jump to navigation

Serious Security Threat or Marketing Ploy? – WSJ “Night Dragon” February 10, 2011

Posted by wastedspacer in 1, Global Industry, IT Security, Notable Incidents, Political Issues, Rants, Spam, SPIM and other annoyances, Technologies.
1 comment so far

According to a report from the Wall Street Journal – on “Night Dragon” attacks:
Oil Firms Hit by Hackers From China, Report Says

How convenient for something like this to turn up the week before RSA! Seemed like an important headline and I suspect some additional news coverage could have been imminent given there was even a scrolling ticker about this on a couple of the local TV News channels this morning. Unfortunately for whoever thought this was a perfect time to disclose they got usurped by the Egypt breaking news alerts!

The McAfee PDF report is an interesting enough study however, there appears to be a number of shortcomings in the analysis, far too much circumstantial intelligence and many disclaimers of actual allegations. Furthermore “Night Dragon” is merely McAfee’s selected report moniker for their particular identification of a threat-bundle. Symantec, Microsoft, Trend, Sophos may select the same individual threats but call them different names and may not pull them together into a creative study such as McAfee sponsored. A couple of virus definitions are highlighted identifying known threats several months ago from May and August 2010.

I’m always skeptical when a security products company does a periodic security driven “the sky is falling” in-depth analysis. There may indeed be some bread crumbs of significance, my main concern is that it could just be another thinly disguised “wag the dog” company visibility increase exercise.

My more cynical side suggests that perhaps this is an effective security company marketing strategy that undertakes a “scientific” study around high-visibility targets, periodically wave a headline comprised of: (insert enemy state here) hackers attack (insert newsworthy Western iconic industry here) Gigabytes of data and trade secrets stolen. Then add some vague traffic analysis to show the volume, where it’s going and who’s allegedly controlling it, who knows, maybe some US bank or oil company outpost had been leveraged and was being unwittingly used as a Chinese/Ukrainian managed BitTorrent host for illegal videos? Or is it really corporate sensitive bidding information and active well log data? Without concrete proof in-stream or at the endpoint, any possible botnet C&C and network findings results would show pretty much the same data stream which could allow any security company to allege such a finding without actual proof.

We (or at least corporate executives as the target of this info when escalated to the lofty heights of a WSJ article) certainly appear to fall for it every time and then demand answers around what their internal security experts intend to do about it? Of course in the shadow of “cry wolf” warnings , once in a while there really are dire and present issues that require immediate remedial action so those security experts always have to remain vigilant but circumspect.

Perhaps if we (and apparently the WSJ) are really concerned about threats from “Chinese Hackers”, we should also address the oil industry “best-practice” of off-shoring to low-cost-geographies and perhaps consider that hiring an increasing number of our Western petroleum engineers and geologists from Chinese universities may pose a more insidious threat in the potential espionage space over the long term? We certainly should take security integrity and sustainability in mind when chasing the almighty short-term efficiency and cost savings fuelled drive to top ratings supporting the investors on Wall Street itself.

On a positive side, the WSJ article cited the attack vectors were typically via Microsoft vulnerabilities so companies that take an aggressive stance towards rapidly applying patches to help obviate threats. McAfee and Sophos share threat signatures so in this particular case where the detection was spearheaded by McAfee, at least, customers of these companies may enjoy a slightly better level of immediate protection and thus should benefit from any behind-the-scenes patching that McAfee had put in place to mitigate these threats. I just cant help wonder when Symantec, then Trend, then Kaspersky will see this approach as a “winning” strategy and start spinning their own versions perhaps “Soup Dragon” or “Nuts Dragon” analysis variations?

This seems like an ideal opportunity for security personnel to put in place better detection systems beyond IDS/IPS. Perhaps including honey-pots to at least be in a position to identify the liklihood of actual inside-the-perimeter threat activity. Furthermore, they will be able to consistently state whether they are being actively targeted over time and how frequently. Those metrics could be easily accumulated and used to not only track down current threats but also provide a current state report to executives when these kinds of issues are raised by the media.

In the meantime it’s ok to cry “wolf” (or depending on your security company’s naming convention: “loup”, “mac tíre”, “भेड़िया”, “الذئب”, “lupo”, “úlfur”), CVE goes a little way towards individual definitions but would help if anti-malware security companies got together and agreed upon a common name or at least resolution for a collection of threats from a suspected single source.

ATT U(seless)-Verse October 15, 2009

Posted by wastedspacer in 1, Business Directions, Rants, Technologies, Technology Drivers.
Tags: , , , ,
1 comment so far

Years of adverts, one mile from ATT’s HQ, in 2014 we have U-V Internet but no U-Verse TV in ATT’s own backyard!

Consider the hot summer of 2007 in San Ramon California where AT&T begin a riotous assault on our senses offering a wonderfully fast TV/Internet/Phone service dubbed U-Verse! Excited at the thought that at long last, the fiber channel was finally here and I could get a piece of it. We quite literally live on the doorstep of AT&Ts Northern Cal Headquarters which I can even see from my back-garden.

