and challenges facing us today for tomorrow. As leaders in this field we understand the challenges being faced in dealing with the day to day management, learning and happenings of these threats and their impacts. While countries, companies and organizations are falling victims to these attacks, industries are suffering through the loss of revenue, privacy and productivity, and people are feeling and seeing the real effects of the real world we live in where the internet brings us together as a global connected network filled with valuable resources and resistance is futile, it is everywhere and is not going away.

We are still not seeing enough being done to educate people across the board and make them aware of these issues and their true impacts and so we’re taking the network to a higher level towards this initiative.

IT Security is a people problem, not an industry one and as such must be addressed effectively and accordingly.

So it is for this reason that we choose to build a social community to address these things together and to provide the training, education and awareness by the people who can speak of and about them at all levels, those who develop them, those who sell and support them, those who are out in the field fighting the good fight to prevent, mitigate and stop the growing rates of infections and compromises and those who want to learn more about being safer and secure together in one place. This is a work in progress and as we grow, so we’ll learn and so we’ll adjust to the need for changes. This is what we do on a daily basis as TITSSN continues to deliver its messages of security education, training and awareness now for a more secure future. We will be moving our operations into the social network immediately to help enhance the collaborative values, resources and functionalities.

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking, training, education, awareness and collaboration for, on and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. Everyone is affected at all levels and so we must cultivate an open concerted atmosphere to address issues effectively. We look forward to your participation in this effort as a leader, contributor, reader, advisor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

The networks address is http://titssn.org.

Features include:

Real-time chats

Blogging

Audio/Video/Text IM

Discussion groups

Polls

Events calendar

Products/Solutions recommendations

Featured products, people, service providers

Our own publications (recommendations, best practices, guides, reports, findings and educational info)

And much more.

Discussions and groups that are up and running:

Application Security – developing secure applications and standards

Breach Notification Laws – country/state laws

Business to Business IT Security “BtBITS” – businesses protecting each other’s interests

Cloud Computing/Security – Issues, concerns, development, education and awareness

Computer Forensics – Data and Network

Cybersecurity – myths, issues, concerns, development, education and awareness

CyberWar – on, about, awareness, information, collaboration

Data Security – securing the data/information

DCITSUG – Washington DC IT Security Users Group

Emergency Security Response Program “ESRP”

Endpoint Security – What are they, why they are vulnerable and how to protect them

Hacking Unleashed – Ethical/Unethical – the world of hacking

I-CON Science and Technology Conference

Identity Theft – prevention, support and solutions

Incident Response – What happens when something goes wrong/bad?

IT/Security things/issues that make you paranoid

IT Security Best Practices – General

IT Security Facts and Myths

IT Security Leaders

IT Security Requests and Support

IT Security Service Providers ~ITSSP~

IT Security Training and Development – General

IT Security in our educational institutions – curriculum upgrade

Microsoft Small Business Server Security – Securing the server and components

Mobile Security – securing the mobile users/devices and they data they host

Managed Security Services Providers “MSSP”

NYeWin – New York Enterprise Windows Users Group

NYITSUG – New York IT Security Users Group

NYSBS – New York Small Business Server Users Group

Online Security – Securing your online experience

OWASP – Open Web Application Security Project

PAITSUG – Pennsylvania IT Security Users Group

PC Security at home

Perimeter Security – securing the perimeter

Physical Security – a critical part of your security model

Ready Rockaway – Disaster/Emergency Preparedness

Small Business IT Security – securing the small businesses

SPEAK – Security Professionals Engaged in Advanced Knowledge

Social Networkers United – the future belongs to us

Social Networking – security, trends, myths and best practices

TITSSN’s Adopt an Institution Program – ~AaIP~

TITSSN’s Code of Honor – Advocates for the future of professional Messaging

TITSSN’s Code of Honor – Advocates for the future of IT Security Education and Awareness

TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~

TITSSN’s General Network Members

TITSSN’s IT Security Community Outreach Program ~COP~

TITSSN’s IT Security Scholarship Program ~ITSSP~

TITSSN’s Secure Medical Protection Program ~SMPP~

TITSSN’s Secure Mobile Professionals Network ~SMPN~

TITSSN’s Secure Minds Initiative

TITSSN’s Small Medium Business IT Security Summit ~SMBITSS~

TITSSN’s Windows 7/Vista SP2/Windows Server 2008 SP2 Testing and Development Group

The Compliance Suite (Regulatory/Non Regulatory)

The Framsyn Initiative

The IT Security Threats Landscape ~TITSTL~

The Privacy Suite – it’s all about privacy

Viral Outbreaks – containment, response, prevention

Viral, Spyware, Malware Detection and Removal – the growing trends

Voices of IT Security

Wireless Security

Government Security Mandates, Protocols, Policies and Response

US – CERT – United States Computer Emergency Readiness Team

US – CIA – Central Intelligence Agency

US – DHS – Department of Homeland Security

US – FBI – Federal Bureau of Investigation

US – NSA – National Security Agency

These are just a few of the topics, issues and groups that are available as we start off on this journey together and when you join us, you too can add to what is there if there is something of interest that is missing.

We look forward to your support and we know this will be of great value for you.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché

TITSSN’s Technology / IT Security Social Network is now live and open for membership. Join us.

Brett A. Scudder — Fri, 01 May 2009 20:26:21 +0000

Good day to you,

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking and collaboration for and about technology and securing them.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. We look forward to your participation in this effort as a leader, contributor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

http://titssn.org

Thank you and have a great day.

~TITSSN~

TITSSN’s April Live Meeting Webcast – Web v.2.0. Ready or not, here it comes v.3.0. Are you ready? Monday April 27th at 7pm

Brett A. Scudder — Thu, 16 Apr 2009 17:43:07 +0000

Greetings,

I am working on my monthly online webcast for April about the Web 2.0 infrastructure in preparation for the upcoming v.3.0. The drastic growth of the Web 2.0 infrastructure caught many people off guard as they jumped into it not knowing what was involved and the issues associated with it. It also created many new threat vectors many of which are still not under control today as the increase of threats/attacks specifically targeting this infrastructure is growing as rapidly as the number of people using it.

The recent Conficker issues have delayed my presentation for this month as I had to be helping out in various organizations to deal with it and so I will be doing it on the 27^th.

This presentation will address the present state of the Web 2.0 infrastructure, features, privacy (yes or no), pros, cons and the security concerns associated with it. It will also provide guidance on how to stay private and secure while maximizing the full potentials of the features and capabilities of it. More importantly, I will address the upcoming Web 3.0 realm and why resistance is futile and how can and will you be secured within its realm. Lots of good stuff so please mark this on your calendars and the meeting info will be posted soon.

My May session will be on the Breach Notification Laws and I will have a legal expert joining as a co-host to address this in more legal terms. More details will be provided soon.

This is just one of the ways in which TITSSN and the IT Security Attaché are trying to enhance the education and awareness of these technology/security issues to the general public. All are invited to join.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs

President/CEO/Chairman/Founder/Security Architect

~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs

VMware patches new critical security vulnerability

Brett A. Scudder — Thu, 16 Apr 2009 17:13:15 +0000

VMware patches new critical security vulnerability

Chuck Miller | http://www.scmagazineus.com/VMware-patches-new-critical-security-vulnerability/article/130518/

April 10 2009

VMware on Friday issued patches for a critical security vulnerability in its ESX and ESXi virtualization products.

The issue is new, different from the vulnerability in a guest virtual device driver that was patched by VMware earlier this week. That earlier flaw could cause a potential denial-of-service, and affected Workstation, Player, ACE, Server, ESX and ESXi virtualization products.

One of the reasons this new vulnerability was labeled “critical” is that it could affect the underlying host operating system in a virtual environment.

“A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host,” the VMware advisory said.

The VMware advisory lists a number of VMware versions that are affected, and whether the patches will properly address the vulnerability. But apparently, some users who have older versions may not be helped.

“Depending on your version, your only option may be to upgrade rather than patch,” wrote Steve Hall, handler at the SANS Internet Storm Center, on the organization’s blog.

The typical way to apply patches to ESXi hosts is through the VMware Update Manager, but ESXi hosts can also be updated by downloading a single offline download file, according to VMware.

Twitter worm underscores social-networking vulnerabilities

Brett A. Scudder — Thu, 16 Apr 2009 17:08:12 +0000

Twitter worm underscores social-networking vulnerabilities

Chuck Miller | http://www.scmagazineus.com/Twitter-worm-underscores-social-networking-vulnerabilities/article/130562/

April 13 2009

Twitter was struck by a particularly nasty cross-site scripting worm over the weekend, again bringing to light the threat of client-side attacks across social networking sites.

Four variants of the worm hit Twitter, bringing back memories of the infamous — and groundbreaking — Samy worm that snaked through MySpace several years ago.

The Twitter worm spread links to a supposed Twitter copycat site called StalkDaily[dot]com by exploiting a cross-site scripting (XSS) vulnerability and infecting an unknown number of Twitter profiles. Each wave of the worm attacks was more intense than its predecessor, according to a post on the official Twitter blog.

“We secured the accounts that had been compromised and removed any content that might help spread the worm,” Twitter co-founder Biz Stone wrote on the blog. “All told, we identified and deleted almost 10,000 ‘tweets’ [messages] that could have continued to spread the worm.”

The worm’s activity seems to have been contained, but there is little guarantee that no threats remain, experts said.

“This may be an open-ended problem,” Andy Hayter, Anti-Malcode program manager at security solutions tester ICSA Labs, told SCMagazineUS.com on Monday. “I don’t think we’ve seen the end of it.”

But overall, the damage so far has been minimal, Stone said in his blog post. No personal information was compromised.

“All the attacks are JavaScript-based, so turn off JavaScript in your browser if you are worried,” Hayter said.

Richard Wang, manager of Sophos Labs U.S., recommended Twitter users avoid clicking on untrusted links. He also told SCMagazineUS.com that Twitter can modify its platform so it cannot support malicious code such as this.

Stone wrote: “We are still reviewing all the details, cleaning up, and we remain on alert.”

According to published reports, a 17-year-old Brooklyn, N.Y. boy has taken responsibility for the attack. Michael “Mikeyy” Mooney said he devised the malware out of boredom and to prove how vulnerable Twitter is.

Stone likened the attack to one perpetrated by Samy Kamkar, who, in 2005 when he was 19, unleashed a similar self-replicating, XSS worm across MySpace that was believed to be the first of its kind. The worm was benign but enabled Kamkar to attain more than one million “friends” in 24 hours. He later was sentenced to three years probation and ordered to serve 90 days of community service.

Survey finds that SMBs often lack basic security

Brett A. Scudder — Thu, 16 Apr 2009 16:54:22 +0000

Survey finds that SMBs often lack basic security

Angela Moscaritolo | http://www.scmagazineus.com/Survey-finds-that-SMBs-often-lack-basic-security/article/130485/

April 10 2009

Updated Friday, April 10, 2009 at 3:37 p.m. EST

Despite being aware of the importance of security, small-to-medium-size businesses (SMBs) generally are not protecting their networks, according to a survey released Thursday by Symantec.

The survey, which was conducted this February and compiled data from 1,425 respondents worldwide, found that SMBs are facing a “security gap” because they often lack basic security measures — 59 percent of respondents do not have endpoint protection, 47 percent lack desktop backup recovery and 42 percent are not running an anti-spam solution.

In addition, more than a third of SMBs, defined as having 10 to 500 employees, lack server backup recovery (38 percent) and anti-virus protection (33 percent).

“Too often people seem to think — small company equals small risks,” Rick Caccia, vice president of product marketing at security vendor ArcSight, told SCMagazineUS.com in an email. “[But] in fact, small companies manage credit card numbers, health information, social security numbers, and other sensitive pieces of data.”

Kevin Murray, senior director of security product marketing at Symantec told SCMagazineUS.com Friday that he thinks the most surprising survey finding is a third of companies do not have AV protection.

“The key message is that SMBs are more at risk than they think.” Murray said. “For example, most of the computer industry assumes AV is on every system out there, this survey shows that’s not the case.”

Though many SMBs don’t have basic protections in place, survey respondents said they are concerned about the threats facing them. Viruses are the top concern for SMBs, with 79 percent of respondents saying they are “extremely” or “somewhat concerned” about this threat. Spam is the second biggest concern, followed by data breaches.

Symantec said that one of the factors driving this gap in security protections is the lack of an IT staff at many SMBs. Forty-two percent of respondents said they don’t have a dedicated IT professional on staff. Instead, company managers, business owners and other staff are in charge of their computer systems, according to the survey.

Caccia said he thinks this is one of the survey’s most important findings.

“SMBs, because of a lack of security staff, may not actually know what they should be doing to protect themselves from hackers, malware, and data theft,” Caccia said.

Caccia said that because of a lack of staffing resources, what is missing is the understanding of which security pieces to buy and deploy, how to do so, and where to tie them together to provide practical protection.

On the positive side, SMB IT security budgets seem to be growing — 50 percent of respondents said they plan to increase spending in the next 12 months, according to the survey. Currently, the median IT security budget for SMBs is $4,500.

Similarly, Forrester Research said in a January report that both SMBs and large enterprises expected to allocate more of their IT budgets to security spending this year, compared to 2008.

“They [the SMBs] recognize the need to secure their information, but what they are not doing is acting to do it properly,” Murray said.

