The week's security news included new details about the RSA Security network breach, the latest attack on Sony servers, and wireless outages affecting RIM and Apple.
week was marked by several service outages. BlackBerry users in Europe, Asia
and North America were unable to check their messages over the week as Research
In Motion worked to bring all its servers online.
claimed it was aware of the problem and was working to resolve it, but didn't
explain what was going on, leading many to wonder if the company was under
attack. RIM explained later it was a problem with its network infrastructure,
but it came under fire for not communicating the problems better.
one thought Apple was under attack, but it was also plagued with unavailable
servers and sluggish traffic. The company launched iCloud last week and
updates to Mac OS X, iOS and iTunes
in order to allow users to upgrade
their devices to access the new service.
week began with
executives disclosing more details about the attack that
compromised the EMC subsidiary's networks earlier this year and resulted in
thieves stealing information related to the SecurID two-factor authentication
technology. RSA said the attacks had been traced back to two separate groups
who had not been known to work together in the past and that the evidence
points strongly at some kind of nation-state involvement. RSA did not mention
the suspect country by name.
of companies who had been breached earlier in the year, Sony was back in the
news last week. This time, attackers had obtained a list of email addresses and
passwords from a different source and had launched a mass log-in attack to try
, including the PlayStation Network and Sony Online
locked out approximately 93,000 users because the attackers succeeded logging
in to those accounts, but the company pointed out that the attack succeeded on
only a small fraction of users. Sony reminded users to not reuse passwords
across sites and encouraged all users to select strong passwords for their
Congress continues to debate and negotiate the details for what needs to go in
the cyber-security bill, the Securities and Exchange Commission took action,
issuing a guidance recommending that public companies disclose all cyber-risks
and incidents that may have material impact on the organization's operations or
financial results. Since the guidance doesn't carry any enforcement power,
there's no way for the SEC to enforce it, but it is still a first step because
it will encourage organizations to reveal information that investors should
the same day that Microsoft issued a sizable
Patch Tuesday release for October
, it released its latest
Security Intelligence Report
. SIR volume 11 identified some of the ways Web
services and organizations are being compromised, and found that less than 1
percent were the result of a zero-day vulnerability.
so, Microsoft Trustworthy Computing researchers did not dismiss the seriousness
of zero-days. The goal of the study was to point out that IT departments should
not ignore zero-days, but not worry about it to the extent of skipping all the
other security measures that would detect and block the 99 percent of more
United States Air Force
finally issued a statement after the recent news
about a mysterious keylogger that had allegedly infected the systems that
control its fleet of unmanned surveillance and attack aircraft. It turned out
it wasn't a keylogger, but "credential stealing" malware. It's a little unclear
exactly what that means, since keyloggers are often used to steal credentials.
possible that the malware intercepts credentials saved in a file or a cookie
instead of actually intercepting the keystrokes, Belkin's Cliff Unger told eWEEK
. Either way, the Air Force tried
to downplay the whole infection, calling it a "nuisance" rather than a serious
threat and saying it infected an isolated system and had no access to
confidential data. Unger noted that it was still a matter of concern that a
siloed system got infected in the first place.