My 2011 prediction = more of the same

Since I am not able to predict the future and I don't have enough big picture expertise in InfoSec to make intelligent and plausible predictions, I am going to take the easy way out. I know it isn't exactly exciting and you might even call it lame, but I predict 2011 will bring more of the same. (I am not a poet, and I know it.)

1. Increasingly frequent financial data breaches ala TJX and Heartland
2. Malware, malware, and STILL MORE malware - and likely even more crafty varieties
3. Finally, the one that freaks me out most of all - more SCADA/Control System activity ala Stuxnet. Even without (alleged ;) government involvement, no doubt the bad guys took careful notes of the possibilities. The terrorists and government sponsored groups are likely pulling down additional copies of Siemens, Schneider, Rockwell, Modicon et al softwarez and likely also buying a representative bunch of PLCs to increase their mad skillz in pawning pumps, valves and variable frequency drives.

Best wishes to you and yours for 2011, and for those of us wearing the InfoSec white hats - as they used to say on Hillstreet Blues: "Let's be careful out there."

More Amusing Malware

So this one really cracked me up. My friend and co-worker Matt are chatting about this and that with an infected client sitting behind us running a virus scan when BOOM the computer came to life with another of your garden variety fake AV. It was funny and sad at the same time.

It gets better, after pulling the Ethernet plug out and watching to see what Matt calls the bad mojo was going to do next (several minutes passed, not much happening) then all of a sudden the following warning about an attack/threat from a specific IP.

If the bad guys can block threats even when the computer is offline, that is simply cool and yet unfortunately impossible. I love my job.

InfoSec FUD Marketing

I received this email recently and I think it hit on my last good nerve. C'mon people, do we really need this kind of crap going around in 2010?

If this email works to drum up business for a telecom/security/whatever consulting group, I would really like to find out who the people are biting on this particular fish hook. I would call them myself under the guise of Doug's Ninja Service LLC as I think I could also sell them some DLP snake oil or perhaps a bit of magic pixie dust that stops all future malware variants - in the cloud.

Censorship be damned

December in Michigan began with a snowstorm and a chill in the air that seems to be stuck inside my bones. While it does not seem to have affected my lukewarm heart, the jury is still out.

I thought that I would begin the last month of the year by posting a PDF of my absolute fave blog post of 2010. I can say that now because there is no possible way to upstage this gem.

Matt Olney of Sourcefire VRT fame posted a somewhat inflammatory but 100% spot on rant that was shortly thereafter removed. I made a PDF from the ever useful Google cache version and am posting it here until the ever witty and sharp tongued Mr. Olney asks me to remove it himself.

The Rise of the Citizen Cyberwarrior by Matt Olney