Forwarded from: security curmudgeon <jerichoat_private> cc: joe.duffyat_private > http://www.businessweek.com/bwdaily/dnflash/apr2002/nf2002049_1803.htm > > APRIL 9, 2002 > SECURITY NET > By Alex Salkever > > Thanks to sophisticated new attack methods, computer security has to > go beyond the old standby of merely keeping intruders out > "DIFFERENT SCENARIO." This explains why intruders increasingly play > off this connectivity to target systems that require a certain > degree of openness to function as a business tool. "The > [pre-Internet] computing technologies were designed to keep people > out. The Internet is all about letting people in. That's a different > security scenario," explains Joe Duffy, national security practice > manager for PricewaterhouseCoopers. Well, I think this pretty much establishes that Joe Duffy was not on the net before 1995 or so. Hrm, let's find his bio. Joe Duffy is Lead Partner for the National Security Practice of PricewaterhouseCoopers. An author and frequent speaker on business technology issues, Mr. Duffy is responsible for the strategic direction, growth and vision of the US Security Practice for PricewaterhouseCoopers. That screams "upper management" and "i have a problem comprehending a mouse with three buttons" to me. First, what is "pre-Internet" computing? Talking about the mainframes of 1960? Since the Internet was basically founded/born/created in 1969, that would put his statement somewhere between "absurd" and "fucking stupid". I hate to be the one who beats Duffy with a clue-by-four, but computers and operating systems were NOT designed to keep people out "pre-Internet", pre 1995 (my guess as to his online history), or even today. Wonder if Duffy has installed a copy of NT or Linux lately and noticed that the security posture screams "bend me over"? I'd guess not. > Other insights can be gleaned from ISS's inaugural quarterly report. > Until recently, the most common type of Internet attack was "denial > of service," whereby malicious hackers break into computers > connected to the Net and command them to fire incessant data > requests at a Web site. That shuts off access to the site and can > damage it. I'd love to see the details that went into this study and figures. There seems to be a lot of leeway here as to what one considers "attack", how you qualify seperate attacks, etc. If an attacker breaks into a machine to be able to launch a DoS attack, then wouldn't it be closer to a 1:1 ratio between non DOS compromises and DoS attacks? Especially DDoS attacks that have kids breaking into 1,000 machines to create their zombie army. Add on to that the regular non DoS kiddies, and it seems that DoS attacks might not be the most prevalent. Also factor in tracing DoS attacks since they all spoof their packets and are a bitch to track back. Factor in that none of the backbone ISPs will lift a finger to trace those attacks, instead they just block all the traffic at a border router and celebrate a job well done. The nature of non DoS, non defacing attacks is to stay hidden. That has historically made any type of computer crime/hacking statistic difficult to pin down. All in all, I don't think these statements can easily be made short of a lot more research. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 03:45:50 PDT