Five Ways to Spot an Internal Security Threat

A significant number of cybersecurity threats come from within an organization’s own network. Companies that devote substantial resources to detecting and preventing external attempts to hack their electronic networks often ignore the internal security threats that create a greater risk. Every organization’s cybersecurity policy should include mechanisms to detect and mitigate the five most common internal security problems.

 

 

1. Remote Access Software

Companies give employees the opportunity to work from home and to participate in meetings through remote access software, but that software provides an easy pathway for hackers to access a company’s networks. In one case study, a software company let its employees use TeamViewer software for online meetings. A spyware program that had slipped into one employee’s home computer, however, gave hackers a keystroke log that they then used to hack into the company’s network with the employee’s TeamViewer sign-in ID. Remote access software tools are convenient, but a company’s cybersecurity efforts needs to reflect added controls that are required to prevent the potential for abuses connected with that software.

2. Loss of Sensitive Information Through Email

Employees might intentionally or negligently attach confidential or proprietary documents and information to email that they send to external servers. Hackers can use those documents and that information as levers to delve deeper into an organization’s network. An organization can install scanning tools and other network monitors to watch the kind and quality of information that employees are sending outside of an internal email system. Employees who are intent on stealing information can encrypt it to defeat those tools, but those tools do provide a first level of defense against this type of internal threat.

3. Peer-to-Peer File Sharing

The greater trend in companies is to ban peer-to-peer file sharing over IM and other similar systems, but many vestiges of those systems remain and continue to pose significant cybersecurity risks for those companies. Every company’s cybersecurity policy needs to address this risk and, if feasible, to require the deletion of any peer-to-peer software that employees may be using to upload files or to share information.

4. Use of Insecure Wireless Networks

People use wireless networks to connect their mobile devices to the internet and to save their data allotments on those devices, but an unsecured network that has no password protection exposes every device on that network to every other device. Hackers have developed techniques to access sensitive information in mobile devices on those unsecured networks. A company’s cybersecurity policy should include instructions for all employees to turn off file sharing on mobile devices and to manage other privacy settings. Companies can also set up virtual private networks (“VPN’s”) on all employee mobile devices to add an additional layer of protection when employees use those devices on a public Wi-Fi network.

5. Blogging and Discussion Boards

Even an innocuous comment by an employee on a public message board can lead to deeper and more serious cybersecurity problems than a company might expect. An employee who posts a comment about his employer immediately identifies himself and his relationship with the employer. Hackers can build on that information to collect additional data about an employee, and the sum total of all of that data can give the hacker a platform to access the employer’s internal networks. Every corporate cybersecurity policy should include strict restrictions on the type of information that an employee can post on a public blog or discussion board.

All threats to an organization’s information systems and networks should be taken very seriously. Regarding internal threats, employees may have the best of intentions with respect to their actions, but those intentions can lead to egregious problems if they are not managed or curtailed properly.

Comparison of OSI Reference Model and TCP/IP Reference Model

Comparison of OSI Reference Model and TCP/IP Reference Model

Following are some major differences between OSI Reference Model and TCP/IP Reference Model, with diagrammatic comparison below.

OSI(Open System Interconnection)	TCP/IP(Transmission Control Protocol / Internet Protocol)
1. OSI is a generic, protocol independent standard, acting as a communication gateway between the network and end user.	1. TCP/IP model is based on standard protocols around which the Internet has developed. It is a communication protocol, which allows connection of hosts over a network.
2. In OSI model the transport layer guarantees the delivery of packets.	2. In TCP/IP model the transport layer does not guarantees delivery of packets. Still the TCP/IP model is more reliable.
3. Follows vertical approach.	3. Follows horizontal approach.
4. OSI model has a separate Presentation layer and Session layer.	4. TCP/IP does not have a separate Presentation layer or Session layer.
5. OSI is a reference model around which the networks are built. Generally it is used as a guidance tool.	5. TCP/IP model is, in a way implementation of the OSI model.
6. Network layer of OSI model provides both connection oriented and connectionless service.	6. The Network layer in TCP/IP model provides connectionless service.
7. OSI model has a problem of fitting the protocols into the model.	7. TCP/IP model does not fit any protocol
8. Protocols are hidden in OSI model and are easily replaced as the technology changes.	8. In TCP/IP replacing protocol is not easy.
9. OSI model defines services, interfaces and protocols very clearly and makes clear distinction between them. It is protocol independent.	9. In TCP/IP, services, interfaces and protocols are not clearly separated. It is also protocol dependent.
10. It has 7 layers	10. It has 4 layers

---

Diagrammatic Comparison between OSI Reference Model and TCP/IP Reference Model

KEY TERMS in Computer Networks

Following are some important terms, which are frequently used in context of Computer Networks.

