5 Events in 2011 That Challenged Online Security and Trust Assumptions

2011 is only three-quarters through. Yet, so much has already happened in the world of infosec this year that I’d like to start thinking about the events that have challenged our online security and trust assumptions.

  • Data breach at RSA allowed attackers to compromise aspects of the SecurID product and led to compromises of defense contractors and possibly other firms. Until this incident, the effectiveness of SecurID specifically and token-based authentication in general as a security control was rarely, if ever, questioned.
  • A surge in MacDefender malware for OS X, and the ease with which this rogue antivirus program spread demonstrated that OS X was also vulnerable to infections. While Apple issued software updates in attempts to curtail the spread of MacDefender, the company’s arguably slow response hinted on the company’s relative inexperience at dealing with such incidents.
  • The appearance of ZeuS malware modules for mobile devices allowed attackers to intercept SMS authentication codes. By infecting both the victim’s PC and mobile phone, the attackers obtains victims’ banking logon credentials from the infected computer and could collect one-time authentication codes transmitted to their phones. This development highlighted the limitation of relying on the phone as the foolproof authentication token.
  • The re-emergence of malicious hacking groups that compromised data for political and other causes or just for fun highlighted the diversity and vulnerability of potential targets. (Anonymous and LulzSec are the most prominent examples of such groups.) Their attack campaigns have caused many organizations that were complacent in their perspective on information security to reexamine their infosec posture.

These events are acting as catalysts for changing the threat models we use to secure data, networks and applications. If there were other critical events that I failed to list, please leave a comment. What will the remainder of 2011 bring? We’ll know soon enough.

Hand-picked related items:

Lenny Zeltser

Updated

About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more