Murray said that SMBs should become educated and stay informed about the latest threats. He also suggested working with a solution provider to find out where to spend IT security budgets to be protected.

Conficker wakes up, updates, drops payload

Brett A. Scudder — Thu, 09 Apr 2009 13:08:53 +0000

April 9th, 2009

Conficker wakes up, updates, drops payload

Posted by Andrew Nusca @ 4:09 am | http://blogs.zdnet.com/BTL/?p=16082&tag=nl.e019

Categories: Security

The Conficker worm is finally active, updating via peer-to-peer between infected computers and dropping a mystery payload on infected computers, Trend Micro said on Wednesday.

CNET’s Elinor Mills reports that researchers are analyzing the code of the software that is being dropped onto infected computers and suspect that it is a keystroke logger or some other program designed to steal data from the machine.

The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according to Trend Micro. The software is heavily encrypted, which makes code analysis difficult, the researchers said.

Just yesterday, Zero Day blogger Dancho Danchev noted that a Conficker copycat was already making its rounds.

According to a post on the TrendLabs Malware blog, the awakened worm tries to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com as a way to test that the computer has Internet connectivity. It then deletes all traces of itself in the host machine, and is scheduled to shut down on May 3.

Mills reports:

Because infected computers are receiving the new component in a staggered manner rather than all at once there should be no disruption to the Web sites the computers visit, said Paul Ferguson, advanced threats researcher for Trend Micro.

“After May 3, it shuts down and won’t do any replication,” Perry said. However, infected computers could still be remotely controlled to do something else, he added.

The development was found when Trend Micro researchers noticed a new file in the Windows Temp folder and a large encrypted TCP response from a known Conficker P2P IP node hosted in Korea:

Two things can be summed up from the events that transpired:

1. As expected, the P2P communications of the Downad/Conficker botnet may have just been used to serve an update, and not via HTTP. The Conficker/Downad P2P communications is now running in full swing!

2. Conficker-Waledac connection? Possible, but we still have to dig deeper into this…

As for the second point, researchers said the worm tries to access a known Waledac domain and download another encrypted file, but they’re still trying to examine the connection.

More Conficker news on ZDNet:

· Dancho Danchev: Conficker worm’s copycat Neeris spreading over IM

· Adrian Kingsley-Hughes: Friday Rant – Conficker worm hype

· Ryan Naraine: Eyeballing Conficker with eye-charts and maps

· Tom Espiner: Conficker an April Fool’s joke? Maybe not

Andrew J. Nusca is an assistant editor for ZDNet.com. See his full profile and disclosure of his industry affiliations.

My first system refresh for 2009. How often do you refresh yours?

Brett A. Scudder — Wed, 01 Apr 2009 18:32:40 +0000

Greetings,

It’s that time of the year again and now I have more of a challenge this year as I have more systems to refresh. Every 2-3 months I do a complete system wipe and rebuild of my primary systems (now 16) to give them a clean start and a fresh look and feel. During the year I test so many products and solutions from the industry and once I have tested and like something, it gets added to my approved applications list and is allowed to be installed on my primary systems. It also give me a fresh build as I get rid of old install files or hidden threats that may have been left behind and now the system breathes and runs much better.

These are different from my test boxes that I may refresh daily, weekly or after a few months depending on what i’m testing on it and the period needed to properly deal with it.

As a senior executive on various committees, boards and teams, I take my security practices very seriously as a compromise on my end could lead to mass messaging or some kind of threat coming from my network which could lead to serious issues for my recipients. I am very vigilant about keeping the best of best practices for my organizations infrastructure with regular reviews and updates. As a security professional responsible for numerous organizations infrastructure, I practice these steps to protect myself and those who I collaborate with and the responsibility to protect the people and data in them. One can never be too cautious in this time and age of new and emerging technology and threats and so I try to stay on the cutting edge of the security issues.

So it is that time and my first refresh of which I am somewhat happy for as i’m getting ready to move most of my Vista boxes over to Windows 7. I have been playing around with some new products and solutions and will be moving over to them during this refresh cycle. The timing of this new Conficker worm couldn’t be any worse (or maybe better) as i’m refreshing between March 31st-April 1st. I’m also rolling out a hot new UTM ~Unified Threat Management~ device today as well and I look forward to its protective features and enhancements.

So away I go to start prepping for my refresh and trying to keep up on this Conficker issue which has set me back a day in my schedule.

Thank you and have a great day,

~Brett A. Scudder~

The IT Security Attaché

TITSSN takes on the I-CON 28 Science and Technology Conference on April 3rd-5th in Brentwood, Long Island

Brett A. Scudder — Wed, 01 Apr 2009 09:07:33 +0000

Good day to you,

It’s that time of the year again and I-CON is here in all its glory, fan filled excitement and awesomeness. TITSSN endorses the I-CON Science and Technology Conference which is in its 28^th year, and attracting over 6000 fans from across the country by supporting its need for getting the needed contents and information out to its attendees. This year’s event will be hosted at the campus of Suffolk County Community College in Brentwood Long Island and TITSSN will be there in full swing to address the IT Security Threats Landscape in various panel discussions, workshops and open sessions. Mr. David Carlos, CEO of David Carlos Managed Information Architects and I, the IT Security Attaché, will be representing TITSSN and covering topics such as:

Cyber-Crime (Fri, Marriott, 8:30pm)

How the world of Cyber-Criminals operate – the botnets, the spam, the hackers, etc. Motivations, methods, tools (try to avoid actually teaching people to be cyber-criminals).

Military Technology (Fri, SCCC, 10pm)

General discussion of new developments in offense and defense for the military. Ray guns, unmanned aircraft, robots, nanotech, psychological warfare, medical advances – and when some of these (more benign) things may be seen outside the military environment

Things That Make You Paranoid (Sat, Marriott, 11:30) Last year, this apparently started off with about 10 minutes of doomsday events and quickly morphed into privacy and security panel. Description from last year: Protecting yourself in an increasing hostile technological environment. Why the OS sometimes doesn’t matter, new attack vectors (e.g. cell phones), other things to make you paranoid.

Privacy and Security (Sat, SCCC, 12:00)

Maintaining your privacy and the security of your personal information when everything is online. Implications of Obama’s plans for electronic medical records. The penalties and how they are and ARE NOT enforced for various violations. The pros and cons of sharing/storing your medical and other information with services like Google Health. Should you mind targeted marketing based on data web sites and loyalty programs generate?

The Security Illusion (Sat, SCCC, 5pm) How technology is used to provide a perception of security from terrorism and the technologies that exist that COULD ACTUALLY DO IT.

Supercomputing (Sat, SCCC, 6pm)

Overview and discussion of the various methods of building a supercomputer and how they work.

