Announcement

Collapse
No announcement yet.

Operational Security of Digital Information.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Operational Security of Digital Information.

    So the thread on the nuclear information release inspired me to write this.... I am going to break it down into a few parts:

    1. Who I am and why you should care
    2. Some other examples.
    3. What you should NOT be doing.

    I. Since I have been away for a bit, and I see several new faces, for those that don't know me my name is Jason. I work in the Network Security World for a company, we manufacture network intrusion detection systems and other products that complement these technologies. In other words, we help people catch hackers, and other dumb stuff that users shouldn't be doing on their networks. If you want more details on what I do or we do, pop me a PM.

    II. Ok the fun stuff.

    So there have been several items like this released over the last few years, NASA released ballistic missile data, the defenses on the presidents helicopter Marine 1 were put somewhere on the internet, the countless breaches of private industry you have heard about both intentionally being hacked and some dummy leaving the door open, oh and lets go ahead and toss the VA breaching all the Vets personal info here as well because this information relates to that too. You can go do a search almost anywhere in the news today, and hear about another incident either minor or major with the release of sensitive or even classified information.


    III. The meat of this....

    I am going to outline a few items here, and explain them so I hope people can follow along that aren't technical. Ok to put really simply, if you are handling senstive information of any sort in a digital form, your system should NOT be connected to the internet. (that was a period after that, not a comma, not a but, a period.) Not only should it not be connected to the internet, it should not be a terminal that any dumbass in your department can walk up to and use to print his word document. Why???

    Ok so lets outline, some very common vulnerabilities and how they get on computers. Before you go oh I have seen all this before and I have antivirus go on and keep reading young padawan, cause I can subvert your antivirus in about 13 seconds using any one of these methods.

    1. Email of a file - So the very simple rule and if you don't know it is don't open anything you can't confirm the source. Yeah you have heard this... But did you know? Today, I actually don't even need you to open the document. Infact, modern software (and I will pick on adobe here for a moment) takes care of ALL of that for me. You think the email you got with that attachment is safe cause you have a virus scanner? WRONG... Early this year, Adobe had an issue in Acrobat Reader, that it was close to 90 days before they fixed it. All the bad guys had to do was get it into your inbox, and the functions of preview and indexing took care of the rest. Oh for you all sitting there sumg, going "I use Foxit" or "I am on a Mac" .... Yeah you were screwed too.... Foxit was vulnerable to the same code, and those of you on a MAC, well I am pretty sure Preview still isn't fixed. If you want to know more, I can send you a link that is of a video that explains this in depth, it is very technical in nature, but goes though the timeline of how long you really sat out there waiting to get owned.

    2. Dont click S***. Seriously, that funny website with the .ru .za .ch .some other damn countries address that is overseas is NOT WHAT YOU SHOULD EVER CLICK ON. I don't care that your friend said it was the funniest video ever. One of the most common paths for compromising, and getting control of a computer, and then stealing information, is getting someone to go to a webpage that has an active exploit on it. No your not safe using firefox or safari. No your not safe because you have antivirus and a personnel firewall, cause the first thing that I do when I get you to go there is subvert both of those systems and quietly turn them off in the background. Oh and while I am at it, I will turn off windows update, and if you launch it manually I will make it redirect you to another webpage, that has like 40 more exploits on it just incase the first one might not have totally worked for me.

    "I only visit sites I know." Bull.... If the computer you are on doesn't have information you want to share with the entire world there isn't such a place on the internet. Who here has ever used "thepiratebay" to download a torrent? Any Torrent, I don't care if it was a movie, a cool program, some pictures, or some p***... I did say ANY correct? Yeah, when you opened the torrent link to queue it up in your torrent manager, did you antivirus start going insane? No? Really? Funny cause about 60 days ago, I had a friend also in the industry that does what I do for the Military, inform me that the advertisers on the pirate bay, had active exploits on the information they were serving, if not on the pirate bay itself. Well being a good security professional, I went to check out this information on my own, I have a computer sitting at my house that is fully compramized, and needs to be rebuilt due to this 5 min forey on the internet. Now we aren't talking like I clicked around till I said wow yeah... that sucks, I set all settings for my firewalls and antivirus to pretty much as high as they would go and still let me actually navigate to the internet. It took me about 4 min to find one of the pages in question, I have a computer that is a brick on the floor of my basement. I hope I didn't need any info on it cause it is a total loss.

