ZDNet reports that malware writers have come up with a new social engineering angle. The bad guys have started mashing up two issues Green and Security to help spread their malware.CA has been tracking the emergence of new scareware called Green-AV Premier Edition 3.0.
The malware claims to be the “World’s First Antivirus Which Cares About the Environment” and “costs” $99.99, This attack plays on Green sympathies by promising to donate $2 from every purchase for saving the “Amazonian green forests.”
CA says that the effects of an attack from this malware are similar to those caused by most rogue security software.
Recommendations:
Keep your security software up to date
Never click on a link you did not ask for
Never purchase this type of security software since you could be giving your credit card information to fraudsters and making yourself a target of identity theft
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Today (09-11-09) the IEEE Standards Board has ratified the IEEE 802.11n™-2009 amendment. This vote ends a seven year effort to, “enable rollout of significantly more scalable WLANs that deliver 10-fold-greater data rates than previously defined while ensuring co-existence with legacy systems and security implementations” according to the IEEE. The 560-page document describing 802.11n will be published in mid-October 2009. Bruce Kraemer, Chair of the IEEE Wireless LAN Working Group said in a press release,
The performance improvements achieved via IEEE 802.11n stand to transform the WLAN user experience, and ratification of the amendment sets the stage for a new wave of application innovation and creation of new market opportunities.
Kelly Davis-Felner, marketing director of the Wi-Fi Alliance (WFA), toldNetwork World that “The core interoperability is totally preserved with the [existing] draft certification program.” Ms. Davis-Felner says, ”Existing draft-11n products should work seamlessly with future products based on the final standard. No existing products will have to be retested in the updated certification program.”
Today’s ratification marks the high-point for other 802.11 wireless products. This approval will green-light the development and deployment of 11n products in the enterprise. There is no longer a reason for firms deploying greenfield WLAN’s to roll put anything but 802.11n. The WFA expects 11n shipments to rise to 45% of all 802.11 shipments in 2009. Reaching 60% in 2012 based on data from market researcher ABI Research. But how long will 802.11n last?
NetworkWorld is reporting that Microsoft (MSFT), Intel (INTC) and others have formed the Gigabit Wireless Alliance (WiGig). WiGig is to create anew wireless specification with a data speed of up to 6Gbps. WiGig is also actively involved with the IEEE’s 802.11ad task group. And if WiGig is to slow. James Buckwalter, a professor at the University of California San Diego has developed s a silicon-based amplifier that transmits 10Gbps wireless in 100 GHz frequency bands according to NetworkWorld. Coverage could also be over a kilometer, which beats traditional WiFi‘s 100 meters.
rb-
The formal ratification of the IEEE 802.11n standard is a good thing. However we have recommended that clients seriously consider this technology in greenfield installs with Wi-Fi approved 802.11n since the beginning of the year.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedIn, Facebook and Twitter. Email the Bach Seat here.
Senator Jay Rockefeller (D-WV) has released a revised version of his bill that would federalize the Internet(I covered this topic earlier here). The current draft would allow the president to “declare a cybersecurity emergency” on “non-governmental” computer networks and do what’s necessary to respond to the threat.
Section 3 (2) (B) Defines “Cyber” as any matter relating to, or involving the use of, computers or computer networks. Section 201 (2) (B), permits the president to “direct the national response to the cyber threat” if necessary for “the national defense and security.”
“I think the redraft, while improved, remains troubling due to its vagueness,” Larry Clinton told CNET “It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill,” said Clinton, president of the Internet Security Alliance, which counts representatives of Verizon, Verisign, Nortel, and Carnegie Mellon University on its board.
A Senate source familiar with the bill told CNET that the president’s power to take control of portions of the Internet is comparable to what President Bush did when grounding all aircraft on Sept. 11, 2001. The source said that one primary concern was the electrical grid, and what would happen if it were attacked from a broadband connection.
Section 201 (5) the bill requires the White House to engage in “periodic mapping” of private networks deemed to be critical, and those companies “shall share” requested information with the federal government. The privacy implications of sweeping changes implemented before the legal review is finished worry Lee Tien, a senior staff attorney with the Electronic Frontier Foundation in San Francisco told CNET. “As soon as you’re saying that the federal government is going to be exercising this kind of power over private networks, it’s going to be a really big issue,” he says.
