Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How The Hacker Economy Impacts Your Network & The Cloud
Newest First  |  Oldest First  |  Threaded View
QuadStack
50%
50%
QuadStack,
User Rank: Author
6/8/2015 | 12:36:22 PM
Re: Confused over the topic
@JoeK833 - First of all, thank you for reading and a big thank you for taking the time to comment! It really helps get the conversation going! Let's start here - so many of my friends sit on the good side of the cloud and IT security business. They help find holes, secure vast networks, check for new vulnerabilities, and do everything they can do to stay ahead of the bad guys. Which is what this article is about... How the bad guys monetize our data. It's kind of the thesis here - in the very beginning "How do the bad guys keep making this kind of money? Simple. Hackers, cyber criminals, hacktivists, and nation states have learned to monetize their opportunities..." Friends, I'm not trying to ignore the good security professionals out there - and, I'm not suggesting that all hackers are bad guys. The folks I'm talking about here are specifically the malicious users of the Internet looking to cash in on your information. Maybe my next piece will be around all of the amazing people helping create new security protocols to ensure a better cloud.

To your next point - no network architecture or data center is ever 100% safe. The security that we deploy is only as good as the policies, configurations, and best practices that we incorporate around it all. I have to argue that those organizations facilitating the architecture going into the modern cloud and data center environment are very much interested in more intelligent security practices. A breach will cost them customers, reputation, and - in this fast-paced world - potentially their entire business. It's not perfect out there - but it certainly is improving. 

Now, to cloud security; we're seeing that it's certainly evolving and doing so at a very fast pace. We have yet to see ANY major cloud breach within some of the biggest cloud providers. Many of the biggest breaches have all happened with on-premise resources. And yes, I'll take a slightly more positive approach here and show that the way we secure our data centers today are a bit better than "dismal." Cloud providers don't want a legal process... they also really don't want negative public attention. So they'll do whatever they can to secure these multi-tenant environments. I'm not talking about some unrealistic pristine cloud security architecture here. I'm being realistic. The way we have created better network and cloud intelligence allows you to see more of the "bits" which are traveling the wire. 

As for any open-source cloud management technology out there - yes, there are still some challenges to overcome. But OpenStack - when deployed properly - is a powerful cloud orchestration and API layer. A good security architecture will work with security to ensure no critical data is ever close to any holes. Joe - you take a very bleak approach to cloud and security in your comments. In working with data centers, cloud providers, and many security professionals - it's clear that big progress has been made around the security of your data. But you're right - it's not perfect. And, there are more breaches potentially happening as we store more data in the cloud and within our own data centers. The only way to work around this is to continue to improve the capabilities of the products in the field - and hope that they're not too "dismal" moving forward. 
QuadStack
50%
50%
QuadStack,
User Rank: Author
6/8/2015 | 12:18:33 PM
Re: Economy
@colocationauthority - You're aboslutely right. The economics around various threat vectors and how we now can secure against it all have certainly come a long way. Pretty sure with so many new interconnected devices and new cloud services - security will remain a white hot topic and market impactor. 
JoeK833
50%
50%
JoeK833,
User Rank: Apprentice
6/8/2015 | 11:02:33 AM
Confused over the topic.
To begin with, seems your article applies Hackers are cybercriminals. Are you saying the MIT Hackers, and those of us that code and attempt to identify security vulnerabilities before loss of property or life are cybercriminals?

Next. "The network". Networks security is only as good as your ability to understand the context of the bits traveling the wire, be they to a company or in the cloud. You are assuming that companies which make products, have interest in include new protocols and upgrade to protocols for the purpose of detecting hard. Well, they don't. A good example is the claims security products support IPv6. When pushed, you will discover some have been claiming support for 8 years, but still have no support.

Finally, you argument about improved cloud security. You are assuming if your data is outside your organization, that the company processing that has better products then you can afford, and more people to watch for problems. If in fact, your data is compromised, the only recourse is a slow legal process. You also assume that your workloads cannot be moved outside the initial data center, and can't be moved to a random data center allowing criminals and nation states to obtain your data.

On the Openstack side, many of the project have large gaping security holes, which have yet to be addressed, there for using some of these tools open even more holes in your defense.

In short, you can believe the number on cost of compromise, but the capabilities of products in the field are dismal.

Joe Klein

 

 
colocationauthority
50%
50%
colocationauthority,
User Rank: Apprentice
6/4/2015 | 11:20:55 AM
Economy
I believe that you are completely correct in this article. The economy and technology have both come a long long way! colocationauthority.com


More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36192
PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193
PUBLISHED: 2021-01-18
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...