    Oh and if your really thinking your saving money by using applications you downloaded from a torrent site, and didn't just go buy from the vendor, ummm Your computer is owned and your bank account you log into from there is in the hands of someone it shouldn't be. I did some tests, and picked 10 major applications that people commonly don't pay for.... I found 5 torrents for all of them from various sites, and wanted to see how many of them had been tampered with and had bad nasty evil software in them. Well so the first application I choose I got through 3 torrents before I had to rebuild the entire OS. All 3 of them installed something new. One was a key logger (to steal credit card and bank info) one setup a port forwarder, so someone could basicly use my pc to access the internet, so anything they did would look like it came from my computer, and the third, I really don't know what it did but it rendered the PC totally useless. I said ok that was prob a really easy target and I moved to choice number 5 on my list. I didn't even get to the third torrent my PC was so hozed after the second I called my project a total sucess, and then had to rebuild my PC again.

    3. You plugged what into your computer?
    That USB thumbdrive? That CD or DVD "someone" gave you. Ok this has been out there for years. That computer that has sensitve info should not have USB ports enabled on it, were you aware with commonly available software, you can compromise all of the administrator or root level accounts on a system by simply plugging in that USB drive? Oh and better yet, every USB drive that you plug in after that the software will infect the system so the next drive you plug it in, will infect that drive as well, and then pass it along to the next computer it is plugged into.... Oh and if you did any of the above, that I mentioned previously, I can install that same software, or really any other software to make your system do whatever else I want it to do also... Personally, my fix for this is have people fill the USB ports with epoxy, or just cut the connectors off the system board entirely. That also solves the problem of people copying data they shouldn't have copies of as well...

    4. Don't copy the data cause it makes your life easier. If it is protected data, refer back to point 3. If it is on a protected system there is a reason for that. If you copy it off and then you breach that data from another system, your most likely, going to be fired, if not charged criminally for that breach. sucks to be you at that point.

    So in summary? Notice any trends here? To put really simply, if you handle information of any type you don't released to someone, you better be damn careful what you are doing. A production system that contains sensitive information needs to be protected on multiple levels and YOU are responsible for what you do on that system, and you are responsible for the data you handle both personally, and professionally. If this didn't put the fear of god into you it should have, that was pretty much my intent. I'll open the floor to some discussion here, I'll answer anything I can as candidly as I can. There is also at least one other person on the boards here, whos word is as good as mine on some of these topics, who I am sure will chime in here shortly.

    CelticRaven

    -- Poor is the country with no heroes and worse yet, is the country that forgets its heroes.

    Plan for what CAN happen, not what HAS happened.
    --CelticRaven

    The strongest reason for the people to retain the right to keep and bear arms is, as a last resort, to protect themselves against tyranny in government.
    --Thomas Jefferson

  • #2
    Recently the Pentagon mainframe was hacked into through a worker's MySpace account.
    www.precision-applications.com

    It's knowing that when I get up in the morning and my feet hit the floor, the Devil says, "Shit! He's awake!"

    Shortly before World War I, the German Kaiser was the guest of the Swiss government to observe military maneuvers. The Kaiser asked a Swiss militiaman: "You are 500,000 and you shoot well, but if we attack with 1,000,000 men what will you do?" The soldier replied: "We will shoot twice and go home."

    "There are so many Russians, and our country so small, where will we find room to bury them all?" - anonymous Finnish soldier

    Comment


    • #3
      Good stuff. Thanks Jason.
      " May God have mercy upon my enemies, because I won't" General George S.Patton

      " Peace is that brief glorious moment in history when everybody stands around reloading"

      " The will to survive is not as important as the will to prevail...the answer to criminal aggression is retaliation" Lt. Col. Jeff Cooper

      Comment


      • #4
        Yep, Jason is right. To make matters even worse, the Chinese have been infecting USB "thumb drives", digital photo frames, and various other devices you plug into your computer too. So, you get a nice new digital photo frame for fathers day so you can put the picture of your wife, kids, and dog on your desk at work. As soon as you plug it in, you are now a part of some Chinese botnet.

