A comprehensive Verizon report released by ICSA Labs in the beginning of this week, summarizes 20 years of testing anti-virus and firewall products and their ability to detect and remove malware. The report concludes that more than 80 per cent of security products fail to perform certification as intended on the initial attempt under a widely-used industry kite-mark scheme. Only 4 percent of products tested at ICSA attain certification in the first testing cycle. Not to mention, the certification could be lost if periodic re-testing reveals the products are not able to keep up.

Surprisingly, the sad statistics are a reality. ICSA Labs states that most products need two or more cycles of testing to attain certification. 82 percent of products resubmitted for testing finally get certification. ICSA also noted that certified products are still required to go through benchmarks periodically for maintaining their continuous certification. George Japak, managing director of ICSA and one of the report’s authors, says that it took half a year just to make the oldest data absolutely accessible for data retaining. He added that a huge number of analysts and experts worked on the report, which provides serious perception of the development of the computer security industry.

ICSA Labs Product Assurance Report noted that 78 percent of product initial test failures throughout the first course of tests across seven product categories are because of an inadequate performance of core product functionality. The products include anti-virus, network firewall, Web application firewall, network IPS, IPSec VPN, SSL VPN and custom testing. Anti-virus products often weren’t able to defend malware infection at the first try while firewalls or IPS (intrusion prevention) products couldn’t make the grade in freezing attack traffic.

The next most common violation covers logging, which is especially important for enterprise customers. Incomplete or inaccurate logging of who did what and when accounted for 58 per cent of primary failures. Logging is often thought to be a nuisance and undervalued particularly when it comes to firewalls. Surprisingly, the third most common violation involves security flaws in the product’s inherent security problems. For instance, a web-based control console might be prone to cross-platform scripting. These problems also add vulnerabilities that compromise the confidentiality or integrity of the system, and random behavior that influences product availability.

The study also determined a few issues with security products which involve poor product documentation and problems covering patching, if a product accepts security updates properly. Nearly every network firewall or web application firewall investigated suffered at least from one logging problem. Just under half of security products had difficulties with their own security and were able to be used to invade the exact system they were thought to be securing.

It would almost be impossible to perceive a major cyber attack becoming a reality but in fact, it could happen according to security vendor McAfee.

Cyber warfare sounds really scary, however, this may be the truth someday. The computer security company McAfee made a conclusion on its analysis of recent net-based attacks on the very idea of a cyber war. The security firm informs and alerts computer users about a likely IT war! In the report McAfee said that there is little disagreement that there are growing numbers of cyber attacks over the Internet that more closely resemble explicitly political conflict than crime.

According to 2009 Virtual Criminology Report, the US, Russia, France, Israel and China are not only making ready their cyber-defenses but also they’re making ready cyber-offenses to organize their own attacks. McAfee continued by saying that they have also seen evidence that nations around the world are uplifting their capabilities in cyber-space, in what some have pointed out to as a cyber arms race. While definitions of what comprises cyber war are not distributed, it was clear that many nations were preparing for a future in which conflict was partly carried on through the net.

A short while ago, the UK government announced plans for creating a central Office of Cyber Security (OCS) to handle the increasing level of online attacks. The report said that the OCS would have a role in coordinating offensive capabilities and, in extreme cases, would have the ability to mount a cyber attack in response to invasions on UK networks. The report also claimed that a cyberattack against government networks and critical infrastructures can lead to physical damage and even death. Dave DeWalt, chief executive at McAfee added that today the weapons are not nuclear, but virtual, and every person must be in-the-know of these threats.

Next, the report mentioned that in most developed countries, critical infrastructure is connected to the Internet and do not have proper security functions. This fact makes them a huge target for cyberwarfare. Therefore, installations are left to be affected. The report set up on contributions by more than 20 international relations experts, needs a public debate on cyberwarfare on how to control this new model of conflict. It was added in the report that without insight into the government’s cyber-defence strategy, the private sector cannot be proactive and take suitable precaution, the report said.

McAfee declared that they hope this screen of secrecy around cyberwarfare needs to be risen. In addition, important questions, such as where to draw the line between cyber-espionage and cyber-war should be discussed. The report concluded that the consent of some nations to examine their cyber powers on others may indicate the beginning of a cyber cold war. If a major cyber conflict between nation states were to occur, the private sector could get caught in the crossfire.

This particular worm changes the wallpaper of the device to expose an image of 80’s pop singer Rick Astley and shows the message ‘ikee is never going to give you up’. The hacker told he created the worm to make users familiar with the risk of not to change the default password for their phone.

