Cisco Blogs

Cisco Blog > Security

Hacking Small Businesses

I’ve talked to many small business owners about security over the last several years, first as a professional serving that segment and later in casual conversation with friends and business owners in my local community. One question that comes up time and again is “Why would someone hack our computers? Who would even know we exist?” That question has had different answers over the years, and varies depending on the likelihood of targeted attacks versus untargeted ones. Some businesses get by just fine with automatic software updates, strong passwords, and a firewall. Others need more control over their environments, but the attackers have never lost sight of their goal. For the intruders, it’s all about getting what they want and finding out who they can get it from as easily as possible. And these days, they may be taking aim at small business. Read More »

The Check Is Not In the Mail

A bank in the United States, USAA, recently announced a new way their customers can deposit a check into a bank account: capture images on an iPhone and transmit them using an application provided by the bank. In fact, USAA has offered the capability to deposit checks using an ordinary document scanner for several years. Of course, scanners don’t fit in your pocket or purse and are connected to a more traditional personal computer — hence most of us are likely to trust the security of the scanner-based solution because it utilizes technology that has become familiar through regular usage in a variety of ways. More specifically, few people question the security of the transaction when they are able to view the lock icon in their browser while connected to their bank.A cursory read of USAA’s terms and conditions suggest that the security (and potential misuses) of the iPhone application have been duly considered. Indeed, USAA is planning to expand the capability to other popular ‘smart’ phones as well. Given the number of publicized security incidents at financial institutions in the last couple of years, does this have the potential to become another vector for miscreants? Read More »

What Makes a Security Website Valuable To You?

It seems like the amount of security information about new vulnerabilities, threats, and attacks is increasing weekly. Staying on top of this information while still getting other work done can become a real challenge. Network World rated the Cisco Security Intelligence Operations Portal one of the top twenty IT Security resources last year, but we want to make it even better. You can help; in just a few minutes, you can complete an online survey and tell us what you want and expect from a security site. We value your input. Read More »

Proving the Negative – Jail Time for Undisclosed Encryption Keys

Since 2000, the United Kingdom has been operating under the Regulation of Investigatory Powers Act (RIPA). Part 3, Section 49 of RIPA has been of particular interest to the security community because it concerns the disclosure of decrypted data or encryption keys. In the course of an investigation, law enforcement officers can invoke Section 49 to compel notice recipients to provide the encryption keys or disclose the decrypted contents of encrypted files. Failure to do so can lead to prosecution, with a potential for two years in jail, or five years in the case of a national security investigation. For the first time since RIPA’s inception, the latest annual report from the Chief Surveillance Commissioner has revealed that this has resulted in jail time. Read More »

Lessons From an Insider Attack on SCADA Systems

The Cyber Risk Report For June 29 to July 5 covered the story of an insider attack at a Dallas, Texas (United States) hospital. The attacker, Jesse “GhostExodus” McGraw, allegedly was able to leverage his position as a night security guard at the hospital to gain physical access to heating, ventilation, and cooling (HVAC) control systems and manipulate those systems. The intrusion was discovered when security researcher Robert Wesley McGrew from Mississippi State University discovered screenshots taken from the control systems. McGrew approached the United States Federal Bureau of Investigation (FBI) with this evidence, who then took action against the security guard. The guard was recently indicted by the FBI under felony charges of “transmitting a malicious code” according to the Department of Justice press release.

McGrew, a supervisory control and data acquisition (SCADA) systems security researcher, realized the seriousness of the threat, leading to the notification of law enforcement authorities of his findings. Significant danger to the facility could have occurred if the HVAC infrastructure could have been changed in such a way to compromise pharmaceutical storage or stress the health of patients within the medical facility. Read More »