Security 101 (Sat, SCCC, 6pm) Conficker and the new world of security threats. Addressing today’s IT Security Threats Landscape and its effects on people

Will HAL Dream? (Sat, SCCC, 21:00)

General discussion of artificial intelligence – from SkyNet (Terminator) to the HAL9000 to Data (from Star Trek) – how close are we, will it take over the world, and how to stop it if it tries to.

Security 102 (Sun, SCCC, 1:30pm) Your biggest security concerns. Are they valid or just myths? Protecting your computers and network from those concerns.

NASA Today (Sun, SCCC, 14:00)

Discussion of NASA’s current publicly known goals, how they should be changed, improved, or re-prioritized.

Global Warming Myths and Facts (Sun, Marriott, 4pm) Discussion of global warming myths, facts, and (potentially) debate.

Discussion could include perspectives that global warming is not happening and/or is actually progressing in a potentially “natural” way that would happen even without human activity.

This is a fun filled and educational event for the entire family and those who are serious games, anime, sci-fi, mystery and the works addicts. Different sessions, workshops, films, and activities take you through the day and into the early hours of the morning.

TITSSN would like to say a special thank you to Mr. Lee Wilbur, Director of Information Technology and Science and Technology Track Leader at I-CON and member of TITSSN for this opportunity to be a part of the event and accepting our contributions to it. We will continue to work with him and endorse the event in any way we can. Next year we will try to have more people representing the organization to help cover more IT/technology sessions.

For those who will be at CON, see you there.

More info about I-CON can be found on their website here http://iconsf.org.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs

President/CEO/Chairman/Founder/Security Architect

~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs

Brett.Scudder@titssn.net (877) 539-8614 / (718) 928-6516

We are Security – your Security – our Security – IT Security. Our Security is Safe and Secure.

A Managed Security Services/Value Added Resellers Provider (MSS/VAR-P)

My LinkedIn profile – http://www.linkedin.com/in/titssn | TITSSN’s IT Security Forum Board http://titssn.net/forum

Follow me on Twitter http://twitter.com/TITSSN | Facebook http://www.facebook.com/people/Brett-A-Scudder/1161704997

TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~

Brett A. Scudder — Tue, 24 Mar 2009 23:30:05 +0000

TITSSN has always been a network of, for and about the community and we have always tried to find ways of working within it to make it the most valuable and successful experience ever for our members. In working with our communities in and outside of IT, we have found similar issues that reflected upon the need for creating a more resourceful and aggregated system that would put people, processes and things together, making it a more seamless integration for all. Our education and awareness training and development initiatives built on these findings so that we would address the issues on a more personal level as a team. The extensive experience and qualifications of the network members in their areas of business provides invaluable impact on what we see, hear, say and how we react to them.

It is for this reason that we are enacting a new initiative to aggregate all these issues, programs and initiatives under one umbrella that I believe will fix these problems, ENGAGED. ENGAGED, ENabling Greater Awareness, Growth and Educational Development, is an initiative that will take our education, awareness, training and development initiatives to a whole new level. Through ENGAGED we’re working with businesses, schools, libraries, churches and other institutions to deliver the needed resources for addressing the IT Security Threats Landscape of today for tomorrow.

As a network of technical professionals, consultants, specialists, VARs and business executives, the ENGAGED initiative will add the much needed collaboration between the organization members. One such enhancement will be a bi-weekly Live Meetings via Microsoft’s Live Meeting service to help with the adoption, training and development of its members on new and existing products and solutions in the security space. This will add the needed value of increased training on specialized products and services provided by the network. Our integration of working with the vendors directly will allow the additional benefit of having their high level technical people in the session to help with the understanding of the products and any problems and support we may need. TITSSN believes that it is through the proper training, understanding and knowledge of these products that we will be successful in supporting, deploying and managing them, and so we’re adding more value through the use of live meetings.

On Monday April 20^th, TITSSN will enhance the ENGAGED initiative by starting an IT Security Training and Development course for the youths in our local schools through their local office in Arverne NY. This course will be geared towards working with the youths of today who are growing up to be our professionals of tomorrow to give them a better look and feel of the space and what to expect from it. We are working with the local schools in the community to select a number of students who will participate in this course and get the needed exposure to today’s IT Security Threats Landscape ~ITSTL~ and how they can be valuable resources in making it better for tomorrow. This training course will not be the end all, be all for them as we plan on helping them throughout their professional development as mentors in the space. The initiative does not want them learning and forgetting and so future involvement on different levels will follow after the course is completed. Certifications will be awarded to each student that completes the course and passes a final hands-on test.

The training and development course will introduce them to the world of IT Security and all the factors that are in and around it. They will have hands-on access to the latest and greatest security hardware and software products ranging from Biometrics, IDS/IPS, UTM “Unified Threat Management” devices, anti-virus, anti-malware, firewalls and general IT products that are available today across the various operating system environments. This is an extension of our Secure Minds Initiative where we are trying to get the integration of IT Security into the school’s curriculum to enhance the preparedness of this needed area of specialty for the future. We need the realization of IT Security as a people problem to be one that resonates across all borders and cultures. We are on the brink of a global network catastrophe if this realization is not understood.

Through ENGAGED, we have negotiated special vendor pricing and offers to help get the needed security products and solutions out to the general public. As this have been a major issue for many, we are always working on ways in which to bring the networks power to use in negotiating special programs, offerings and incentives from the vendors for our initiatives. A part of our Secure Minds Initiative is to provide security products and solutions to the schools and this will help to make that more readily available through special programs we are hosting there. We are reaching out to our local government resources to funds this initiative through grants and other financial resources in an effort to minimize the costs and offer the products freely when and where we can.

To the business community, ENGAGED provides the needed sales, support and training and development to better prepare you, your company and employees to deal with the issues of the IT Security Threats Landscape. Leveraging our network and resources will be beneficial for you as we provide in-house training and development workshops to further build on this. As your local technology/security professionals, you can reach out to the network to find a resource in your area that can and will work with you. We have customized solutions that will work for you and your company no matter the size or location, if we’re needed, we’ll make it there.

With so many resources now being forced online even from the government levels, using the internet and its resource is now a mandatory issues as local offices and resources are being cut as this new online presence becomes more useful. That being said, the use of the internet and its resources has increased significantly over the past year as social networking and other social media have played a key role in this new age of collaboration and networking. The future belongs to networkers and if you’re not a part of the new trend one tends to feel left out when asked if they are on a popular network like Facebook, Twitter or LinkedIn.

The present economic crisis adds a dire need for this engagement as more people are using the internet resources for job hunting and finding new homes to live. This is just the start of a change that will never go back to what it used to be, the internet is here to stay and is more than what it used to be 2 years ago.

TITSSN activates the ENGAGED initiative on April 1^st 2009 with a series of kick off events for the month. On April 9^th at TITSSN’s monthly meeting at the Microsoft Briefing Center in NYC, president/chairman/security attaché Mr. Brett A. Scudder will officially present the initiative to the organization and outlining a few additional aspects of it and how it will be executed. He will also cover the members ENGAGED aspects as well. Registration is open and available here http://www.clicktoattend.com/?id=137146.

On Monday April 13^th from 3-5pm, TITSSN will host a local reception at our office at 331 Beach 70^th St, Arverne, NY, 11692 to highlight some of the technologies that will be a part of the initiative. This is a RSVP/registration event. Interested persons are asked to register here http://www.clicktoattend.com/?id=137140.

The first ENGAGED members Live Meeting session will be on Wednesday April 22^nd from 7-9pm and the info will be sent to active members.

As food and refreshments will be provided at our local meetings and events and we need to ensure that we have enough to cover our guests so registration for these events is a must.

Thank you very much and have a great day.

TITSSN ~The IT Security Suite Network~

We are Security – your Security – our Security – IT Security. Our Security is Safe and Secure.

Reminder – TITSSN’s March 22nd online security webcast – Security is not an option, it’s a must starts at 7pm sharp.

Brett A. Scudder — Sun, 22 Mar 2009 16:29:06 +0000

TITSSN’s March online security webcast – Security is not an option, it’s a must. Five overlooked ways of securing your systems effectively.

Please take 10 mins prior to the start of the webcast to configure and setup the Live Meeting session before joining the meeting. This way you’ll be good to go for 7pm. I start at 7pm EST on the dot.

Sunday March 22^nd at 7pm

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

As technology continues to grow and the increase in new products and solutions become inundating, we’re seeing more avenues of risk associated with this growth across the board. On Sunday March 22^nd at 7pm we will be taking a look at five critical ways in which we sometimes overlook securing our systems and end up becoming compromised.

Whether this is a home or business system, security is not an option as you never know if or when this system may be used to cross the line. This webcast will give a detailed look at these five issues that have pervasively increased the risks of the threats landscape with little or no interaction from the end user(s). The threats are the same across the board so all are affected.

This will be a live meeting session that offers the needed interactivity (voice and video) for getting the message across effectively.

All are invited as we continue delivering our education and awareness initiatives on/about IT Security and it being a people problem, not an industry one.

—————————————————

When: Sunday, Mar 22, 2009 7:00 PM (EDT)

Duration: 1:00

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

Brett Scudder has invited you to attend an online meeting using Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/usergroups/join?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz

Meeting time: Mar 22, 2009 7:00 PM (EDT)

Add to my Outlook Calendar:

https://www.livemeeting.com/cc/usergroups/meetingICS?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz&i=i.ics

——————————————————

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs

President/CEO/Chairman/Founder/Security Architect

~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs

Follow me on Twitter http://twitter.com/TITSSN

The MESS is coming, counting down to May 19th 2009

Brett A. Scudder — Fri, 20 Mar 2009 03:57:25 +0000

Hi all

So it’s that time of the year again and the promotions and marketing have been underway for our MESS ~Mobility/Endpoint Security Summit~ coming up on May 19^th 2009 at the Microsoft Briefing Center in NYC. This year we will be getting a look at the upcoming Windows Mobile v.6.5 and 7 and some of the hot new gadgets and devices out there. With the new Netbooks and Smartphone’s a hot item on the streets we’ll be doing a feature and possible giveaways at the event.

Of course we will be having a special guest speaker and Mr. Ernie “Ghostbuster” Hudson has confirmed that he will be with us again this year. He happens to be filming a new movie in NYC at the same time so that’s even better for us. So exciting.

You won’t know unless you attend so hey, reserve your seats as soon as they become available. Registration opens on April 19^th.. Seats are limited to 250 people on a first come first serve basis so you know the deal.

Anyway, I have to start phase two of the event planning and marketing so look forward to seeing more info and updates on MESS over the coming weeks. Here is the event page http://titssn.net/mess.

The countdown begins NOW……….

Thank you and have a great day,

~Brett A. Scudder~

The IT Security Attaché

My LinkedIn Q&A – At what age should IT/Internet Security and best practices be taught to youths? Do we see the internet as a threat to them?

Brett A. Scudder — Tue, 03 Mar 2009 00:37:52 +0000

Good day to you,

With technology becoming a more integral part of our everyday lives and more gadgets, devices, and electronics being converged on the information superhighway (World Wide Web ), at what age do you believe we should start the education and awareness of IT/Internet Security for our youths in the school systems?

Things like,

How to browse/use the internet safely,
Instant Messaging security and best practices
Social Networking security and best practices
Mobile security and best practices.
Online predators and how they target children and how to be protected from them.
What is are viruses, worms, trojans, spyware, malware, blended threats?
What are web attacks (like drive-by-downloads) and how they are orchestrated?
What is social engineering?
What is phishing?
What is SPAM and why is it being used today?
How do these threats proliferate?
Secure messaging implementation and use.
Defense-in-depth – definition, purpose and maintenance. Anti-virus, anti-malware, firewalls and intrusion detection/prevention.

Our Secure Minds Initiative is about integrating this level of training and education in the school’s curriculum and I wanted to get your thoughts as adults, parents, educators and professionals on this matter. I have seen 10-12yrs old who can hack into a network and do some serious things that IT Pros in their adult years can’t.

Why not nurture this knowledge and ability for good?

Please make note that I didn’t ask if it should, I asked at what age should this be done signifying that I believe it should and i’m for it. Imagine having our youths graduating from high/middle schools with this advance early knowledge and what contributions they would be to the IT field. Even if they don’t become IT professionals having this education and knowledge will help any organization they join stay more secure.

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/394739-3071950

My LinkedIn Q&A – Security/Privacy Awareness # 1 – When/Where/Who should I give my social security number to and why and what are the impacts of doing so? Are there any protective laws in place?

Brett A. Scudder — Tue, 03 Mar 2009 00:31:04 +0000

Good day to you,

Here is another education and awareness question in my series on the use of your social security number today.

Ever since the financial crisis has begun (which isn’t just today, look 18 months back), more and more people have been trying to avert the issues and impacts of the job losses and downturn in the economic trends. For this reason, they have been opening themselves up to more “risky business” opportunities/ventures in the name of finding a job or making some quick money to pay the bills and put food on the table. This is a bad sign of worse things to come for these people and by us taking a look at this now we can help educate others.

As more people are jobless the use of the internet increases, it takes away the human face-to-face elements that would help to validate the business or offerings/opportunities. More job sites/opportunities offering the hopes of new jobs/loans with a request for signing up with personal/private info is only a fraction of the bigger issues.