The infection with a nickname ‘Ikee’ spreads only among iPhones that have been ‘jailbroken’. Jailbreaking is a process that removes uses modified firmware software so that iPhone users are able to essentially “unlock” their phone allowing users to install programs that are not approved by the official Apple app store. In jailbreaking an iPhone it can remove protection tools from the device making it more vulnerable to attacks. A majority of software packages that users install for ‘jailbreaking’ their iPhones offer a service known as Secure Shell (SSH).

This service enables the devices to be accessed distantly over the Internet with a special password. The concern is that the most usual ‘jailbreaking’ software installs SSH using a default password. Therefore, users who ‘jailbroke’ their iPhone but never changed the default password are vulnerable to be ‘Rickrolled’ by this worm. Apple doesn’t support jailbroken phones and has attempted to defend against ‘jailbreaking’ practices through software updates. The company has also declared that iPhone ‘jailbreaking’ is not legal.

F-Secure notifies that the creator of the worm has released full source code of the four current variants of this worm. This means that there will be more variants and they might have more devistating payload other than the actions of just changing the wallpaper.

Graham Cluley, a senior technology consultant at security firm Sophos predicts that more attacks like this may appear in the future. He noted that just last week a Dutch hacker tried to access unsafe phones and demanded money for instructions on how to fix the loophole. Security experts say that as long as users’ iPhones are not jailbroken, they should be secure from the Ikee worm.

So you have an iPhone and you are happy that MMS is now available for the ridiculous price that you may already be paying for service. You perform an internet search on “iPhone MMS” to find out if everyone is just as happy as you with MMS on the iPhone and the search result that you click on redirects you to a malicious site that downloads malware onto your system. If this has not happened to you then consider yourself lucky.

Apparently cybercriminals have flooded the internet with bogus sites that promote scareware, or software that claims your computer is infected through fake popups until you purchase a useless application. These sites have populated the search results on the terms “iPhone MMS” and “iPhone SMS” which coincides with the recent release date for the anticipated enabling of the MMS functions of the iPhone.

The cybercrooks have setup this new scareware campaign to infect computers through deceiving tactics imitated on malicious web pages.

Cybercriminals are able to inject search engines with these results through other compromised computers, or bots, which are under the attacker’s control. These botnets are able to give the attackers much more control over a simple spam message or slow spreading parasite. Basically, the attackers know the way search engines populate their results and use it to their advantage.

Computer users are warned to be cautious of what they click on. There is no way for the search engines to avoid populating their results with those of malicious links because of the way the attackers use advanced keyword methods. To the search engine the links look legitimate. Most times attackers use popular events or subjects to start a new scareware search engine result campaign. The iPhone MMS feature is just a recent example as this has happened in the past.

Security researchers will say this type of attack will only continue to grow as this is not the first time it has happened on a large scale. Several months ago hackers used the Swine Flu as a popular subject to inject search results with malicious links.

Have you ever clicked on a malicious link that was populated in a recent search engine result?

The micro-blogging platform, Twitter, has had a big impact on online communication and social networking. With the such a massive impact comes the unfortunate attacks from hackers spreading malware such as Koobface. Koobface has been a computer parasite that has plagued Twitter and it’s users for months.

Koobface is designed to be spread via Twitter by first checking to see if a user is logged into Twitter and then post deceptive messages on the user’s account. The fraudulent message attempts to lure friends to click a link which will then lead them to a malicious website that may infect the user’s system.

Twitter has been a very big target for hackers recently giving them a stage to spread malicious software. Even the marketing expert Guy Kowasaki, had his Twitter account affected by malware trolls sending his friends to a fake video page that spreads malware.

Koobface is a prevalent infection that has been very successful in spreading malware via Twitter. While other social networks have been primary targets for hackers, Twitter is known for attacks through shortened URL links. With the use of shortened URL link services such as bit.ly or tinyurl, hackers are able to hide the real URL that a user would be redirected to once the link is clicked on. This means a computer user has no idea what site they will be sent to once they click on such a link.

Malware has not only spread on Twitter through the Koobface infection but through fake Twitter accounts that were registered by means of automated tools. Security researchers have reaffirmed that Twitter can take steps to implement a procedure that sends a verification link to an email address of a new registrant. This would ultimately make it more difficult for hackers to register dummy accounts that are used for the sole porpoise of spreading malware or dangerous links.

Will the actions of Twitter suspending accounts belonging to users with infected computers be fair practice?

What about the “innocent” computer users? Computer researchers are reemphasizing that Twitter can take other steps for resolving their malware issues. However, in the meantime, computer users are able to utilize security software to detect early versions of Koobface to remove it. Recent variations of the Koobface worm are using new coding that makes it difficult for security software to detect it. It is also suggested that Twitter users use caution when clicking on a shortened URL no matter which friend on Twitter it comes from.

While the Swine Flu continues to spread, security researchers from Websense Security Labs Threat Seeker Network have noticed thousands of new websites related to the swine flu. Details of this new discovery indicate that most of the new swine-flu-related sites are used for advertising, spamming, selling products and spreading malware.

What is the purpose of these malicious sites?

Security researchers believe that these sites were setup to hijack search results when a computer user searches for the term “swine flu”. When using Google to search for “swine flu”, some of these malicious sites are returned as high as the fifth result on the search results.

It was found that many of the malicious sites that show-up on the web search results are the type that redirects users to a web page asking that you install a missing codec to watch a video. This uses the old malicious tactics of offering a video to a computer user and then notifying them to download a piece of software, such as a fake Adobe Flash Player, in order to watch a video on their computer.

Just recently, spammers were discovered to capitalize on the swine flu to pitch bogus medications. Not only are the cybercriminals exploiting swine flu through spam messages, but they have gone as far as to create a large volume of swine-flu-related malicious websites to spread malware.

How do malicious websites show-up on a swine flu web search results?

Basically, cybercriminals have injected their malicious website links into web search engine results through clever SEO tactics using swine flu keywords. Security researchers suspect that the hackers will start to use more advanced SEO techniques to infect more computer users. It is very possible in the near future, that a simple web search for “swine flu”, through popular search engines, will return a number of links to new malicious sites that use illegitimate strategies to ultimately steal money from innocent computer users.

Have you encountered any suspicious websites when you did a web-search for “swine flu”?

In today’s world everyone must guard their personal information including contractors for the Pentagon who are in charge of design on the U.S. military’s newest and most technologically advanced fighter aircraft, the F-35 Lightning II.

Hackers seek out to find vulnerable systems that they can gain access too. In this case of hackers stealing data from the systems used by contractors of the Pentagon, it could be the situation where the operators may have not proven that they were using the proper level of computer security. Companies that contract with the Department of Defense now have to prove that they are implementing certain security measures even before they are authorized to work on a project. This policy was put into place last year because of the increase of cyber intrusions.

The U.S. government has not, and probably will not, go into detail about the recent breach. Many officials have assured those who speculate certain scenarios of this data breach that no classified information was compromised. In addition, the files compromised only focused on the design, performance statistics of the aircraft and a system used to conduct self-diagnostics during flight, which pretty much limits the possibility of sensitive data being stolen.

The U.S. military’s newest fighter aircraft is designed to become the aircraft used by all branches of service. Several international partners are assisting in the build of the new aircraft. It will be sold to U.S. allied countries which could raise the concern of security levels and practices of other countries involved.

As of now, offices have said that a number of safeguards have been implemented to protect the system that was hacked into. Hackers will not stop at anything until they are caught and put in jail. Do you think the U.S. Department of Defense has additional work to do in order to safeguard sensitive information? Is the DOD too lax when it comes to protecting systems of new programs such as the one of the newest fighter jet, the F-35 Lightning II?

With Cyber security being on the forefront of national security concerns from the DOD banning removable storage devices to the installation of security tools that monitor network activity. All aspects of cyber security need to be address and may need an overhaul according to the Center for Strategic and International Studies (CSIS).

The CSIS has conducted studies for cyber security in results of recent attacks to federal agencies such as the Department of Defense, NASA and Homeland Security. I suggestion to put certain recommendations in place by the new administration could help avoid future cyber attacks which may be a threat to our national security in America.

Coordination should start with Obama’s newly appointed staff so that new comprehensive cyber security strategies may be put in place to help combat current and future threats. The CSIS said that, “Our most dangerous opponents are the militaries and intelligence services of other nations. They are sophisticated, well resourced, and persistent.” With that being said it should be no surprise that we may see future conflicts initiate over the internet. This means we get cyber attacks instead of physical attacks which could result in serious consequences when we attempt to resolve conflict with foreign countries. Yes, it could be that serious.

Another valid warning that came from the CSIS is one that advises the new administration not to scrap the current President Bush’s Comprehensive National Cybersecurity Initiative. Although some thinks may be changed it may be a good place to start building off of if we want to have a stronger cyber security infrastructure.

Something to think about

We may need to appoint a new Cyberczar to over-see new implementations for cyberspace security. Not just for the sake of America’s security but also America’s economy. A serious enough cybersecurity attack could result in an even worse economy and none of us want to see that!

Express your own opinion, post comments below!