State-Sponsored CyberAttacks Expected To Rise 33
wiredmikey writes "According to a report released today, IT security professionals will see a rise in State-sponsored attacks, like the Stuxnet worm, that will build on concepts and techniques from the commercial hacker industry to create more powerful 'Advanced Persistent Threats.' The researchers also expect an increase in compromised mobile devices leading to data theft or loss as a result of lagging security measures, and that next year will bring the first major data breaches as a result of compromised devices. The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks."
A rise? (Score:5, Insightful)
Re:A rise? (Score:4, Insightful)
Neuromancer, William Gibson. 1984.
Truth - stranger than fiction, if lagging a bit in time.
Re: (Score:3, Insightful)
To know there is a rise you would need to have some kind of baseline on the current situation.
You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.
Re:A rise? (Score:4, Insightful)
You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.
Is that an accurate prediction?
What if the week before it was raining more, like a monsoon, and the week after it was hit with tidal wave?
Point is, the fact that you know its happening doesn't actually mean it's going up. You need to know what it was like before for it to have any meaning.
Your whole point was based on the assumption that it wasn't raining before your week started, thus, you knew the existing preconditions.
Re: (Score:1, Funny)
yes, it's still a prediction.
Yes it's probibly accurate (note: the amount of rain receved is enough information to make accurate assesments, while still not knowing the original river-depth)
what it is NOT is testable.
just because a prediction is untestable has no bearing on it's accuracy.
Re: (Score:3, Funny)
just because a prediction is untestable has no bearing on it's accuracy.
It has a huge bearing on its accuracy, you can't BE accurate without testing it!
"Aliens live on mars" - I can claim that is an accurate prediction so long as we do not test that claim.
Re: (Score:2, Insightful)
You don't need a baseline on the water level - you need a baseline on the rate of rainfall. To predict a rise in attacks, you would need to know t
Re: (Score:3, Informative)
In terms of the actual article, I interpreted that MozeeToby [slashdot.org] was saying that just because one don't know current amount of government sponsored IT attacks does
Re: (Score:1)
More to the point, while the current level of the river may not affect a safe assumption about the rise, the prediction is pretty worthless without such supporting information. Also pretty basic stuff that you almost certainly know and recognize. Yet you try to gloss it over. Not only is this info
Re: (Score:2)
In this case you have no idea how much it has previously rained, somebody (selling umbrellas) has just predicted it will probably rain even more next year.
I'm not saying you are wrong, just saying it's probably already far more common then one would assume (given how little it's talked about).
Re: (Score:1, Flamebait)
I don't think anyone knows how much state sponsored cyber attacks are currently going around, but I would imagine quite a bit.
Well, maybe we should try the polite approach and just ask every country, about their state-sponsored CyberAttacks? I'm sure almost every country would be willing to oblige. If not, the U.N. Security Council could pass a resolution requiring states to divulge their CyberHankyPanky. That would have them all quaking in their boots!
Until then, buy more CyberSecurity products! It's good, clean, wholesome fun!
Re: (Score:2)
To know there is a rise you would need to have some kind of baseline on the current situation..
Even if there are zero now it is reasonable to predict there will be a rise in the number.
weeeeeeee (Score:5, Insightful)
Re: (Score:2, Flamebait)
Not only that, but the threat will be "right in the palm of your hand" and that should be scary enough for the average IT joe to spend some not so average cash on a problem that can't be quantified. How many apps does the average idiot download anyway? I stopped after 50 first month with my iPod and have not upgraded or bothered to find any since. Like the apps on facebook, the apps on the app store are mostly useless crap for shitheads. Period.
Re: (Score:2, Insightful)
Re: (Score:1)
you're confusing the AV market with the security market. the AV market is always behind the new virus'/worms because that's what they do, wait for some virus to come out and once it gets popular create a definition for it. The security industry on the other hand is constantly finding and reporting new vulnerabilities in software. Sure there's still something to be desired with the security vendors but they are definitely stepping up to brawl with state funded players. Well maybe not qualys or rapid 7, t
I add between 50-2000 new bad sites a day... apk (Score:1, Insightful)
To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...
Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:
Spybot Search & Destroy's "IMMUNIZE" feature
http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp= [malwareurl.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://securitylabs.websense.com/content/alerts.aspx [websense.com]
http://www.stop [stopbadware.org]
Re: (Score:2)
Companies that sell networking solutions will start promoting parallel networks. An inside secure network and an outside less secure network, with separate devices on both networks and no connection between the two networks. Hardware is cheap enough and you can wire the secure network and wireless the insecure network.
So insecure personal, email and internet access, secure everything else and when it leave s the office it only does so on dedicated lines, hard copy or controlled and specifically checked d
Woah (Score:1)
Update or die. (Score:1, Funny)
I want to see this force carriers to make available up-to-date software on phones, even if they're a year or two old.
Comment removed (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
this is a security company telling you information that drives their sales. its like an ice cream manufacturer saying "i see a need for more ice cream in the future."
im surprised slashdot hasnt become more abrasive toward this type of annoying product placement and corporate fear mongering.
That's because We Like Ice Cream; We love it. We can not resist ice cream. To resist is hopeless... [youtube.com]
APT? Why the need for a new acronym? (Score:1)
Or in other words:
The fact is this - malware has always had the ability to be updated in the field, it has always been able to be remote controlled, and it has always had the ability to spawn a remote shell to a live attacker. And, it has always had the ability to scan the file-system for files like source-code and CAD drawings, and it has always had the ability to exfiltrate those files. At all times and without exception, these malware programs have been operated by real and persistent humans at the other end. The malware doesn't operate itself, it's not an automaton. For the last 365 days, I just called that malware.
http://fasthorizon.blogspot.com/2010/02/is-term-malware-eclipsed-by-apt.html [blogspot.com]