This has lead to an increase in identity theft and the loss of people’s personal/private information that trickles down to the core of our lives. As the economy will get worse before it gets better and more “rescue” opportunities/offers are being circulated, one can only imagine the dramatic increase in phishing and social engineering scams that will come about as a result of the new stimulus package and government initiatives. Sometimes we give up this information because we don’t know how/where/where to do so and then it becomes an after the fact issue. We will address the identity theft education and awareness issues later.

So, let us take a concerted look at when/where/who should I give my social security number to and why, and what are the impacts of doing so.

Are there any protective laws in place for it?

Your thoughts/feedback/input.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/417629-3071950

My LinkedIn Q&A – Your thoughts – “Report Calls Online Threats to Children Overblown”. What do you think, is this for real or not?

Brett A. Scudder — Tue, 03 Mar 2009 00:21:10 +0000

Good day to you,

When I see an article like this I tend to sit back and go wow, where have I been living and what have I been seeing/hearing or, am I in denial to the truth. I have always said that we, the people in the field who live and die working in the field, have always seen thing different from the people in these high level positions and is why they fail to implement the proper things needed because there is in synergy between us and them.

It’s like a cop on the street who has to deal with the everyday violence and issues but he’s able to quell them and bring peace in his areas because he’s know and knows how to deal with people. While these issues are real and happening everyday they don’t get reported back to the precinct and so the captain (or seniors) thinks all is well and can say that there district is not violent nor has issues like anywhere else. It’s not that you don’t have issues, you’re just not getting the info about them because they are not critical enough to report in or cause a major stir. Yet, unchecked, the high profile ones are added to the statistics and generate facts.

They don’t come down to our neck of the woods and talk with us to see what is “really going on” in the world, instead, they use statistics that is published by some agency or group. Well, I must be in denial because I truly see this as a growing problem and have talked with parent/student alike who have been victimized online to the point that it affects their offline experience/life.

So, before I get carried away in myself and this issue (as it really upsets me), i’d like to throw this out to this professional’s network to get your real professional insight/thoughts on the report of the report.

http://www.nytimes.com/2009/01/14/technology/internet/14cyberweb.html

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/398900-3071950

Follow up to TITSSN’s NYITSA-UG’s January 8th 2009 group meeting on Virtualization and securing it.

Brett A. Scudder — Wed, 14 Jan 2009 17:21:44 +0000

Good day to you,

First I want to say many thanks to Mr. Hamlett for coming out and spending the evening with us to take an in-depth look at the Microsoft world of Virtualization. Thank you sir.

I also wanted to say thank you to those who came out to the meeting as
well.

I wanted to send a follow up of our meeting last week and share two presentations that were offered. It was an awesome session and Mr. Hamlett gave us a good look at the Microsoft virtualization/Hypervisor setup, config, security infrastructure and why this is becoming a major adoption for many organizations.

Mr. Hamlett also linked up with Steve Riley who is a world renowned security guru at Microsoft and we had the opportunity to have him on the phone to talk more about any questions or issues we may have in understanding securing Virtualization. The timing was a bit off as he was travelling and the planned time of his availability was thrown off and so we’re going to schedule a conference call with him do any questions/concerns/issues will be addressed for you.

I will be posting a thank you on his blog here http://blogs.technet.com/steriley/ and i’m asking for a few comments of thanks from the group as well. I want him to realize that we apprecilove his time and effort to work with us and to be a resource for us if/when needed. Please take a minute to say thank you from TITSSN.

Here is the video of his TechEd presentation on virtualization and security http://titssn.net/events-archive/Jan-2009-Virtualization/. I decided to share this with everyone as it is a major topic of interest across the board. I am sure you’ll see and learn a lot of interesting things from it. We had an awesome discussion around the presentation that Mr. Hamlett did an awesome job of sharing some insight, recommendations and guidelines on. The Virtualization_SCVMM PPT is one that Mr. Hamlett presented at another location and he decided the content was appropriate to share with us as well.

We will have a follow up hands-on workshop where we’ll be building out a virtualization infrastructure from the ground up so please stay tuned for that update. I’m working on that for our February training and development workshop so as you can see, were putting a lot of quick time and attention to this. This year we’re focusing very heavily on this area of technology and you’ll be seeing a lot more on it.

So, please remember to say a little thank you to Mr. Riley ok.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

An article I contributed to for Inc Technology, “2009 Tech Security Forecast”

Brett A. Scudder — Fri, 09 Jan 2009 18:08:36 +0000

Hi all,

I’d like to share an article that I contributed to for Inc Technology about the “2009 Tech Security Forecast”.

Please take a read at your leisure.

The article is here http://technology.inc.com/security/articles/200901/forecast.html

Thank you and have a great day,

The IT Security Attaché

A serious state of security – The loss of one’s private information and its effects

Brett A. Scudder — Tue, 30 Dec 2008 23:43:50 +0000

A serious state of security – The loss of one’s private information and its effects
Reposted from my forum post on June 21st 2006

Over the past year we have seen a tremendous growth in the proliferation of threats and attacks aimed at the human intelligence level. These threats have been growing at an alarming rate and it is surely due to a lack of knowledge and awareness of the general public. Gone are the days when we have to worry about viruses, worms and hacking being a major pain and something we all feared, now the phishing scams and social engineering methods has become the primary household name showing its nasty head to consumers and businesses alike. It is only through knowledge and awareness of these issues that we will beat these methods of infection and propagation.

While talking to people on a daily basis, it is very clear that the general public tends to shun a blind eye to these issues and thinks that it will not and cannot affect them as individuals. While this is surely not the case and is one of the (if not the) main reasons why these high profile and very cunning methods of human attacks are so much a high risk, people simply do not take these threats seriously today and I will try to shed some light on these issues as i’ve done so over the past few years.

Over the past 2 years we have seen and heard more and more about “phishing” and what it is and the methods of attacks. While consulting with the FBI’s cybercrime division and talking to them about the ways in which they address these issues, they have been overwhelmed by people who have fallen victims of these scams and it’s just a matter of simple common sense. A “phishing attack” can only be successful if the intended recipient is not aware of such a scam or is tempted by the “too good to be true” offer presented.

Why would someone want to invest millions of dollars in you and you’ve never met them, never heard of nor seen anything about them and they throw these millions at you with a mere $25,000 investment on your part. Surely that would catch the attention of anyone looking to get past that life of always being broke or always wanting to take their lives to the next level but was always financially strapped down or stressed out.

Ask yourself, why is the president of such a major organization or country want me of all people to do business with and for them and not have to commit to any signed agreements stating the terms and conditions of the deal.

