Adaptive Segmentationmicro-segmentation September 23, 2016

Cybersecurity: ICANN, Yahoo data breach, and DDOS

Nathaniel Gleicher,

I only have THREE things on my reading list this week, but I don't think you’ll be too disappointed:

4 Things In Cyber

  1. ICANN Changed the Cryptographic Key That Underlies DNS: When your web browser authenticates a URL, it looks it up in the centrally managed Domain Name System (DNS). That look-up process is managed by the Internet Corporation for Assigned Names and Numbers (ICANN), and, thankfully, it’s encrypted. If the process were corrupted, a malicious actor could use dummy websites to deliver malware to unsuspecting users. ICANN is cycling the encryption key as a standard precaution. The cycling itself shouldn’t be big news, but it’s a good reminder that trust underpins everything we do online, and if that trust were to break down, lots of systems we use every day would fall apart. I’m reading: “The Cryptographic Key That Secures the Web Is Being Changed for the First Time.”

  2. Credentials for 500 Million Yahoo User Accounts Get Hacked: Of course I’m reading about this intrusion—everyone is reading about this intrusion. But the huge number of accounts that were affected isn’t the most troubling part of this. The most troubling part is that the hack began in 2014, and it wasn’t discovered until July 2016. That could work out to the intruders spending two years inside Yahoo’s systems before they were identified. This intrusion should be object lesson No. 1 for anyone who forgets how important visibility and control over the interior of the data center is to cybersecurity. Regardless, if you had a Yahoo account, think carefully about whether you’ve reused passwords or “security” questions, and get to changing if so. I’m reading: “Yahoo data breach casts ‘cloud’ over Verizon deal.”

  3. Don't Forget DDOS. Especially If You Are Brian Krebs: Krebs’ cybersecurity research site got hit with an “unprecedented” DDOS attacking beginning on Sept. 20. The DDOS is driving 620 Gbps through Krebs’ site. For those of you keeping score at home, that’s a huge increase over what we’ve seen before. In fact, Akamai recently stopped shielding the site (it was providing the protection pro bono), noting that scope of this DDOS was “nearly double” anything it had seen before. We don’t pay much attention to DDOS in this era of APT and huge breaches (hello, Yahoo!), but no matter how you count it, 620 Gbps is a massive amount of garbage to throw at a server. I’m reading: “Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack.”

Adaptive Segmentationmicro-segmentation
Share this post: