Feed aggregator

Tool Estimates Incident Response Cost for Businesses

Threatpost for B2B - Thu, 04/03/2014 - 10:31

P { margin-bottom: 0.08in; }
-->A thorough and freely available tool aims to help security professionals and executives anonymously tabulate the costs incurred on enterprises following all manner of cyber-incidents.

Called CyberTab, the tool was created by The Economist Intelligence Unit and sponsored by the consulting firm Booz Allen Hamilton. While the tool is free, it gives users the choice of opting in to allowing their reports to be used as part of a study undertaken by The Economist.

Based on input estimates of incident response and business expenses, as well as those of lost sales and customers, CyberTab calculates the cost of a specific cyber attack and estimates the return on investment for preventative measures.

It has two modes, a planning mode, which estimates the cost of a potential attack to help organizations better understand the risks they face and their security investment choices, and a reporting mode, which examines and reports the cost of a specific attack that has already occurred based on a long list of factors.

Each tool will ask users to identify the type of attack deployed against them. The options include denial of service attacks, malware infections, misuse of systems by employees or partners, intrusions with no data theft, intrusions with personal data theft, and intrusions with intellectual property data theft.

The tools also inquire – again anonymously – about the size of an affected enterprise, the industry and region in which they operate, the duration and time frame of a specific attack, when and by whom was the attack discovered, who carried out the attack, and what sorts of tactics and technologies were deployed by the attackers.

Beyond that, the tools take into account the types of systems and number of servers and endpoints affected by the incident. In the case of DDoS attacks, the tools ask about the peak bandwidth in gigabits per second. The tool further takes into account the company data and types of accounts implicated in the attack. The impact on intellectual property and number of parties affected – employees, consumer and business customers, and partners – as well.

Outside the details of the attack, the tools also seek out specific cost details. How many incident response workers does the company employ? Which and how many technology measures it eh business invested in? Did the organization seek outside help following the incident? Were there legal or customer service and support costs incurred in the incident.

It offers a straightforward user interface and allows users to stop and save their progress at any time.

In the end, the CyberTab tool takes all these and more factors into account and estimates the total potential cost – in ranges – paid by an affected organization and the amount of money that they could save – for each dollar spent – by deploying preventative measures.

 

Yahoo Encrypts Data Center Links, Boosts Other Services

Threatpost for B2B - Thu, 04/03/2014 - 10:26

Yahoo certainly has taken its share of knocks during the past nine months of surveillance revelations and Snowden leaks for its encryption shortcomings. But the bruises are healing and the company is slowly working its way back into good graces.

After months of being an encryption laggard, Yahoo gained on the field with a number of enhancements announced last night by new chief information security officer Alex Stamos.

Chief among the improvements is that as of Monday, traffic moving between Yahoo data centers is encrypted. This, along with a lack of email encryption, was an area critics were especially harsh on Yahoo after top secret documents revealed the National Security Agency was able to sniff communications between Yahoo and Google data centers.  The Washington Post reported at the time that a combined initiative between the NSA and Britain’s GCHQ called MUSCULAR allowed the intelligence agencies to copy data from the company’s fiber-optic cables outside the U.S. Google, meanwhile, announced in November it had turned encryption on between its data centers.

“In light of reports that governments have directly tapped Internet backbones to obtain secret access to millions of people’s private communications, it’s become clear that routine use of encryption is an important basic measure for privacy and security online,” said Seth Schoen, senior staff technologist at the Electronic Frontier Foundation. “Without it, any network operator (from the smallest Wi-Fi node to the largest Internet backbone companies), or anyone who can coerce or infiltrate one, can easily see the intimate details of what people are saying online.”

As for email, Yahoo was one of the last major web-based email providers to turn on SSL by default, doing so in January after an initial foray in November when users were given the option to turn it on manually. Stamos said yesterday that in the last month, Yahoo turned on encryption of its email service between Yahoo’s servers and other email providers who support the SMTPTLS standard.

Yahoo has also turned on HTTPS encryption on its home page, search queries that run on the home page and most of its properties. Yahoo supports TLS 1.2, Perfect Forward Secrecy and 2048-bit RSA encryption for its home page, mail and digital magazines, Stamos said. He added that users can initiate encrypted sessions for Yahoo News, Sports, Finance and Good Morning America on Yahoo by typing HTTPS in the URL. He also promised an encrypted version of Yahoo Messenger in the coming months.

“Our goal is to encrypt our entire platform for all users at all time, by default,” Stamos said.

Also on the road map, Stamos said, Yahoo plans to implement HSTS, Perfect Forward Secrecy and Certificate Transparency in the near future.

“One of our biggest areas of focus in the coming months is to work with and encourage thousands of our partners across all of Yahoo’s hundreds of global properties to make sure that any data that is running on our network is secure,” Stamos said. “Our broader mission is to not only make Yahoo secure, but improve the security of the overall web ecosystem.”

Forward secrecy has long been advocated by security and privacy experts as an important failsafe to secure data and communications. The technology keeps the content of old encrypted connections private even if the encryption key is lost or stolen in the future.

Yahoo was criticized heavily for its lack of encryption on its services, which experts said facilitated the NSA’s ability to snoop on traffic, and harmed users’ ability to keep their identities and personal information secure from criminals operating on the web. While it doesn’t stop the government or law enforcement from obtaining user data via court orders or warrants, it does hamper their efforts to hack into servers and communication lines.

Meanwhile, the EFF’s Encrypt the Web report, which it continues to update, demonstrated Yahoo’s glaring encryption weaknesses in the wake of the initial Snowden leaks. Since then, most of the technology companies surveyed have tightened up their encryption practices, leaving only carriers such as Verizon, Comcast and AT&T in the rear.

“We commend Yahoo for taking these steps, and hope today’s announcements will continue to foster a recognition that encryption is an industry standard,” the EFF’s Shoen said.

Blog: Garfield Garfield True, or the story behind Syrian Malware, .NET Trojans and Social Engineering

Secure List feed for B2B - Thu, 04/03/2014 - 09:25
It's been a while since the last massive Internet outage took down Syria’s backbone network (AS29386).
Syndicate content