Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How The Hacker Economy Impacts Your Network & The Cloud
Newest First  |  Oldest First  |  Threaded View
QuadStack
QuadStack,
User Rank: Author
6/8/2015 | 12:36:22 PM
Re: Confused over the topic
@JoeK833 - First of all, thank you for reading and a big thank you for taking the time to comment! It really helps get the conversation going! Let's start here - so many of my friends sit on the good side of the cloud and IT security business. They help find holes, secure vast networks, check for new vulnerabilities, and do everything they can do to stay ahead of the bad guys. Which is what this article is about... How the bad guys monetize our data. It's kind of the thesis here - in the very beginning "How do the bad guys keep making this kind of money? Simple. Hackers, cyber criminals, hacktivists, and nation states have learned to monetize their opportunities..." Friends, I'm not trying to ignore the good security professionals out there - and, I'm not suggesting that all hackers are bad guys. The folks I'm talking about here are specifically the malicious users of the Internet looking to cash in on your information. Maybe my next piece will be around all of the amazing people helping create new security protocols to ensure a better cloud.

To your next point - no network architecture or data center is ever 100% safe. The security that we deploy is only as good as the policies, configurations, and best practices that we incorporate around it all. I have to argue that those organizations facilitating the architecture going into the modern cloud and data center environment are very much interested in more intelligent security practices. A breach will cost them customers, reputation, and - in this fast-paced world - potentially their entire business. It's not perfect out there - but it certainly is improving. 

Now, to cloud security; we're seeing that it's certainly evolving and doing so at a very fast pace. We have yet to see ANY major cloud breach within some of the biggest cloud providers. Many of the biggest breaches have all happened with on-premise resources. And yes, I'll take a slightly more positive approach here and show that the way we secure our data centers today are a bit better than "dismal." Cloud providers don't want a legal process... they also really don't want negative public attention. So they'll do whatever they can to secure these multi-tenant environments. I'm not talking about some unrealistic pristine cloud security architecture here. I'm being realistic. The way we have created better network and cloud intelligence allows you to see more of the "bits" which are traveling the wire. 

As for any open-source cloud management technology out there - yes, there are still some challenges to overcome. But OpenStack - when deployed properly - is a powerful cloud orchestration and API layer. A good security architecture will work with security to ensure no critical data is ever close to any holes. Joe - you take a very bleak approach to cloud and security in your comments. In working with data centers, cloud providers, and many security professionals - it's clear that big progress has been made around the security of your data. But you're right - it's not perfect. And, there are more breaches potentially happening as we store more data in the cloud and within our own data centers. The only way to work around this is to continue to improve the capabilities of the products in the field - and hope that they're not too "dismal" moving forward. 
QuadStack
QuadStack,
User Rank: Author
6/8/2015 | 12:18:33 PM
Re: Economy
@colocationauthority - You're aboslutely right. The economics around various threat vectors and how we now can secure against it all have certainly come a long way. Pretty sure with so many new interconnected devices and new cloud services - security will remain a white hot topic and market impactor. 
JoeK833
JoeK833,
User Rank: Apprentice
6/8/2015 | 11:02:33 AM
Confused over the topic.
To begin with, seems your article applies Hackers are cybercriminals. Are you saying the MIT Hackers, and those of us that code and attempt to identify security vulnerabilities before loss of property or life are cybercriminals?

Next. "The network". Networks security is only as good as your ability to understand the context of the bits traveling the wire, be they to a company or in the cloud. You are assuming that companies which make products, have interest in include new protocols and upgrade to protocols for the purpose of detecting hard. Well, they don't. A good example is the claims security products support IPv6. When pushed, you will discover some have been claiming support for 8 years, but still have no support.

Finally, you argument about improved cloud security. You are assuming if your data is outside your organization, that the company processing that has better products then you can afford, and more people to watch for problems. If in fact, your data is compromised, the only recourse is a slow legal process. You also assume that your workloads cannot be moved outside the initial data center, and can't be moved to a random data center allowing criminals and nation states to obtain your data.

On the Openstack side, many of the project have large gaping security holes, which have yet to be addressed, there for using some of these tools open even more holes in your defense.

In short, you can believe the number on cost of compromise, but the capabilities of products in the field are dismal.

Joe Klein

 

 
colocationauthority
colocationauthority,
User Rank: Apprentice
6/4/2015 | 11:20:55 AM
Economy
I believe that you are completely correct in this article. The economy and technology have both come a long long way! colocationauthority.com


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-42247
PUBLISHED: 2022-10-03
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
CVE-2022-41443
PUBLISHED: 2022-10-03
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
CVE-2022-33882
PUBLISHED: 2022-10-03
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.
CVE-2022-42306
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
CVE-2022-42307
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.