Why is this major financial institution located in some far region of the world choose me to be the one to work this deal for them, this surely seems odd and should be a cause for concern but yet still, unchecked, they buy into the scam and get burnt. Some people have invested thousands of money into these false deals and it’s after the fact that they realize the severity of their doing.

Common sense should have stepped up and said hey, wait a minute, do I know these guys, what do they want with me and why are they asking me for this payment to buy into such a sweet deal, hmmm, this is suspect.

Instead, the opposite happens and you see the $25,000 vs. the millions that are presented in the offer. Hell yea, of course it’s human nature to see the vastness of the offer vs. the small percentage of the buy in payment. If someone came to me right here and now with that very same offer and I knew of and about them i’d do my lil research and then by all means i’m almost sure i’d buy into it. But this is far from the case. You will not find a phish that extravagant locally or nationally because there are so many ways that you can look into that situation to know if it’s legit or not, sometimes the deal is so sweet and looks so good and even after researching it it’s still a hoax, so what do you do.

Do not get suckered by these offers and these too good to be true deals.

If someone came to you and told you they were selling you a 10 million dollar winning lottery ticket for $25,000 what would you do?

We need to think about these things and weigh in on the validity and chance it takes to make such a move.

I’ve seen too many people burned by this and it’s always the same story over and over. The FBI gets so many of these cases that they have to tackle them in bulk due to how many they are.

So, what is “phishing” and why is it so prevalent today with such high success levels?

Phishing is a method of deception by means of appealing to the human intelligence by presenting something of value that is not legitimate or true.

I’m sure everyone by now has gotten some kind of email from financial institution stating that their account need to be verified or updated and that they need to log into the server to do so. When logging into what you think is the financial institutions server you’re actually logging into somewhere else or someone else’s server. This being the case your information is now in the hands of someone other than yourself who can use it for any means necessary and thus you’re just been “phished”.

So that’s in essence the real overview and look on the phishing scene.

Next we have the social engineering techniques which are very similar to “phishing” but can also come in the physical form.

Someone comes to your place of business and tells you they are the CEO of the company from headquarters in DC and they are here to meet with the rest of the management team and they need access to your network, infrastructure or office. This normally gets people arouse due to the fact that he/she is the CEO and you don’t want to mess with that person or else, so this person comes in under false pretenses and gains the access to internal private and confidential business information and property that should never be given out to anyone outside of the company. By the time you catch a with what is going on that person has gathered all the needed information and left with it, now that information is being circulated on the internet and your company is being sued and dragged through the legal system for that reason.

Who is to be blamed?
What went wrong?
Could this be avoided, if so, how?

These are valid questions to a real life issue that happens on a daily basis. A helpdesk representative gets a phone call from someone claiming to be the CTO or CIO or some other C-level executive of the company. He is traveling and for some reason cannot log into the network and so he’s calling the helpdesk to have them unlock his account and help him through the log in process. The helpdesk individual knows the name of the executive and so tries to validate the credentials that person is using to gain access to the network. If this is a person that has done his homework he may know the login name but not the password and so he most certainly tell the helpdesk support rep the login info but states that he can’t remember his password. Now the helpdesk person feels this info is good because the login username is correct and so that person should be who they are and so he/she proceeds to ask for some additional information such as full name, address, last 4 digits of the social security number or the employees unique company ID #.

All these information can be had by various means and so this is nothing for a person performing a social engineering attack to gain access to. So validating all the info the helpdesk rep now changes the password and helps the user to gain access to the network and its resources. Being a C-Level executive you can just imagine the access and information available to he/she once they are logged in and authenticated on the network.

I’ve seen organizations where the helpdesk gets so scared when a C-level executive calls in with a support issue that they just need the name and some info in order to quickly expedite the support issue and get that person on the way. This is wrong and presents many critical vulnerabilities and should be addressed immediately.

Social engineering like phishing can be stopped and mitigated by user awareness and knowledge. Policies, practices and measures can and should be put in place to offset these methods of attacks. Companies should spend more time going over scenarios like these in order to get the support people alert and proactive to these issues.

Identity Theft

Wow, now this is a growing issue that is even a bigger problem due to the arrogance of users thinking they are not affected nor will they be affected by this issue. Most of the victims i’ve spoken to had no clue they were victims of such an attack until years after when the person who did the wrongs simply missed a payment or 2 and now you’re caught smack dead in the middle of the scheme of things. At that point it is already too late because you have been victimized for years and now that you’ve found out about it is way too late, the damage has been done. The most unfortunate part about the Identity theft issue is the fact that the information will still remain on your credit for the full term of the cycle and you have to hope to God that the person was keeping up on their payments and so the credit standing was good.

I recently met a lady that just found out that she was the victim of an identity theft scam after years of being used by someone else, fortunately for her that person was keeping up to date and current on the payments and so that was generating good things for her report. How she came to find out about the theft is one of the credit card companies called her asking to make payment arrangements for a past due balance she had and when she continued to deny the claims she came to find out the sad truth about the whole situation. There was a car, an apartment, credit cards and other things in her name and she had no idea about it.

Let me tell you how bad this can get and for how long you can be screwed by such a nasty issue, yet still, there are simply ways for protecting yourself from things like this. These days with the privacy issues and concerns surrounding the selling and use of your private information it is so easy to find or get information on or about you on the internet that it’s not even funny. Don’t worry about the information, worry about the use and abuse of it. It’s like worrying about doing online shopping and using your bankcard and credit card online when the banks all have that very same information online and that’s where the accounts were opened and are kept.

I recommend a credit monitoring service for you, your spouse, your children (yes, your children as well) and anyone with a valid social security number. These credit monitoring services do a very good job of keeping you alerted and updated on any happenings with your social security number and credit. I personally use Credit Expert and I have found them to be very good, very quick to alert and very detailed as to who, what , where, why and when anything affects my social security number and credit. I highly recommend the service which is a yearly fee but it is very much worth it and should be looked into.

When you think about the long term effects and heartaches that presents itself from a identity theft case the yearly fee associated with these services is well worth it. Go get it NOW. There are quite a few good ones available but they differ in offers and benefits. With Credit Expert I get a free credit report every 30 days if I want it, I can log in and have a look at what is on my credit, who I have credit with (if any), what are my reported balances and the contact information for the creditor. I have found this to be a very valuable and needed resource and I recommend it.

How can my identity be gained, lost or acquired?

There are more ways to lose your identity than it is to prevent it from being lost, as I said before, don’t worry about losing it, worry about the use and abuse of it. Someone having your private information such as your employer, a company that you did business with, a place you went to apply for a job and had to fill out an application form that had all your info, a utility company that you had to subscribe to for their service, so many ways of giving your information out, don’t worry about the info, worry about the use or abuse.

