Whenever I go to Black Hat USA security
conference in Las Vegas, don’t know
whether I feel more knowledgeable about the state of IT security - or if I’m
more concerned. Honestly, it’s probably a little bit of both. This year’s show
was no different.
One of the more frightening items of
research this year will certainly give hotel-goers around the world something
to think about. Security researcher Cody Brocious revealed in his presentation
just how easy it is to pick hotel electronic locks. The researcher demonstrated how certain types of hotel locks can be
bypassed to gain access to the room using little more than the open
source portable programming platform known as Arduino.
Another very interesting bit of research
came from two university researchers who managed to create a “replicated eye”
that is capable of fooling iris biometric scanners into allowing
authentication. The team printed synthetic iris image codes of actual irises
stored in a database. You can read more about their research here.
Even Microsoft’s upcoming operating system
didn’t get through the conference unscathed, with a researcher highlighting ways the security of the operating system can be bypassed,
such as applications being able to hijack Internet access rights of other
applications, and other potential vulnerabilities. While the researcher says
Windows 8 has many security benefits over its predecessors, there will still be
zero-day vulnerabilities just waiting to be found.
And in the days after Black Hat at DefCon,
a 10-year old hacker was recognized at the very first DefCon Kids, an overlay at DefCon, for finding
a way to exploit mobile apps via the manipulation of the device’s system
clocks.
Other interesting research included tools
that made it possible to circumvent web application firewalls, the ease in
which database permissions can be bypassed, and a growing number of known ways
to hack smartphones.
All of this goes to show that the
imagination (and age!) of attackers has no limits. And, inherently, no system
can be trusted to be fully secure and impenetrable. As someone who has spent so
much time in the IT security industry that’s a humbling reminder that no matter
how much we focus on prevention - someone will always be able to figure and
make their way through the walls we’ve put in place.
This makes it essential that organizations
be able to identify any potentially nefarious changes and unknown data or
processes in their environment. That means, of course, enterprises need to know
what their systems look like when pristine and healthy. That’s the only way to
be able to spot the unknown in the environment, and be able to clamp down on
the attack as soon as is possible. And that’s an important part of the
philosophy behind EnCase Cybersecurity.
It also means that a focus on incident
response is as important as ever. It’s the organizations that can identify,
clamp down upon, and successfully mitigate the damage of breaches that will, I
believe, prove to be the most effective at information security. And effective
incident response is a subject we just treated at some length.
No comments :
Post a Comment