Terms	Definition
1. ISO	The OSI model is a product of the Open Systems Interconnection project at the International Organization for Standardization. ISO is a voluntary organization.
2. OSI Model	Open System Interconnection is a model consisting of seven logical layers.
3. TCP/IP Model	Transmission Control Protocol and Internet Protocol Model is based on four layer model which is based on Protocols.
4. UTP	Unshielded Twisted Pair cable is a Wired/Guided media which consists of two conductors usually copper, each with its own colour plastic insulator
5. STP	Shielded Twisted Pair cable is a Wired/Guided media has a metal foil or braided-mesh covering which encases each pair of insulated conductors. Shielding also eliminates crosstalk
6. PPP	Point-to-Point connection is a protocol which is used as a communication link between two devices.
7. LAN	Local Area Network is designed for small areas such as an office, group of building or a factory.
8. WAN	Wide Area Network is used for the network that covers large distance such as cover states of a country
9. MAN	Metropolitan Area Network uses the similar technology as LAN. It is designed to extend over the entire city.
10. Crosstalk	Undesired effect of one circuit on another circuit. It can occur when one line picks up some signals travelling down another line. Example: telephone conversation when one can hear background conversations. It can be eliminated by shielding each pair of twisted pair cable.
11. PSTN	Public Switched Telephone Network consists of telephone lines, cellular networks, satellites for communication, fiber optic cables etc. It is the combination of world’s (national, local and regional) circuit switched telephone network.
12. File Transfer, Access and Management (FTAM)	Standard mechanism to access files and manages it. Users can access files in a remote computer and manage it.
13. Analog Transmission	The signal is continuously variable in amplitude and frequency. Power requirement is high when compared with Digital Transmission.
14. Digital Transmission	It is a sequence of voltage pulses. It is basically a series of discrete pulses. Security is better than Analog Transmission.

---

Twitter says it will ban Trump if he violates hate-speech rules

[caption id="" align="alignleft" width="536"] In this Aug. 20, 2016 file photo, then Republican presidential candidate Donald Trump speaks at a campaign rally in Fredericksburg, Va.. (AP Photo/Gerald Herbert, File)  (Copyright 2016 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistribu)[/caption]

Twitter has flexed its social media muscle lately, cracking down on hate-speech. And now the social network got a potentially bigger fish to fry -- President-elect Donald Trump. The nation's incoming Chief Executive has long been known to have a somewhat volatile Twitter account. Slashdot notes that earlier this week, the company told Slate that "it would consider banning key government officials, even the president, if its rules against hate speech or other language were violated."

You can imagine the hit the Twitter servers would take if this happened. "The Twitter Rules apply to all accounts," a spokesperson said. Interestingly, Facebook takes a different approach. According to Slate, despite employee objections, the normal Facebook community standards will not apply to Trump posts, given their newsworthiness and widespread support for his views.

More: Reddit CEO warns Trump subreddit will be banned if harassment continues

For the record, the American Bar Association defines hate speech as "Speech that offends, threatens, or insults groups, based on race, color, religion, national origin, sexual orientation, disability, or other traits."

This poses an interesting conundrum for one of social media's leading platforms. Look at the concepts in play here -- the company has issued set of policies that end users need to adhere to. That's nothing new, as all companies have a set of guidelines in one form or another. Sometimes, though, those policies conflict with the right of free speech. And then you have the obvious PR problem of potentially removing the account of the new President of the United States (we assume @RealDonaldTrump will just point to the dedicated account of @Potus from January 20 onward).

QZ.com said "Republicans have grown wary of Trump's unfiltered, potentially inflammatory tweets." Newt Gingrich is an adviser and vice-chairman of Trump's transition team, and said a recent tweet from the president-elect about illegal voters was "out of line." Gingrich added in USA Today, "The president of the United States can't randomly tweet without having somebody check it out. It makes you wonder about whatever else he's doing. It undermines much more than a single tweet."

 

Anonymous Hacktivist 'Barrett Brown' Released From Prison

Barrett Brown, a journalist, formerly served as an unofficial spokesman for the hacktivist collective Anonymous, finally walked free from prison on Tuesday morning after serving more than four years behind bars.

The Dallas-born investigative journalist was arrested in 2012 from his home while he was in the middle of an online chat after posting tweets and YouTube video threatening revenge against an FBI agent.

Brown, 35, initially attracted the law enforcement attention in 2011 when he shared a hyperlink to an IRC (Internet Relay Chat) channel where Anonymous members were distributing stolen information from the hack at security think tank Strategic Forecasting or Stratfor.

