Information Assurance Situation in Switzerland and Internationally

Total Page:16

File Type:pdf, Size:1020Kb

Information Assurance Situation in Switzerland and Internationally Federal Strategy Unit for IT FSUIT Federal Intelligence Service FIS Reporting and Analysis Centre for Information Assurance MELANI www.melani.admin.ch Information Assurance Situation in Switzerland and Internationally Semi-annual report 2009/II (July – December) MELANI – Semi-annual report 2009/II Information Assurance – Situation in Switzerland and Internationally Contents 1 Focus Areas of Issue 2009/II .........................................................................................3 2 Introduction.....................................................................................................................4 3 Current National ICT Infrastructure Situation ..............................................................5 33.1.1 FDFA targeted by malware.................................................................................5 33.2.2 Website defacements after adoption of minaret ban initiative ............................5 33.3.3 DDoS attacks against Swisscom and Swisscom clients ....................................6 33.4.4 Fraud with fake domain registrations..................................................................7 33.5.5 Purported free offers against viruses, scareware, rogueware and ransomware 8 33.6.6 New top level domains (TLD) and high security zones in the Internet .............10 33.7.7 Revision of provisions implementing the Telecommunications Act ..................10 33.8.8 Skype wiretap published as source code .........................................................11 4 Current International ICT Infrastructure Situation.....................................................11 44.1.1 Publication of access data for e-mail accounts of various providers ................11 44.2.2 DDoS attacks....................................................................................................12 44.3.3 Hack in the run-up to the climate conference ...................................................14 44.4.4 Power failure in Brazil and virus at power utility in Australia ............................14 44.5.5 Drive-by infection via "not found" page.............................................................16 44.6.6 Protection of personal and confidential data (data mishaps)............................16 44.7.7 BKA strike against Internet scammers a major success ..................................18 44.8.8 Enterprises often prioritize the wrong security updates....................................18 44.9.9 Federal centre for combating botnets throughout Germany.............................19 5 Trends / Outlook ...........................................................................................................20 55.1.1 Information theft and the underlying economy – Attacks on EU, climate advocates, Google, banks and other................................................................20 55.2.2 In a globalized world, information assurance concerns everyone ....................21 55.3.3 Frequency of attacks on Swiss e-banking systems compared with other countries ...........................................................................................................23 55.4.4 Infections via social networking ........................................................................23 6 Glossary ........................................................................................................................25 7 Appendix .......................................................................................................................29 77.1.1 Detailed analysis of Koobface ..........................................................................29 77.2.2 Insights into Russian hacker forums.................................................................32 2/37 MELANI – Semi-annual report 2009/II Information Assurance – Situation in Switzerland and Internationally 1 Focus Areas of Issue 2009/II Information theft – Attacks against EU, climate advocates, Google, banks and others In recent months, numerous attacks were reported in which malware or insider access to computer systems of individuals, administrations and enterprises were used to steal and subsequently sell data, offer them to the media or misuse them for other purposes. The most prominent examples in the media were the attacks on Javier Solana and the General Secretariat of the EU, the stolen e-mails of various climate researchers shortly before the climate summit, the bank client data from HSBC, and the attacks on Google, Adobe and other companies in December 2009. ► Current situation in Switzerland: Chapter 3.1 ► Current situation internationally: Chapter 4.1, 4.3 ► Trends 5.1 Political hacking after adoption of the minaret ban In the aftermath of the vote on the minaret ban initiative, several thousand Swiss websites were defaced with political and religious statements. Website defacements are nothing new. More and more, however, the Internet is emerging as the primary or quickest outlet for political and religious protests. This is also seen in the DDoS attack against a Georgian blogger on the first anniversary of the offensive in Georgia. ► Current situation in Switzerland: Chapter 3.2 ► Current situation internationally: Chapter 4.2 Protection of personal and confidential data The protection of personal and confidential data is of the utmost priority in the digital age. Despite this, cost pressure, inattentiveness, lack of employee training, insufficient information assurance processes, and bad configurations repeatedly result in unwanted data leakage. ► Current situation internationally: Chapter 4.6 DDoS attacks for various purposes DDoS attacks against enterprises and governments are committed with various motives. The perpetrators either are trying to extort money by simple means, block political opinions (► Current situation internationally: Chapter 4.2), eliminate competitors (► Current situation in Switzerland: Chapter 3.3) or lure clients to the "right" offer (► Current situation internationally: Chapter 4.7). Frequency of attacks on Swiss e-banking systems compared with other countries Several financial service providers are using new, additional security solutions and have expanded their infrastructure so that criminal interest is waning. Various underground forums in Russia are even recommending against attacks in Switzerland, since online banking is too complex or the benefits are too limited. ► Chapter 5.3 and Appendix 7.2 3/37 MELANI – Semi-annual report 2009/II Information Assurance – Situation in Switzerland and Internationally 2 Introduction The tenth semi-annual report (July – December 2009) of the Reporting and Analysis Centre for Information Assurance (MELANI) presents the most significant trends involving the threats and risks arising from information and communication technologies (ICT). It provides an overview of the events in Switzerland and abroad, illuminates the most important developments in the field of prevention, and summarizes the activities of public and private actors. Explanations of jargon and technical terms (in italics) can be found in a Glossary (Chapter 6) at the end of this report. Comments by MELANI are indicated in a shaded box. Selected topics covered in this semi-annual report are outlined in Chapter 1. Chapters 3 and 4 discuss breakdowns and failures, attacks, crime and terrorism connected with ICT infrastructures. Selected examples are used to illustrate important events of the second half of 2009. Chapter 3 covers national topics, Chapter 4 international topics. Chapter 5 discusses trends and contains an outlook on expected developments. Chapter 7 is an Appendix with expanded explanations and instructions on selected topics covered in the semi-annual report. 4/37 MELANI – Semi-annual report 2009/II Information Assurance – Situation in Switzerland and Internationally 3 Current National ICT Infrastructure Situation 3.1 FDFA targeted by malware The Federal Department of Foreign Affairs (FDFA) was targeted by a professional virus attack. On 14 October 2009, a problem occurred on an FDFA server. The subsequent analysis by Microsoft found inconsistencies and third-party code. The FDFA then informed the Federal Office of Information Technology, Systems and Telecommunication (FOITT) and the Reporting and Analysis Centre for Information Assurance (MELANI) for initial inquiries. These inquiries showed that the FDFA had been targeted by a professional malware attack. Unknown perpetrators employed special software for this attack to penetrate the IT infrastructure of the department and to obtain targeted information. The malicious software was hidden very well and initially caused hardly any perceptible disruption of the IT infrastructure. As an emergency measure, the FDFA isolated its IT network from the Internet for several days. This was done to prevent data flowing to the outside and any manipulation of the IT infrastructure by third parties. This measure also affected various services, such as issuing of visas. In addition to FDFA IT specialists, experts from the FOITT and MELANI also participated in solving the technical challenges and in the investigations. The Office of the Attorney General initiated a criminal investigation of this matter. Attacks with malware are common nowadays. The various perpetrators vary the method of attack depending on their objective, motivation and know-how. Malware for the purpose of obtaining login and password data, for instance, is often broadly disseminated. This entails that enterprises or administrations may receive malware-infected
Recommended publications
  • A the Hacker
    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
    [Show full text]
  • The Botnet Chronicles a Journey to Infamy
    The Botnet Chronicles A Journey to Infamy Trend Micro, Incorporated Rik Ferguson Senior Security Advisor A Trend Micro White Paper I November 2010 The Botnet Chronicles A Journey to Infamy CONTENTS A Prelude to Evolution ....................................................................................................................4 The Botnet Saga Begins .................................................................................................................5 The Birth of Organized Crime .........................................................................................................7 The Security War Rages On ........................................................................................................... 8 Lost in the White Noise................................................................................................................. 10 Where Do We Go from Here? .......................................................................................................... 11 References ...................................................................................................................................... 12 2 WHITE PAPER I THE BOTNET CHRONICLES: A JOURNEY TO INFAMY The Botnet Chronicles A Journey to Infamy The botnet time line below shows a rundown of the botnets discussed in this white paper. Clicking each botnet’s name in blue will bring you to the page where it is described in more detail. To go back to the time line below from each page, click the ~ at the end of the section. 3 WHITE
    [Show full text]
  • MODELING the PROPAGATION of WORMS in NETWORKS: a SURVEY 943 in Section 2, Which Set the Stage for Later Sections
    942 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 16, NO. 2, SECOND QUARTER 2014 Modeling the Propagation of Worms in Networks: ASurvey Yini Wang, Sheng Wen, Yang Xiang, Senior Member, IEEE, and Wanlei Zhou, Senior Member, IEEE, Abstract—There are the two common means for propagating attacks account for 1/4 of the total threats in 2009 and nearly worms: scanning vulnerable computers in the network and 1/5 of the total threats in 2010. In order to prevent worms from spreading through topological neighbors. Modeling the propa- spreading into a large scale, researchers focus on modeling gation of worms can help us understand how worms spread and devise effective defense strategies. However, most previous their propagation and then, on the basis of it, investigate the researches either focus on their proposed work or pay attention optimized countermeasures. Similar to the research of some to exploring detection and defense system. Few of them gives a nature disasters, like earthquake and tsunami, the modeling comprehensive analysis in modeling the propagation of worms can help us understand and characterize the key properties of which is helpful for developing defense mechanism against their spreading. In this field, it is mandatory to guarantee the worms’ spreading. This paper presents a survey and comparison of worms’ propagation models according to two different spread- accuracy of the modeling before the derived countermeasures ing methods of worms. We first identify worms characteristics can be considered credible. In recent years, although a variety through their spreading behavior, and then classify various of models and algorithms have been proposed for modeling target discover techniques employed by them.