“The language has changed but it doesn’t contain any real additional limits,” EFF’s Tien says. “It simply switches the more direct and obvious language they had originally to the more ambiguous (version)…The designation of what is a critical infrastructure system or network as far as I can tell has no specific process. There’s no provision for any administrative process or review. That’s where the problems seem to start. And then you have the amorphous powers that go along with it.”
Rb-
If your network is determined to be “critical” by the Feds, there is likely a new set of regulations coming from the same people who are giving themselves failing grades for their own cyber-security.
These new rules could impact staffing decisions, disclosure policies and open the door to a government can take over your IT systems. This bill requires watching by anybody that uses or manages computers, a private network, or the Internet. It is likely they will sweep it in as pork on another unrelated bill, to limit public discussion.
Contact your representatives in DC.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Japanese researchers have identified a WPA hack that could give hackers a way to read encrypted Wi-Fi traffic in less than 1 minute. Toshihiro Ohigashi (Hiroshima University) and Masakatu Morii (Kobe University) presented a way to break the WPA (Wi-Fi Protected Access) encryption system at the Joint Workshop on Information Security. The researchers outlined their work in a paper called “A Practical Message Falsication Attack on WPA” on August 7, 2009.
The new attack builds on 2008 research from Darmstadt University of Technology graduate students Martin Beck and Erik Tews who proved that WPA Temporal Key Integrity Protocol (TKIP) could be attacked. The Beck-Tews attack only worked on short packets in a WPA implementation that supported 802.11 quality of service (QOS) features and took between 12 and 15 minutes to work.
The new threat uses “man in the middle” (MITM) attacks on WPA TKIP systems. The MITM attack uses the “chopchop” attack on a short packet (like ARP broadcasts), decipher its 64-bit Message Integrity Code (MIC), and can then craft whatever packet it wants. The new packet is coded with the proper checksums and passed along to the access point, which should accept it as genuine. Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack was demonstrated told IDGNews, “They took this stuff which was fairly theoretical and they’ve made it much more practical.”
Both attacks work only on WPA systems that use the TKIP algorithm. The new attack does not work on newer WPA2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm. Kelly Davis-Felner, marketing director with the Wi-Fi Alliance, said that people should now use WPA2. She told IDGNews, WPA with TKIP “was developed as kind of an interim encryption method as Wi-Fi security was evolving several years ago.”
Enterprise Wi-Fi networks typically include security software that would detect the type of man-in-the-middle attack described by the Japanese researchers, Robert Graham, CEO of Errata Security told ars technica. He continues, the development of the first really practical attack against WPA should give people a reason to dump WPA with TKIP, he said. “It’s not as bad as WEP, but it’s also certainly bad.”
rb-
This is only an issue if the WLAN is secured at all. Motorola published a report in April 2009 that says 64% of companies are neglecting WLAN security. The report claims that only 47% of companies are using Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) encryption on their wireless networks.
These attacks highlight the weaknesses of TKIP-based WLAN encryption. WPA TKIP was developed to fix the worst of the security holes in the first Wi-Fi encryption protocol, WEP. WI-Fi-certified products have had to support WPA2 since March 2006 . Users should move to AES-CCMP which requires WPA2 Personal for home and small office networks or WPA2 Enterprise for larger networks.
Using AES-CCMP may require that some network equipment installed before 2003 be reviewed as AES supports key lengths up to 256 bits, which may not be compatible with older hardware. Any remaining equipment of this vintage may need to be upgraded to newer Wi-Fi adapters, switched to Ethernet only, or retired. WPA2 has not shown any vulnerabilities to date. There is no real good reason to try to secure your WLAN with WPA-TKIP anymore.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
ZDNet reports that malware writers have come up with a new social engineering angle. The bad guys have started mashing up two issues Green and Security to help spread their malware. CA has been tracking the emergence of new scareware called Green-AV Premier Edition 3.0.
The malware claims to be the “World’s First Antivirus Which Cares About the Environment” and “costs” $99.99, This attack plays on Green sympathies by promising to donate $2 from every purchase for saving the “Amazonian green forests.”
Japanese researchers have identified a WPA hack that could give hackers a way to read encrypted Wi-Fi traffic in less than 1 minute. Toshihiro Ohigashi (