Ever since moving to San Ramon, I have been a loyal PacBell, er SBC… er AT&T customer thoughout the years and have been an early adopter for ISDN (Project Victoria) and then one of the first DSL subscribers.

Expecting that AT&T would again roll this out to their local community first may have been a little premature but I went to the web site, popped in our phone number and sadly receive the message:

We’re sorry. Currently, AT&T U-verse service isn’t available for the address associated with this phone number:

*sigh* but I dutifully sign up to be informed as soon as U-Verse is available, the general sentiment from the advertizing was that it should be within months so I believe I can wait. I hear reports from new housing developments and other cities that are happily getting their U-Verse but still not the loyal AT&T customers in their back yard.

I am under a constant barrage of eMail asking me to sign up for U-Verse all the way through to the summer of 2008. AT&T continues to pump out millions of dollars to advertize in magazines, on the radio and TV waving the flags of U-Verse successes all over the place, but not in our neck of the woods 😦 Again, I am constantly invited to check to see if we can have access.

We’re sorry. Currently, AT&T U-verse service isn’t available for the address associated with this phone number:

Another year goes by with the constant battering of advertisements from AT&T amid the tortoise and other ATT denigration “Slowski” campaigns from their chief rival – Comcast. Again and again I check my telephone number and sign up for “tell me when U-Verse” notifications. I constantly hear of freinds and colleagues that are getting their U-Verse connections all over California (even remote parts). Still no sign of U-Verse again in our part of San Ramon 😦

Finally, well over another year later, I am hearing more pitches and received yet another series of Email requests to sign up for U-Verse. Once again that disappointing phrase comes up:

We’re sorry. Currently, AT&T U-verse service isn’t available for the address associated with this phone number:

I have no idea why AT&T can’t either get its act together and deliver its promise -or- tell its back-yard neighbor customers what technologies, process (or politics) of the local town infrastructure has been blocking our ability to recieve this service? It just seems that if a company wants to be commercially successful the LAST thing they should be doing is shouting availability from the rooftops where there seems to be no capability to deliver it to much of the audience!

One of these days, AT&T might eventually wander up the hill and connect us or maybe we’ll see the Verizon guy with the glasses appear instead?

Ah well, should I again don the pink glass spectacles and chant: “all I want for Christmas is High Speed Internet (That doesn’t involve Comcast)”!

*** Update Feb 2010 ***
STILL NO U-VERSE GOOGLE – Please connect San Ramon to your Fiber link and sock it to ATT 🙂

**** News Flash March 2010 ***
I was informed by a workmate that ATT Is cutting up roads and digging huge long trenches only a few miles away in Dublin. Wow – could this finally be some high-speed fiber closing in?

NOT A CHANCE *sigh* After my colleague asked the works foreman if that was fiber being pulled the answer was NO JUST REPLACING THE COPPER – AAAAGGGHHH!! ATT what is wrong with you, if you are digging up roads why oh why are you NOT putting in fiber for goodness sake??? Is it as simple as you ordered a load of copper ten years ago and have to bury it somewhere??

*** Fast Forward –  May 2014 ***

Now I have both Comcast/Xfinity (Cable) + a worthless cable-box bypassing the most excellent tuner in my TV AND AT&T/DSL internet connections in the house and they are equally disfunctional, outrageously wasteful customer-disenfranchising organizations. We did briefly sign up with Direct-TV (with a view of displacing Comcast TV) but alas the only workable but enlarged (due to low-azimuth/weak signal) dish placement was right over our backyard deck and seating area. The cancellation process was a breeze, I have to say that the Direct-TV marketing and service personnel were exceptional however I fear that will be severely diluted when mashed up with the AT&T marketing machine 😦

Unbelievably 5 years on, ATT continues the onslaught of marketing, endless telemarketing sales calls, $4 Million spots at the Superbowl, fliers. Reportedly the annual marketing budget for AT&T  is $2.36 BILLION (albeit slightly less than Comcast’s). Add to that the massive many $BILLIONS war-chest of cash used to buy Direct-TV matching Comcast’s insatiable appetite to buy the competition. Customers should ask (of both companies) after all this what is left  of their subscription to actually provide some form of value added service?

At least we can now get ATT U-Verse Internet (I don’t want/need voice)  but no TV (though I can’t wait to start getting the ATT/Direct TV marketing crud – yeah right!)  but I can still see the ATT regional HQ from my back yard. I understand a number of the employees there are being laid off or shifted to Texas? Perhaps that HQ has a questionable future.

(Twitter: MPWA)

Thought for the day before I hop on my bike! August 11, 2009

Posted by wastedspacer in 1.
add a comment

Never blindly accept someone else’s rhetoric! Even when someone gives you a perfectly reasonable answer to a question. Remember, they are not you so always assume there’s still some work to do to achieve understanding! That way when you need to act you will jump on YOUR bandwagon and NOT THEIRS!!!