The hack allegedly exposed 200 gigabytes of data, which included email addresses and credit card information from Stratfor clients, including the US Army, US Air Force, and Miami Police Department.

Originally facing sentence to more than 100 years in prison, Brown was convicted in January 2015 under a plea agreement with prosecutors to almost five years in jail and nearly $900,000 in restitution and fines.

The two and a half years he has spent in pretrial confinement after his arrest were credited toward his total prison sentence.

Brown eventually pleaded guilty to three federal counts of obstructing a search warrant, making Internet threats and being an accessory to unauthorized access of a protected computer.

According to the Department of Justice, sharing the hyperlink was a crime because "by transferring and posting the hyperlink, Brown caused the data to be made available to other persons online, without the knowledge and authorization of Stratfor and the card holders."

On Tuesday, Brown was released from the Three Rivers Federal Correctional Institution in San Antonio, Texas, where he continued his work as a writer over the past year.

WikiLeaks Publishes 60,000 Emails From Contractor HBGary

On his release five months before the scheduled date, Former National Security Agency (NSA) subcontractor Edward Snowden tweeted his reaction, saying:

"Jailed since 2012 for his investigations, #BarrettBrown has finally been released from prison. Best of luck in this very different world."

Meanwhile, the whistleblower site WikiLeaks also published more than 60,000 emails from US private intelligence firm HBGary to celebrate Brown's release.

Hacktivist collective Anonymous initially obtained the emails in February 2011, but WikiLeaks published them in the form of a searchable database on Tuesday. Among other things, the leaked emails discussed targeting journalists and governments.

Rule 41 — FBI Gets Expanded Power to Hack any Computer in the World

Hacking multiple computers across the world just got easier for the United States intelligence and law enforcement agencies from today onwards.

The changes introduced to the Rule 41 of the Federal Rules of Criminal Procedure by the United States Department of Justice came into effect on Thursday, after an effort to block the changes failed on Wednesday.The change grants the FBI much greater powers to hack into multiple computers within the country, and perhaps anywhere in the world, with just a single warrant authorized by any US judge (even magistrate judges). Usually, magistrate judges only issue warrants for cases within their jurisdiction.

That's the same the FBI did in its 2015 investigation into child pornography site Playpen, in which the agency hacked into some 8,700 computers across 120 different countries.The Supreme Court approved the changes to Rule 41 in April, allowing any U.S. judge to issue search warrants that give the FBI and law enforcement agencies authority to remotely hack computers in any jurisdiction, or even outside the United States.

Democratic Senator Ron Wyden attempted three times to block changes to Rule 41 that potentially risks people using Tor, a VPN, or some other anonymizing software to hide their whereabouts, but the efforts were blocked by Republican Senator John Cornyn of Texas.

The rule change should take effect on 1st December, today, barring surprises.

On the one hand, privacy advocates and legal experts have described the rule change as the extensive expansion of extraterritorial surveillance power that will allow agencies like the FBI to carry out international hacking operations with a lot less of a hassle.

On the other hand, the DOJ argued that the changes to the rule will help investigate modern internet criminals, allowing investigators access computers whose locations are "concealed through technological means," like the Tor anonymity network or VPNs (Virtual Private Networks), and devices used in botnets that have become powerful cyber weapons.

Assistant Attorney General Leslie Caldwell highlighted these concerns in a blog post published last week, saying if a criminal suspect is using Tor or VPN to hide its real location, it becomes tough for investigators to know his/her current location.

"So in those cases, the Rules do not clearly identify which court the investigators should bring their warrant application to," Caldwell said.

But what would happen if the FBI hacks the botnet victims, rather than the perpetrators? Or what if the government abuses this power to target nation states?

In a speech, Wyden said that the changes to Rule 41 amounted to "one of the biggest mistakes in surveillance policy in years," giving federal investigators "unprecedented authority to hack into Americans' personal phones, computers, and other devices," Reuters reports.

Other critics worry that the changes to Rule 41 would give the FBI unfettered ability to hack innocent users whose electronic devices have been infected with botnet malware without their knowledge, or anyone who keeps their identities private online.

To this concern, Caldwell argued that investigators accessing the devices of botnet victims "would, typically, be done only to investigate the extent of the botnet," or in order to "obtain information necessary to liberate victims’ computers from the botnet."

Caldwell further argued that the rule change would not allow the FBI to conduct "Mass Hacking;" in fact, failing to implement the rule change "would make it more difficult for law enforcement to combat mass hacking by actual criminals."