Category: Threat Actors

Threat Actors are people who are acting counter to you or your organization’s interest. They are a threat to yourself, your family, your community, your organization (company), your society, and your nation. They cannot be taken for granted. You can classify the world in the four key threat actor categories:

Cyber-Criminal Threats – Cyber-Crime is an International Legal problem that has no short term resolution. There will always be someplace in the world that is a harbor for cyber-criminal activity.
Nation State Threats – Post-Snowden, the secret world of nation-state security is now all in the open. Your network is a valid “Battle Space” for any Cyber-War.
Political, Patriotic, Protestors (P3) – There are always going to be someone, somewhere, who is upset with society – with the ability to make their anxiety know through any network – anywhere.
Corporate Threats (New!) – The dialog between US & China will accelerate the corporate on corporate threat vector.

Security Organizations

There are many Security Organizations in the world all working towards the goal of a more secure & resilient Internet. This is an ongoing list of known security organization. Security Groups 10 Years and Older Forum of Incident Response and Security Teams (FIRST) – FIRST is the Forum of Incident Response and Security Teams. The

Hardware & Software Vulnerabilities are Guaranteed

Posted on June 23, 2018June 23, 2018

The long years of experience have taught me through experience, hardware & software vulnerabilities are guaranteed. It is not a matter of “if” but when. The sad reality is that most hardware and software vendors are not ready for vulnerabilities when they happen. Their response ranges from “I’m going to take legal suit” against the Read More

BGP Route Hijacks & Routing Mistakes – What can be done Today?

Protecting your Business, Customers, & the Internet from BGP Route Hijacking Chaos? (DRAFT – Version 0.11) The Internet is glued together with the Board Gateway Protocol (BGP). It may not be perceived as the “perfect” protocol, but it has delivered a transformative global network that spans the Internet and all telecommunications. It is stable, transparent,

Are your customers infected with VPNFilter?

Posted on June 6, 2018June 7, 2018

Everyone is talking about VPNFilter, but there is little information to know if my customers, my staff, or my own home is at risk? How do can I get plugged in? Understanding if you are at risk would be helpful to know if you need to drop everything and fix it now, fix it this Read More

7 Habits of Highly Effective Cyber-Criminals

Posted on June 4, 2018June 6, 2018

Yes, there are habits of highly effective cyber-criminals use to be successful! We can leverage the knowledge of these habits to better prepare, defend, and attribute attacks. To understand where these habits were first observed, we must go back to the point where the Internet explosion was creating the opportunity for new criminal enterprises. Read More

Meaningful Security Conversations with your Vendors

How does any organization have productive and meaningful security conversations? This guide offers a simple and meaningful security conversation guide. These conversations would help the organization determine the real security risk from their vendors. This is an updated version of a set of questions Operators (and vendors) can use to have these meaningful conversations. With

Using the DNS Resolver to Protect Networks

Posted on February 11, 2018February 27, 2018

Smart organizations use the DNS Resolver to Protect Networks. Here is why … A typical story ….. Imagine walking in to work the first thing in the morning. Your staff comes into the office. They get their coffee, fire up their computer, and check out the morning industry news. Your staff is alert, applies Read More

CLDAP Reflection Attacks are Increasing! Why? Preventable!!!

Posted on November 2, 2017November 2, 2017

Yes, CLDAP Reflection Attacks are increasingly used in DOS attacks! Everyone was warned! We have lots of data which illustrated how CLDAP is being used for reflection DOS attacks. Now we have the news from Netlab 360 that CLDAP is now the #3 protocol used for DOS reflection attacks – CLDAP is Now the No.3 Read More

Is it time to build an “SP Anti-DOS Alliance?”

Posted on August 22, 2017February 11, 2018

Is it time to build an “SP Anti-DOS Alliance” is the first of several blogs. It will be a brain dump of what collaborative actions have and has not been working within the industry. Last week, I posted a Linkedin update on the Operator’s Security Toolkit. A long term colleague, Eddie Chan, pointed out the Read More

Vendor Security

Vendor Security – This document has been updated and maintained here: How to Demand Security from your Vendors Demand Security from your vendors! What security questions are you asking your vendors? The Bloomberg article, “How Russian Hackers Stole the Nasdaq,” is a sobering insight into today’s risk. It should be a wake-up call for all organizations in