Tag Archive for 2015

| May 12, 2015
One comment

What Triggers a Data Breach?

What Triggers a Data Breach?Cyber-insurer Ace Group recently published data they say predicts a data breach. Based on their data (and the need to sell premiums) the insurer claims that all firms are at risk for a data breach. Matthew Prevost, vice president, ACE Professional Risk recently claimed data breaches are inevitable.

When it comes to cyber risk, it is not a question of if or when, but how – how can an organization proactively prepare for and then quickly respond to cyber-related breaches and interruptions?

data breaches are inevitableACE has a unique position to speculate, according to ClaimsJournal ACE has over 15 years of experience with cyber-risk. The firm has cataloged a considerable amount of lost data. They recently shared several key insights from their proprietary dataFierceITSecurity explains that based on cyber insurance provider ACE data, the top triggers for data breaches are:

  1. top triggers for data breaches Network security attacks – 25%
  2. Lost or stolen devices – 20%
  3. Human error -16%
  4. Rogue employees – 15%
  5. Faulty policies – 9%
  6. Use of paper – 6%
  7. Software error – 3%

The firm’s data says that lost and stolen devices that led to data breaches are:

  1. Laptops – 70%
  2. Memory devices – 28%
  3. Smartphones – 2%

stolen devicesFormer employees accounted for 25 percent of insider attacks, and financial incentive was the motive in 72 percent of insider attacks, according to ACE.

rb-

I have written about the cyber insurance market here and here. The most surprising factoid to me is that lost or stolen smartphones lead to data breaches 2% of the time. Perhaps the ACE data is old, or the security marketers have spread FUD and hubbub about the need for MDM, EMM, and remote wipes just to make a buck.

Do you agree with ACE’s stats? 

Related articles
  • Why small businesses should consider cyber liability insurance (hiscoxsmallbizblog.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| May 7, 2015
Comments Off on World’s First Hacker?

World’s First Hacker?

World's First Hacker ?The story of the first hacker could be a 21st-century tale. It includes a zero-day exploit, patent trolling, a live demo, egos, and industrial espionageNew Scientist has identified its candidate for the world’s first hacker. The hacker found a security hole in Marconi’s wireless telegraph technology and used it to publicly show the inventor up.

The first hacker

Nevil Maskelyne haclerNew Scientist’s first hacker was, Nevil Maskelyne. Nevil Maskelyne was a stage magician who disrupted a public demo of Marconi’s wireless telegraph in 1903. He disrupted the demo by wirelessly sending insults in Morse code through Marconi confidential channels. Visitors to the Bach Seat should be sophisticated enough to know the risks of running a live demo, but 110+ years ago, they didn’t.

According to the author, the first hack occurred at the Royal Institution in London. As Marconi associate, John A. Fleming (inventor of the vacuum tube) was preparing the Marconi equipment for a public demo of the long-range wireless communication system developed by his boss, the Italian radio pioneer Guglielmo Marconi when something unplanned happened.

Scientific hooliganism

Marconi's wirelessBefore the demonstration was scheduled to begin, the demo gear began to receive a message. The unplanned message included a poem that accused Marconi of “diddling the public.” Then it started in with some Shakespeare.

Arthur Blok, Fleming’s assistant, figured that someone else was beaming powerful wireless pulses into the theater. The new signal was strong enough to interfere with Marconi’s equipment. Unfortunately for Marconi and Fleming, Nevil Maskelyne figured out the hack first. Mr. Maskelyne’s hack proved that Marconi’s gear was insecure. It also proved it was likely that they could eavesdrop on supposedly private messages too.

Wood towers supporting Marconi aerial at Cornwall England

In response, Fleming fired posted a complaint in The Times. In the paper he dubbed the hack “scientific hooliganism.”  He asked the newspaper’s readers to help him find the hacker.

However, Maskelyne, whose family had made a fortune making “spend-a-penny” locks in pay toilets outed himself four days later. He justified his actions on the grounds that he revealed the security holes for the public good. (Sound familiar?)

Maskelyne who taught himself wireless technology had a great deal of experience with wireless. According to the article, he would use Morse code in “mind-reading” magic tricks to secretly communicate with a partner. And in 1900, Maskelyn sent wireless messages between a ground station and a balloon 10 miles away. But, his ambitions were frustrated by Marconi’s broad patents. The overly broad patent left him embittered towards the Italian. Maskelyne would soon find a way to get back at Marconi. It turned out that the Eastern Telegraph Companyworried that Marconi’s wireless would kill their global wired communications business hired Maskelyne as a spy.

Revealed security holes for the public good

eavesdrop on the "confidential channelMaskelyne built a 50-meter radio mast near the Marconi Wireless offices. From these offices Marconi was beaming wireless messages to vessels as part of its highly successful “secure” ship-to-shore messaging business. From there, Maskelyne could easily eavesdrop on the “confidential channel” Marconi wireless messages.

Maskelyne gleefully revealed the lack of security by writing in the journal The Electrician in November 1902,

I received Marconi messages with a 25-foot collecting circuit [aerial] raised on a scaffold pole. When eventually the mast was erected the problem was not interception but how to deal with the enormous excess of energy.

To further publicize his results and perhaps extract some revenge on Marconi, Maskelyne staged his Royal Institution poetry broadcast.

