2011 was a fun year in computer security..

Now this sounds like an interesting BCS event covering cyber-security with Gareth Lapworth from De Montfort University, clearly surveying the collateral damage with an expert eye. Should be epic!

“2011 was a fun year in computer security. The term “epic” doesn’t quite do it enough justice, but it’s the best term we’ve got. The lulz were had by the bad guys, the overtime was pocketed by the good guys and it was gripping for those sitting on the sidelines.

“One of the most public and explosive attacks of the year was aimed directly at the Sony corporation, not just once, but at least four different times. In order to solve their problems they simply laid off a significant number of their security team. Epic.

“2011 also saw a rise in malware related attacks. Whilst most computer users were worried about receiving viruses and attempting to solve that problem, computer security dudes in the power and water industries were trying to secure centrifuges and utility supplies. They failed. Miserably. Epic.

“It was a win for those that did manage to secure their computer systems, but not those that chose Symantec anti virus. We found out recently that the bad guys had access to the source code of some versions of this software. Of course, the same bad guys helped the world by uncovering that the Indian government requested that Apple, RIM and Nokia placed back doors in their hardware/software solutions. It’s always pleasing to know that a government has access to all of your private data. Epic.

“Don’t have nightmares, though. William Hague wants you to know that we’ll strike first in any cyber war. Super Epic.

“This lecture discusses some cyber security related activities and gives a taste of things yet to come in the next 12 months. It is hoped that you will walk away from this lecture with a feeling of helplessness and fear that will instil in you the correct level of paranoia when conducting yourself online.”

It appears Gareth has left out the FBI arrest of 16 suspected ‘Anonymous’ hackers in July, not long after the PayPal Twitter account was hacked. Which in turn came not long after news that PayPal had dropped online banking for WikiLeaks.

Also see ‘Six security forecasts for 2012’ written by the BCS’s David Lacey, starting with Space weather creates concern: “…increased solar activity will probably cause a few minor annoyances to GPS users. The larger concern, however, is that it might take out mobile communications, power supplies or perhaps anything with a GPS chip. Not quite Y2K in impact, but longer, less predictable and much less researched and publicised”.

He Got Game

Read the Wired article on a new threat to Internet security, exploiting the routers’ dependence on trust funnily enough (that’s 70s technology for you). For my selfish strategic purposes I particularly liked this quote: “Everyone … has assumed until now that you have to break something for a hijack to be useful,” Kapela said. “But what we showed here is that you don’t have to break anything. And if nothing breaks, who notices?” The revolution will not only not be televised (thanks to Gil Scott Heron: video here), you won’t even know it’s happened. But I’ll know. I heard in some Public Enemy lyrics ‘He Got Game’, so it must be true:

Aiyo, these are some serious times that we’re livin in G
And a new world order is about to begin, y’knowhutI’msayin?
Now the question is – are you ready, for the real revolution
which is the evolution of the mind?
If you seek then you shall find that we all come from the divine
You dig what I’m sayin?
Now if you take heed to the words of wisdom
that are written on the walls of life
then universally, we will stand and divided we will fall
because love conquers all, you understand what I’m sayin?
This is a call to all you sleepin souls
Wake up and take control of your own cipher
And be on the lookout for the spirit snipers
tryin to steal your light, y’knowhutI’msayin?
Look within-side yourself, for peace
Give thanks, live life and release
You dig me? You got me?