I remember seeing an article in 2005 where a nursing assistant had a patient in the hospital and he though the guy was going to die and so he took the patients information and started using it, he got credit cards and other things in the name of the patient and was doing good until the patient didn’t die and so after coming out of the hospital a few months later the patient started to see strange things and collection notices coming to him. After contacting the authorities and turning the matter over to them and they conducted an investigation they found out it was the nursing assistant, wow.

Don’t worry about the information, worry about the use and abuse.

I had started writing this article a few months ago after seeing what happened with that patient due to the theft from the nursing aid but with all the things that were going on I was just consumed in consulting issues with people who were affected or became so afraid of these issues that they don’t even want to face the reality of it.

I am sure by now everyone has heard about the data loss issue of the 26 million U.S. VA members which has sparked a whole sleuth of privacy issues, regulations and laws at the highest levels. This should not have come as a surprise to people because over the past year we have seen data breaches and identity theft problems at the highest levels of government and business. Everyday there is a new breach reported from some major financial institution or organization and with that comes the fears about what will happen next. The biggest problem with this is, how long ago did the theft/loss actually occur?

You’re being advised of the breach now but how long ago did it happen and to what extent of breach did the victim actually get. While that is the bad part of the situation the better part that saves us from the real effects of these issues is the alerting and monitoring services like Credit Expert, True Credit, Equifax and the other credit bureaus. They will alert you of any possible use of your social security number way before the company that was breached discloses the loss of the data depending on the use of the information that was lost. In some breach cases the information is never used but it’s better to be safe than sorry. I implore you to look into these services for yourselves as the time from alert to major impact on your credit is just a matter of you stopping the issue.

My next look at this issue will go into the methods of securing your data that in the event of data loss it is secured.

A few articles of reference.
IRS Laptop Lost With Data on 291 People
Laptop theft compromises Hotels.com customer data
VA data loss could prompt federal privacy law
VA to Recall All Agency Laptops
Personal data on millions of U.S. veterans stolen
Phishing scam uses PayPal secure servers
Trojan horse captured data on 2,300 Oregon taxpayers from infected gov’t
PC
Congress to Look at NSA Database of US Phone Calls

And I leave you with one of my favorite security quote as of lately, Don’t fear IT, Fear the “G” (Google)

~Brett A. Scudder~
The IT Security Attaché

Welcome to the world of my IT Security Education and Awareness Initiatives

Brett A. Scudder — Mon, 15 Dec 2008 03:01:02 +0000

Good day to you and welcome to my personal web infrastructure.

Over the past 12 yrs I have been an advocate, liaison, community leader, professional (IT and non IT), technology advisor and voice for the promotion of more IT Security education and awareness across all levels of our infrastructure (people, processes and technology). It has been my belief that IT Security is not an industry problem but a people one as the impacts, issues and effects trickles down through very layer of our infrastructure and hits the core, the people and their lives. It is for this reason that I have been in the pursuit of fostering more educational and awareness programs and initiatives towards this effort which has awarded me the role of the IT Security Attaché.

In this role my goal is to create new security enhanced, feature rich and motivational education and awareness programs/initiatives for all levels of our infrastructure so that we can be a more connected and secure minded global network as technology becomes a more integral part of our lives and the ways in which we live, work and play today and, for the future of tomorrow’s converged network.

As president/chairman and founder of The IT Security Suite Network this has become an integral part of who we are, our mission to the world and our promise of delivering this education and awareness across all levels. I have enacted specific programs and initiatives to focus specifically on providing more IT Security education and awareness in the lower and middle schools so that our youths growing up in this new technology age can be more aware and educated to the threats, risks and effects of this awesome resource the World Wide Web/Internet.

Programs like our Secure Minds Initiative are specifically targeting the school systems to integrate IT Security as a part of their curriculum vitae and making this needed information and resources available to our youths. In making this dream come through I have been partnering/working with people across all industries, markets, cultures and geographies as IT Security is not specific to who, what, where and when and so we must treat it that way in order to properly contain and understand it. Our Adopt an Institution program was created to allow us to work more closely with selected schools and their technology departments to foster this specific focus on IT Security and the IT Security Threats Landscape and it impacts and effects. To compliment this initiative and added an additional layer of value, we also started the first industry specific IT Security Scholarship program which rewards those students whom we deem as serious about pursuing this role in the IT field with financial support/backing and rewards.

This site will serve as my personal agenda, updates, work, mission, objectives and bio. It will host a more personal resource of me and my resources as I integrate the various organizations and programs I am involved in and enacting on this mission of IT Security education and awareness. I will be working on making it more structured to be the center of my world and you will be able to get access and information to the world of TITSSN.

So why am I doing this?

Well, this has been a mission for me for many years and I have been slowly developing, enhancing and building on it in various ways. I had to do this because there were so many gaps that needed to be filled in getting the message, education, awareness, support, services and needed resources and a way to aggregate them into one so that it can be channeled out in the right way across all people regardless of industry, company size/type/location/verticals in a way that was understandable to them. I have been asked to provide guidance, assistance, recommendations and support for individuals, businesses and others on security related issues/topics and so earned the titles of doctor, advocate, ambassador, savior, friend and resourceful.

When one looks at the IT Security Threats Landscape they get a sense of wow as to how much information, variables, threats, impacts and effects that it comes with and then it becomes a daunting task of figuring out where one fits into the mix. A part of my day to day responsibility is looking at these threats, their impacts, preventative measures and the many variables they come with and what they affect, and be able to align them in the proper ways against their targets. It is easier for someone to call me with a situation and ask for guidance of some kind of feedback/input that for them to try and figure out or align these themselves. So I become a conduit for aggregating all the info and then channeling them to people as per their environment, situation or cause for concern.

What makes me different from other professionals/leaders?

Where many have failed, I have been able to master the challenges I have before me in delivering my security education and awareness initiatives. My biggest challenge however is time and being in various places at the same time. This is why I use the internet and its resources as my gateway and means of travel unless a physical presence is indeed necessary. The path of security education and awareness is one that requires an unbiased and open means of communications, collaboration and networking, as all are affected and must be guided and provided with the same information and resources across the board. Some security leaders/professionals create this barrier around them where they become unapproachable and discouraging to those who are in need of their guidance and support. This creates unnecessary challenges for them in delivering their initiatives as the target audience is driven away by their attitude and egotistical behavior.

In my mission of promoting this education and awareness I have created free monthly events, workshops, open forums, training and development sessions to provide a one on one personal outreach for people. This personal outreach puts me as the security attaché in the direct path/presence and reach of anyone who is in need of guidance, support and mentoring. I was never one to push anyone away and I welcome all into the fold as we strive towards building a secure global network for our future and the generations to come.

I look forward to an exciting and feature rich year in 2009 as I brace for an increase in my workload and integration with other organizations and entities.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

http://theitsecurityattache.com