Posted: 2010-01-13 09:19:54
UTC-07:00
Call for Case Studies at left!
UTC-07:00
Call for Case Studies at left!
googleblog.blogspot.com/2010/01/new-approach-to-china.html
In essence, Google discovered a security breach with the following
characteristics:
- the attack was not just against Google - at least 20 other large
companies worldwide have been targeted - the target appeared to be Gmail accounts of Chinese human rights
advocates - other Gmail accounts of human rights activists have been breached
Imagine if Google decides to pull Google.cn because of the human rights
violations persistently perpetrated by the Chinese government! Whoa!
For a while now I've been saying... the only way to run a secure network in China
is to... not run a network in China.
The Chinese government has their paws over every bit of data at their whim. If
you are a Chinese dissident, they are listening. If you are a foreign company with
intellectual property (IP) to steal, they are listening.
I applaud Richard Bejtlich at taosecurity.blogspot.com for focusing on China
(read his October 22, 2009 blog and follow him religiously) and loved his
prediction of a cloud-based security incident. Did you read my "cloud concerns"
article at www.chappellseminars.com/blog090109 as well?
So -- is your company gong to jump to cloud computing? Are you going to open
up that China office and try to set up a 'secure connection to the US?' (best of
luck there - just wait for the knock on your door asking you to install a tap for
government snooping).
The Chinese government is totally out of control. It will be interesting to see the
details emerge. I am certain the CG will respond with some shrug and a sly grin.
They realize the value and economical nature of cyber-espionage and they don't
give a damn who they step on.
Ok... yeah - this hit a nerve.
Have you looked at your traffic today?
The image above shows the traffic to/from a host in our lab that was hacked.
Notice the interesting target? Have you set up GeoIP in Wireshark yet?
C'mon - check out the setup/use video over at securitytube.net/Setting-up-GeoIP-
to-Track-IP-Address-Locations-in-Wireshark-video.aspx - use Firefox as your
default browser to save yourself some troublshooting time.
(GeoIP was the topic of the last Wireshark Weekly Tip - sign up at www.
wiresharktraining.com/tips.html to get an email each week with a new tip.)
Ok... now to go throw out some "Made in China" junk around here!
Enjoy life one bit at a time!
Laura
p.s. Thanks to everyone who is submitting case studies for the book! I am
reviewing them, categorizing them, responding with questions (if I have some)
and moving right along in reading them - some really great ones! I'm also
interested in those 'newbie tips' so keep 'em coming in - see the link at left to
submit your case study!