From malware on Google’s Android phones to the U.S. Defense Advanced Research Projects Agency trying to understand how stories or narratives impact security and human behavior, the security world certainly is never boring. Here we take a look at 20 security stories that have shaped the industry in the past few months.
Is retaliation the answer to cyberattacks?
Should revenge assaults be just another security tool large IT shops use to counter cyberattacks? It’s a controversial idea, and the law generally frowns on cyberattacks in general. But at the Black Hat DC conference in January, some speakers took up the issue of whether and how organizations should counterattack against adversaries clearly using attack tools to break into and subvert corporate data security. One idea that got plenty of attention here was the notion of exploiting vulnerabilities in attack tools and botnets to try to determine what the attacker was going after or feed fake data, or even dive into the attacker’s network lair.
Cybercriminals targeting point-of-sale devices
Point-of-sale payment processing devices for credit and debit cards are proving to be rich targets for cybercriminals due to lax security controls, particularly among small businesses, according to a report from Trustwave. Trustwave, which investigates payment card breaches for companies such as American Express, Visa and MasterCard, conducted 220 investigations worldwide involving data breaches in 2010. The vast majority of those cases came down to weaknesses in POS devices. “Representing many targets and due to well-known vulnerabilities, POS systems continue to be the easiest method for criminals to obtain the data necessary to commit payment card fraud,” according to Trustwave’s Global Security Report 2011.
Google Android’s infected apps spotlight mobile danger
The Google Android Market for apps is supposed to be an apps showplace, but the fact that Google this week yanked down about 50 Android apps it found out were malicious came as something of a jolt to many in the security industry. “We believe they all had the same malware,” said Kevin Mahaffey, CTO at Lookout Mobile Security, which has taken to calling it the DroidDream infection. The apps were released under the Google-registered developer names “Kingmall2010,” “we20090202” and “Myournet,” which Lookout Mobile suspects are all the same person or group. At least one of the malicious apps is based on stolen software that was Trojanized and submitted to Google. Most of the malicious Google Android apps to date have been on third-party Web sites, but this week’s episode of the malicious Google Apps on the Android market calls into question the vetting process.