    [Show full text]
  • The Blogization of Journalism
    DMITRY YAGODIN The Blogization of Journalism How blogs politicize media and social space in Russia ACADEMIC DISSERTATION To be presented, with the permission of the Board of School of Communication, Media and Theatre of the University of Tampere, for public discussion in the Lecture Room Linna K 103, Kalevantie 5, Tampere, on May 17th, 2014, at 12 o’clock. UNIVERSITY OF TAMPERE DMITRY YAGODIN The Blogization of Journalism How blogs politicize media and social space in Russia Acta Universitatis Tamperensis 1934 Tampere University Press Tampere 2014 ACADEMIC DISSERTATION University of Tampere School of Communication, Media and Theatre Finland Copyright ©2014 Tampere University Press and the author Cover design by Mikko Reinikka Distributor: [email protected] http://granum.uta.fi Acta Universitatis Tamperensis 1934 Acta Electronica Universitatis Tamperensis 1418 ISBN 978-951-44-9450-5 (print) ISBN 978-951-44-9451-2 (pdf) ISSN-L 1455-1616 ISSN 1456-954X ISSN 1455-1616 http://tampub.uta.fi Suomen Yliopistopaino Oy – Juvenes Print 441 729 Tampere 2014 Painotuote Preface I owe many thanks to you who made this work possible. I am grateful to you for making it worthwhile. It is hard to name you all, or rather it is impossible. By reading this, you certainly belong to those to whom I radiate my gratitude. Thank you all for your attention and critique, for a friendly talk and timely empathy. My special thanks to my teachers. To Ruslan Bekurov, my master’s thesis advisor at the university in Saint-Petersburg, who encouraged me to pursue the doctoral degree abroad. To Kaarle Nordenstreng, my local “fixer” and a brilliant mentor, who helped me with my first steps at the University of Tampere.
    [Show full text]
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX
    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
    [Show full text]
  • Security Chapter
    Barbarians at the Gateway (and just about everywhere else): A Brief Managerial Introduction to Information Security Issues1 a gallaugher.com case provided free to faculty & students for non-commercial use © Copyright 1997-2009, John M. Gallaugher, Ph.D. – for more info see: http://www.gallaugher.com/chapters.html Draft version last modified: Dec. 7 , 2009 – comments welcome [email protected] Note: this is an earlier version of the chapter. All chapters updated Dec. 2009 are now hosted (and still free) at http://www.flatworldknowledge.com. For details see the ‘Courseware’ section of http://gallaugher.com INTRODUCTION LEARNING OBJECTIVES: After studying this section you should be able to: 1. Recognize that information security breaches are on the rise. 2. Understand the potentially damaging impact of security breaches. 3. Recognize that information security must be made a top organizational priority. Sitting in the parking lot of a Minneapolis Marshalls, a hacker armed with a laptop and a telescope‐shaped antenna infiltrated the store’s network via an insecure Wi‐Fi base station. The attack launched what would become a billion‐dollar plus nightmare scenario for TJX, the parent of retail chains that include Marshalls, Home Goods, and T.J. Maxx. Over a period of several months, the hacker and his gang stole at least 45.7 million credit and debit card numbers, and pilfered driver’s license and other private information from an additional 450,000 customers2. TJX, at the time a $17.5 billion, Fortune 500 firm, was left reeling from the incident. The attack deeply damaged the firm’s reputation.
    [Show full text]
  • Analisis Y Diagnostico De La Seguridad Informatica De Indeportes Boyaca
    ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA “UNAD” ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 Trabajo de grado como requisito para optar el título de Especialista En Seguridad informática Ingeniero SERGIO CONTRERAS Director de Proyecto UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA UNAD ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ Firma del presidente del jurado _____________________________________ Firma del jurado _____________________________________ Firma del jurado Tunja, 06 de Octubre de 2014. DEDICATORIA El presente trabajo es dedicado en primera instancia a Dios quien día a día bendice mi profesión y me ayuda con cada uno de los retos que se me presentan a lo largo del camino de mi vida. A mi fiel compañero, amigo, cómplice y esposo, quien es la ayuda idónea diaria y mi fortaleza constante para seguir en el camino del conocimiento, quien no deja que me rinda y me apoya incondicionalmente para que día a día logre ser mejor persona. A mis familiares y compañeros de trabajo, por todo su amor, confianza y apoyo incondicional, a nuestros compañeros y profesores gracias por la amistad, la comprensión, los conocimientos y dedicación a lo largo de todo este camino recorrido que empieza a dar indudablemente los primeros frutos que celebramos. AGRADECIMIENTOS La vida está llena de metas y retos, que por lo general van de la mano con grandes sacrificios, por eso hoy podemos decir que gracias a Dios y nuestras familias esta meta se ha cumplido y seguramente vendrá muchas metas que harán parte de nuestro gran triunfo personal como familiar.
    [Show full text]
  • Download Slides
    Scott Wu Point in time cleaning vs. RTP MSRT vs. Microsoft Security Essentials Threat events & impacts More on MSRT / Security Essentials MSRT Microsoft Windows Malicious Software Removal Tool Deployed to Windows Update, etc. monthly since 2005 On-demand scan on prevalent malware Microsoft Security Essentials Full AV RTP Inception in Oct 2009 RTP is the solution One-off cleaner has its role Quiikck response Workaround Baseline ecosystem cleaning Industrypy response & collaboration Threat Events Worms (some are bots) have longer lifespans Rogues move on quicker MarMar 2010 2010 Apr Apr 2010 2010 May May 2010 2010 Jun Jun 2010 2010 Jul Jul 2010 2010 Aug Aug 2010 2010 1,237,15 FrethogFrethog 979,427 979,427 Frethog Frethog 880,246880,246 Frethog Frethog465,351 TaterfTaterf 5 1,237,155Taterf Taterf 797,935797,935 TaterfTaterf 451,561451,561 TaterfTaterf 497,582 497,582 Taterf Taterf 393,729393,729 Taterf Taterf447,849 FrethogFrethog 535,627535,627 AlureonAlureon 493,150 493,150 AlureonAlureon 436,566 436,566 RimecudRimecud 371,646 371,646 Alureon Alureon 308,673308,673 Alureon Alureon 441,722 RimecudRimecud 341,778341,778 FrethogFrethog 473,996473,996 BubnixBubnix 348,120 348,120 HamweqHamweq 289,603 289,603 Rimecud Rimecud289,629 289,629 Rimecud Rimecud318,041 AlureonAlureon 292,810 292,810 BubnixBubnix 471,243 471,243 RimecudRimecud 287,942287,942 ConfickerConficker 286,091286, 091 Hamwe Hamweqq 250,286250, 286 Conficker Conficker220,475220, 475 ConfickerConficker 237237,348, 348 RimecudRimecud 280280,440, 440 VobfusVobfus 251251,335, 335
    [Show full text]
  • Twitter Taken Down by Ddos Attack August 2009
    the Availability Digest www.availabilitydigest.com Twitter Taken Down by DDoS Attack August 2009 On Thursday, August 6, 2009, the Twitter social networking site went down. It suffered repeated outages, timeouts, and serious slowdowns for at least two days. What caused this failure? To add to the mystery, Facebook and LiveJournal simultaneously had similar problems. Were these outages somehow related? They occurred at about the same time as the 2009 Defcon 17 hackers conference held from July 30th to August 2nd. Could this have been some misguided mischief? But first, what is Twitter? For those who haven’t yet become addicted, Twitter is a microblogging social networking site that allows users to communicate what they are doing to their “followers” at any time via 140-character text messages, or “tweets.” Twitter was born in 2006 and has exploded in use. It currently has about five-million registered users, and an estimated 45 million people follow these users via their tweets. Twitter sprung into the mainstream when Republican presidential candidate John McCain joined the 21st century technology by embracing tweeting following the 2008 U.S. presidential election. Even more recently, and perhaps more importantly, Twitter was the primary communication mechanism to the rest of the world from those Iranians participating in the major rallies decrying the recent Iranian presidential election process. The untimely death of Michael Jackson also saw a massive increase in tweet volume. The Twitter Outage Access to Twitter Lost Twitter has not been known for its availability record. Pingdom, a web-site monitoring service,1 reports that Twitter was down for 84 hours in 2008, achieving only a 99% uptime.2 It should be noted, however, that Twitter is working hard to improve this record; and its uptime improved significantly in the second half of 2008.
    [Show full text]
  • An Analysis of the Nature of Groups Engaged in Cyber Crime
    International Journal of Cyber Criminology Vol 8 Issue 1 January - June 2014 Copyright © 2014 International Journal of Cyber Criminology (IJCC) ISSN: 0974 – 2891 January – June 2014, Vol 8 (1): 1–20. This is an Open Access paper distributed under the terms of the Creative Commons Attribution-Non- Commercial-Share Alike License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. This license does not permit commercial exploitation or the creation of derivative works without specific permission. Organizations and Cyber crime: An Analysis of the Nature of Groups engaged in Cyber Crime Roderic Broadhurst,1 Peter Grabosky,2 Mamoun Alazab3 & Steve Chon4 ANU Cybercrime Observatory, Australian National University, Australia Abstract This paper explores the nature of groups engaged in cyber crime. It briefly outlines the definition and scope of cyber crime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cyber crime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cyber crime. Enterprise or profit-oriented activities, and especially cyber crime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command. Keywords: Cybercrime, Organized Crime, Crime Groups; Internet Crime; Cyber Offenders; Online Offenders, State Crime.
    [Show full text]
  • [Evillar] Tesis Doctoral
    Campus Universitario Dpto. de Teoría de la Señal y Comunicaciones Ctra. Madrid-Barcelona, Km. 36.6 28805 Alcalá de Henares (Madrid) Telf: +34 91 885 88 99 Fax: +34 91 885 66 99 DR. D. SANCHO SALCEDO SANZ, Profesor Titular de Universidad del Área de Conocimiento de Teoría de la Señal y Comunicaciones de la Universidad de Alcalá, y y DR. D. JAVIER DEL SER LORENTE, Director Tecnológico del Área OPTIMA (Optimización, Modelización y Analítica de Datos) de la Fundación TECNALIA RESEARCH & INNOVATION, CERTIFICAN Que la tesis “Advanced Machine Learning Techniques and Meta-Heuristic Optimization for the Detection of Masquerading Attacks in Social Networks”, presentada por Esther Villar Ro- dríguez y realizada en el Departamento de Teoría de la Señal y Comunicaciones bajo nuestra dirección, reúne méritos suficientes para optar al grado de Doctor, por lo que puede procederse a su depósito y lectura. Alcalá de Henares, Octubre 2015. Fdo.: Dr. D. Sancho Salcedo Sanz Fdo.: Dr. D. Javier Del Ser Lorente Campus Universitario Dpto. de Teoría de la Señal y Comunicaciones Ctra. Madrid-Barcelona, Km. 36.6 28805 Alcalá de Henares (Madrid) Telf: +34 91 885 88 99 Fax: +34 91 885 66 99 Esther Villar Rodríguez ha realizado en el Departamento de Teoría de la Señal y Comunica- ciones y bajo la dirección del Dr. D. Sancho Salcedo Sanz y del Dr. D. Javier Del Ser Lorente, la tesis doctoral titulada “Advanced Machine Learning Techniques and Meta-Heuristic Optimiza- tion for the Detection of Masquerading Attacks in Social Networks”, cumpliéndose todos los requisitos para la tramitación que conduce a su posterior lectura.
    [Show full text]
  • WEB THREATS, SECURITY, and Ddos Due to the Constantly Changing Threat Landscape, Keeping Corporate Networks Secure Is Particularly Tricky These Days
    Sponsored by WEB THREATS, SECURITY, AND DDoS Due to the constantly changing threat landscape, keeping corporate networks secure is particularly tricky these days. Threats continue to increase and evolve as attackers attempt to stay one step ahead of their targets, employing new technology, social engineering scams, and the element of surprise. Distributed Denial-of-Service (DDoS) attacks continue to plague organizations, while newer strategies such as advanced persistent threats (APTs) and spear phishing are becoming more common. In these articles, Network World and its sister publications CSO, CIO, InfoWorld, and Computerworld offer news, advice, and commentary on securing modern enterprise IT environments. IN THIS eGUIDE 2 What it’s like 4 Ponemon 5 PayPal CISO: 8 The Internet 10 Spear 12 The DDoS 14 Phishing still 16 Internet to get hit with a study: Cyber DDoS one big needs its own phishers sharpen Hall of Shame rules, because Security DDoS attack attacks more security threat Weather Channel skills, craft ‘in- Distributed denial- we’re still gullible Resources Akamai often finds frequent, severe among many An Internet early- credible’ attacks, of-service attacks Despite more than a Additional tools, tips itself scrambling to Most respondents say PayPal CISO Michael warning system would says experts like those against decade of warnings, and documentation to WordPress now part stop a DDoS attack they expect to be hit Barrett also urges help organizations stay But rash of targeted users still readily fall help guide you through of the
    [Show full text]