5 Events in 2011 That Challenged Online Security and Trust Assumptions

2011 is only three-quarters through. Yet, so much has already happened in the world of infosec this year that I’d like to start thinking about the events that have challenged our online security and trust assumptions.

  • Data breach at RSA allowed attackers to compromise aspects of the SecurID product and led to compromises of defense contractors and possibly other firms. Until this incident, the effectiveness of SecurID specifically and token-based authentication in general as a security control was rarely, if ever, questioned.
  • A surge in MacDefender malware for OS X, and the ease with which this rogue antivirus program spread demonstrated that OS X was also vulnerable to infections. While Apple issued software updates in attempts to curtail the spread of MacDefender, the company’s arguably slow response hinted on the company’s relative inexperience at dealing with such incidents.
  • The appearance of ZeuS malware modules for mobile devices allowed attackers to intercept SMS authentication codes. By infecting both the victim’s PC and mobile phone, the attackers obtains victims’ banking logon credentials from the infected computer and could collect one-time authentication codes transmitted to their phones. This development highlighted the limitation of relying on the phone as the foolproof authentication token.
  • The re-emergence of malicious hacking groups that compromised data for political and other causes or just for fun highlighted the diversity and vulnerability of potential targets. (Anonymous and LulzSec are the most prominent examples of such groups.) Their attack campaigns have caused many organizations that were complacent in their perspective on information security to reexamine their infosec posture.

These events are acting as catalysts for changing the threat models we use to secure data, networks and applications. If there were other critical events that I failed to list, please leave a comment. What will the remainder of 2011 bring? We’ll know soon enough.

Hand-picked related items:

Lenny Zeltser

Updated

About the Author

Lenny Zeltser is a seasoned business and technology leader with extensive information security experience. He presently oversees the financial success and expansion of infosec services and SaaS products at NCR. He also trains incident response and digital forensics professionals at SANS Institute. Lenny frequently speaks at industry events, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more