The New Scientist concludes that Maskelyne’s name had been forgotten but now he is in the history books as the world’s patron saint of hackers.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| May 5, 2015
Comments Off on iPads Stalled

iPads Stalled

iPads StalledReaders of Bach Seat know that I have been a skeptic of the iPads role as the leader of the “post-PC” era. The Verge looks back nostalgically to 2010 when Apple (AAPL) first introduced the iPad. Steve Jobs heralded the iPad as a “magical and revolutionary iDevice.” It was predicted to play a part in the “post-PC” era of devices. In the subsequent years since the launch of the iPad, many have debated whether the laptop is dead and the PC era over. That hasn’t quite happened yet.

Post-PC era?

Apple now earns more money from Macs than iPadsThe latest financial figures from Apple seem to have gotten this “post-pc” epoch upside-down. Apple now earns more money from Macs than it does from iPads. According to The Verge, Apple made $5.6 billion in revenue from its Mac sales in the most recent quarter and $5.4 billion in iPad revenue. The surprise revenue turnaround casts some doubt on Apple’s “post-PC revolution.” Apple’s iPad sales have been decreasing consistently in recent quarters. Apple doesn’t have an answer to counter the trend.

Tim CookRumors of an iPad Pro with a stylus have surfaced over the past year. Sadly, Apple has only chosen to refresh its line with very few improvements. The decrease in iPad sales is likely related to several factors. Consumers not refreshing tablets as much. The lack of big improvements to the iPad. Smartphones are still revolutionizing the industry more than tablets.

Macs out-selling iPads

Apple CEO Tim Cook famously rejoiced at iPad sales beating rival manufacturer’s PC sales, at the peak of iPad popularity. It’s no longer beating Apple’s own PC sales revenue. Without a major change to the iPad, this could be a trend that continues.

BI - iPad SalesApple is seeing impressive growth on the Mac side. A 10 percent increase year-over-year in Mac sales has helped push revenues past the iPad level, and Apple has been consistently bucking the trend of a PC market in decline.  As for CEO Cook, he still believes in the iPad. “It is what it is. It will play out, and at some point, it will stabilize,” Cook told analysts when asked about the lackluster iPad sales. “I am not sure precisely when, but I’m pretty confident it will.”

Broken iPadsCEO Cooks’s confidence may be misplaced. As far back as March 2015 people were saying the iPad had no clothes. The Business Insider pointed out that sales of the iPad hit a wall. They cite Credit Suisse analyst Kulbinder Garcha who believes and has the data to prove it that phablets are eating the iPad for lunch.

phablets are eating the iPad for lunch.

rb-

Credit Suisse’s Garcha is right when he speculates why would you buy an iPad when you can buy a big phone that does everything the tablet does, and more?

Related articles
  • Unreleased Apple iPad Prototype Stolen In Kidnapping (valuewalk.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Tablet computing | Tags: , , , , , , ,
| May 4, 2015
Comments Off on May the Fourth Be With You

May the Fourth Be With You

May the Fourth be With You

 

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Holidays | Tags: , ,
| April 30, 2015
Comments Off on Romania Leads IPv4 Market

Romania Leads IPv4 Market

Romania Leads IPv4 MarketI first wrote about the grey market in IPv4 addresses when Microsoft (MSFT) bought Nortel‘s IPv4 IP block back in 2011. A  recent article from CircleID proves the market has caught up with Bach Seat. In the CircleID article, Doug Madory, Director of Internet Analysis at Dyn reports that the market for IPv4 addresses is heating up especially in Europe.

RIPE’s IPv4 transfers

According to Dyn, statistics from RIPE, the European registrar, show that the IPv4 market has heated up. RIPE’s table of transfers of provider aggregatable (PA) IPv4 address clearly shows a rapidly increasing rate of transfers of IPv4 address blocks and unique IPv4 addresses.  In fact:

  • increasing rate of transfers of IPv4 address blocksFebruary 2015 saw the most organizational transfers (373).
  • November 2014 saw the most unique address transfers (nearly 2 million).
  • The number of transfers in the RIPE region far outpaces any other region.

Romania is a key player in IPv4

An analysis of the RIPE data by the author finds that Romania is a key player in the IPv4 market.

  • Romania Leads IPv4 MarketDuring 2014/15 1,069 (58%) transfers came from Romanian organizations.
  • 947 (51%) of all the blocks transferred in the RIPE region were from a single Romanian organization, namely, Jump.ro.
  • Jump is willing to sell large blocks of IPv4 address space (around $10/address) or lease smaller blocks for $0.50/address/year.
  • Of the 4,656 routed prefixes that make up the Saudi Arabia part of the Internet, 1,498 or almost a third of them were Romanian just a few months ago.
  • The Syrian state telecom got 5.155.0.0/16 from Romania’s Nav Telecom last August and Iranian telecoms bought over 1 million unique IP addresses in 85 transfers over the past year (80% from Jump.ro).
  • Saudi Telecom received 17 IPv4 transfers since September last year representing over 1.5 million IP addresses: 14 were from Romanian sources and the other 3 were from
  • Ukraine.  At $10/address, those addresses would have cost Saudi Telecom $15 million.

A side-effect of the IPv4 gray market is abetting the growth of global routing tables to dangerous levels. The first effects of this were seen in August 2014 when BGP routing tables grew to over 512,000 routes when many older routers could no longer properly track the routes. ZDNet explains that routes are typically kept in a specialized kind of memory called Tertiary Content Addressable Memory (TCAM) which has a limited capacity which fails when it is full.

The author asks what are the implications of all this? Now that the Romanians have demonstrated that there is a lucrative business to be had in selling off IPv4 address space, will we see ISPs in developing countries rush to sell off their address space for some quick cash?  If such sales result in the IPv4 space getting sliced more and more thinly, we can surely expect the global routing table to increase in size, perhaps dramatically, as a result.

Will this cause more router meltdowns?

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »