“Murphy's Law of Hackers” or Cisco’s Security 2010 Report

“The more complex things become, the more vulnerable”

Published on January 24, 2011 By DrJBHL In Personal Computing

This isn’t Murphy's Law. It’s mine: “The more complex things become, the more vulnerable”.

This is dedicated to tazgecko for reminding me to get off my duff and do this article. Thanks, mate, and an early, Happy Oz Day to you!

So, Cisco has put out it's 2010 Security Report analyzing events and projecting trends for 2011.

Link: http://www.cisco.com/en/US/prod/collateral/vpndevc/security_annual_report_2010.pdf

The Good:

There have been several large botnets “taken down” as a result of heightened Law Enforcement activity and prosecution. This has resulted in much less spam (90% less, in fact), and fewer attacks, but the number and rate are still alarming.

Also, large software vendors like Microsoft and Apple have been improving updates and notifications to customers about potential/actual flaws and patches or other “mitigators”.

The Bad:

Apple has been forced to deploy more than sixty patches to it's iOS 4 mobile platform and the Zeus-Trojan targeting Symbian OS phones are proof that miscreants are trying to exploit “Zero Day” vulnerabilities. I've reported on that in prior articles with respect to iE and all Windows OS's except W7.

Simply put, we're seeing evolution at work: Our “antibiotics” are creating more and more cybercriminals seeking easier “targets of opportunity”. The cybercriminals are moving from the desktop to the mobile devices.

Worse, efforts at “jail breaking” phones and other devices removes them from the security umbrella that was built into limiting their “point of access”.

The Stuxnet trojan/virus is another example, although it's purported use against Iran's nuclear effort was “good”, it will be modified by hackers for “bad” ends: Identity theft and other nefarious purposes.

So, while brief, and these are just some of the high points (or low points) from the forty five page Cisco Report, this summary should “encourage” you to “be careful out there”.

Comments (Page 2)

DrJBHL

on Jun 09, 2011

Sources cited in OP (and the screenshot - searchsecurity.com).

ElanaAhova

on Jun 09, 2011

RANT: Yes, the hackers are an intelligent lot. I understand from another tread that the CIA? NSA? has 'hired' a number of them to help with their agencies's cyber abilities. I wonder if the 'free lance' hackers still out there will ever back off of hacking into consumer data banks. Such hacking generally tends to hurt regular individuals... and not the secretive aspects of gov-corporations.

I suppose, if they wanted to really help, why don't they help all the rest of us regular people actually see and know what the secrative coroprations, (who aren't beholden to any one anymore), are really doing. Govermental sunshine laws get evaded pretty easially, it seems. Wish they would stop picking on us,,, and pick on someone their own size... PS: Wiki - leaks could have blocked out the names of low level functunaries, and protected regular people from reprocussions... they didn't. (end rant)

Seriously, I was not able to view the video "Ant... virus" and when I went to the hungry site, it said it could 'only be viewed from Australia.' Never received a message like that before. Any advice? It did mention a video of a 'switch to turn the internet off, as well...

Seems like Stuxnet was designed to nail specific systems. I keep wondering why so many of these computer systems are hooked up to the internet all the time. Why can't they be 'freestanding' most of the time, and have real people, on real phone / video links, etc, actually talking with one another before opening the link, for just enough tiime to transfer whatever had to be sent via web? It seems the more we remove people from the equation, the more we end up with potrentially massive problems. Why do nuclear plants, or oil wells, or electricity transmitting plants have to wired into the Web all the time, and therby expose themselves, all the time, to incoming malware?

Doc, yes, Israel has made so many truly revolutionary inventions, and application. many have been medical and many people, including some high levle arab leaders, owe their lives to some of the medical breakthroughs. They do militrary research, too, i suspect. I understand that they routenely take any system they get from the US, or wherever, and upgrade it with their own software, etc. Is true? (Or will they have to kill you if you tell us? SMILE)?

Dr Guy

on Jun 09, 2011

DrJBHL

reply 11

Depends who's doing what to whom (and why): Case in point - Israel and Iran... I don't believe Israel built the trojan/virus, but I believe they used it effectively against a sworn enemy and knowing a little about the technology capabilities of Israel, if they wanted to build one, it'd make Stuxnet look like a common cold compared to the plague.

Good point! I thought he Stuxnet was kind of kludgy to be created by Mossad. But then that may have been by design (to introduce FUD).

DrJBHL

on Jun 09, 2011

Wouldn't have been Mossad. Probably would have been Unit 8200 which came from the IDF SigInt branch, and which is now the IDF Cyber Command, if the attack came from Israel. It could have come from anywhere, though.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!