        The Chinese are saying, thanks for buying our crappy product on a credit card using money we lent to you. We now own your computer, banking information, and all passwords you have. We can also turn on your web cam and take pictures of you and your surroundings and ship them off to China. Smile.
        America deserves to know her heroes!

        Comment


        • #5
          Yup, I heard the same stuff. They are implementing stuff into hardware and software to get to your stuff. Imagine that. Next threat is electronic warfare.
          In the Jungle, On the hunt, I am The Ghost in the Darkness

          Comment


          • #6
            Jason,

            Are any of the thumb drives safe? How about the iron keys? Is there a way to put a "level IV" body armour tac vest type protection on your laptop?

            Steve
            "Cogito, ergo armatum sum: I think, therefore I am armed" Dave Grossman
            "Be a Sheepdog".......R.A. Nable
            ...It could be that the purpose of your life is only to serve as a warning to others......
            ?Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats?.
            Henry Louis Mencken, American writer of the early 20th century, satirist, and cynic.

            Comment


            • #7
              Hey Jason,
              Yeah, that's all good, but how do I get the porno off my computer again ?
              Respectfully,
              Harry
              "It's better to live one day as a lion, than one hundred years as a sheep", Old Roman Proverb.
              "For those who have fought for it, freedom has a flavor the protected will never know", Author Unknown.
              "Cry havoc and let slip the dogs of war!", Shakespeare, Julius Ceaser, Act III, Scene I.

              Comment


              • #8
                "Hey Jason,
                Yeah, that's all good, but how do I get the p**** off my computer again ?
                Respectfully,
                Harry "

                huh ! of course, there's "penetration" "infiltration" "open stuffs" "virus" inside !!!
                " IF AT FIRST YOU DON'T SUCCEED, USE DUCT TAPE !" said Uncle Bowe

                Comment


                • #9
                  Ironkeys are great!!! But buy USB devices from respected mfgs is the lesson there from Nate.
                  CelticRaven

                  -- Poor is the country with no heroes and worse yet, is the country that forgets its heroes.

                  Plan for what CAN happen, not what HAS happened.
                  --CelticRaven

                  The strongest reason for the people to retain the right to keep and bear arms is, as a last resort, to protect themselves against tyranny in government.
                  --Thomas Jefferson

                  Comment


                  • #10
                    Recently the Army turned off USB access to normal users. A virus traced to Russia caused the whole mess.

                    Jimro
                    "How you train is EXACTLY how you fight" Col (Ret) Robert B. Nett, awarded Medal of Honor

                    Comment


                    • #11
                      Who is a respected manufacturer of thumb drives and such?
                      www.precision-applications.com

                      It's knowing that when I get up in the morning and my feet hit the floor, the Devil says, "Shit! He's awake!"

                      Shortly before World War I, the German Kaiser was the guest of the Swiss government to observe military maneuvers. The Kaiser asked a Swiss militiaman: "You are 500,000 and you shoot well, but if we attack with 1,000,000 men what will you do?" The soldier replied: "We will shoot twice and go home."

                      "There are so many Russians, and our country so small, where will we find room to bury them all?" - anonymous Finnish soldier

                      Comment


                      • #12
                        That was some good stuff Jay.
                        Thanks for taking the time.
                        Joe
                        "The two most powerful warriors are patience and time."
                        Leo Tolstoy

                        Comment


                        • #13
                          shep,

                          If you buy a storage drive from Taiwan there is less chance of Red China screwing with it.

                          Buying a plain USB drive with no software on it also helps, and scanning any drive you put in your computer is smart.

                          You could also go with Ubuntu or Fedora and really be safe

                          Jimro
                          "How you train is EXACTLY how you fight" Col (Ret) Robert B. Nett, awarded Medal of Honor

                          Comment


                          • #14
                            What Jimro said... first thing I do with pretty much any drive, is load it into a CD bootable linux system and blow away the file system and then reformat it in the system I intend to use it in.
                            CelticRaven

                            -- Poor is the country with no heroes and worse yet, is the country that forgets its heroes.

                            Plan for what CAN happen, not what HAS happened.
                            --CelticRaven

                            The strongest reason for the people to retain the right to keep and bear arms is, as a last resort, to protect themselves against tyranny in government.
                            --Thomas Jefferson

                            Comment

                            Working...
                            X