Cryptography has been, and continues to be, the most important and ubiquitous aspect of security services (firewall, secure access, VPN, authentication). There is a vast number of cryptographic algorithms and techniques that provide information security features that are used in different protocols and functions. It is important to be able to understand the challenges, attacks, and concerns of cryptographic algorithms in order to be able to use them efficiently. Just as important is the ability to follow the latest developments in the field so that we can be “as secure as possible.” This post is trying to present the latest transformations in the cryptography field to raise awareness on what the status quo is on recommended algorithms and key sizes.
For corporations, Advanced Persistent Threat (APT) is a widely publicized yet little understood topic. Does it exist? Is it a real threat? How can an organization tell if it is impacted?
The Cisco Computer Security Incident Response Team (CSIRT) is a global team of information security professionals responsible for the 24/7 monitoring, investigation and response to cyber security incidents for Cisco-owned businesses. CSIRT engages in proactive threat assessment, mitigation planning, incident detection and response, incident trending with analysis, and the development of security architecture. This article will provide the Cisco CSIRT team’s perspective on APT, and is the fifth in a series of blog posts on related issues from CSIRT’s point of view. As with the other posts, provided here are some real-world examples and techniques that will hopefully help organizations utilize existing tools and processes, or even understand gaps in security infrastructure. Read on to find out more.
In the previous installment of our series of IPv6 posts, we covered some of the ways ICMP has changed in IPv6 compared to IPv4. In this post, we’ll talk about how addressing has changed in IPv6 compared to IPv4.
While IPv4 addresses are 32 bits log, the IPv6 address space has been extended to 128 bits, which will make it virtually impossible to remember the numeric representation of the address for a given host. This will definitely lead to more reliance on DNS. It will be difficult to operate even very simple test networks without relying on DNS to resolve host names to IPv6 addresses. Because of this, more attacks will be targeted against your DNS servers. Making sure your DNS configuration and servers are secure will be very more important in IPv6. DNS will also be targeted by attackers to attempt to locate systems on the network by trying to resolve “common host names,” since scanning a remote IPv6 network is essentially impossible due to the size of the IPv6 address space.
Global smartphone sales have finally eclipsed PC sales for the first time in history, and that’s without counting the millions of non-phone devices like tablets that tend to share the operating systems and functionality of their phone-based brethren. Based on these numbers, it is disappointing to see the state of security in devices that have taken the world by storm. Design decisions, policies, and various stakeholders have resulted in a fairly hostile device ecosystem in which, for example, users can be easily fooled into installing malware on their phones.
It is a common belief that a prolonged, nation-wide outage of communications networks would hit developed countries harder than developing countries. A study made by Scott Dynes et al. in 2006 has estimated losses for three segments of US economy if communications networks go down (see “Costs to the U.S. Economy of Information Infrastructure Failures: Estimates from Field Studies and Economic Data”, 2006 for details). The study highlighted three important areas of potential impact: electric, automobile, and oil refining. In a case of an outage affecting the first two segments, the study looked at losses if the Internet goes down. The study found that oil refining is not as dependent on the Internet, so the losses were estimated if their SCADA systems would become unavailable. Total losses for these three segments of US economy are estimated to be in a range of US $500 million for a 10-day outage.