SOC Monkey - Week in Review - 8.20.12

Blog Post created by socmonkey on Aug 20, 2012



Welcome back to your weekly round up of the best bits from my App that you should be downloading from the Apple App Store.


This week, let's dive right into the most clicked story from last week with an update on how Mat Honan is dealing with life post hack: How I Got My Digital Life Back Again After An Epic Hacking. Honan once again deconstructs Soc8.20.12.pngthe events that led to his digital disaster. The thing I liked best about this article is that Mat is almost apologetic about how fast he was able to resurrect his digital life, due to the fact that he's a technology writer and has contacts deep in the organizations that would have to help him restore his data. If the same thing were to happen to you or I, we'd be looking at a much longer, and potentially more expensive process. He also goes in-depth about pulling his data off the Macbook Air he was using, and the difficulties and cost of restoring from a SSD drive.  Over all, an excellent article that pulls no punches about how intense even a private network's hacking can be.


Next, let's dip into the political realm a bit, and discuss Iran's ongoing discussions about disconnecting from the Internet entirely: Iran threatens to disconnect from the Internet. This brings us back to the story about AC/DC blasting out of speakers in various nuclear facilities, and even mentions Metasploit by name. I can say with assurance, that we do not have a "thunderstruck at full volume" exploit written into the product...yet. Still, these attacks, and malware like Flame and Stuxnet have seemingly pissed off the Iranians enough that they're taking their Internet and going home. The article discussed the political, economic and social costs of cutting the cord to the rest of the world. What do you think? Can a country just pull the plug from the Internet and maintain one of the most well educated populaces in their section of the world? This should be interesting as it continues to escalate.


Speaking of malware, let's look at the top malware story from last week: Mystery malware wreaks havoc on energy sector computers. This lovely piece of work, named Shamoon, is being discussed as a copycat worm in the style of Wiper, but the real concern is the extent of the fallout from the attack itself. Shamoon goes above and beyond to destroy data, and makes sure it can't be recovered, while simultaneously wiping out the system files so the machine can't be turned back on. So far, fewer than 50 systems show this infection - but for those of you out there watching the malware world with a keen eye, this one is one to watch.


Going right back to Ars Technica, a site the Monkeynauts very much love, this article once again circles back to the new "attack the attackers" mentality that's gaining ground in the industry: White hats publish DDoS hijacking manual, turn tables on attackers. Is anyone else stressing out about an attacker with a grudge suddenly rooting around in someone's networks? Look at the high profile hacktivism events of the last year and you can see what a dedicated mind with a cause can do. Imagine that cause is revenge?  I'm willing to be wrong on this one, but I don't think offense is the key to a strong defense.


Some other hits of the week:

Resilient SMSZombie Infects 500,000 Android Users in China | SecurityWeek.Com

HP Communities - The inevitability of a data breach - The mental hurdle Security Executives must get over.


In my final spot, this article pretty much blew my mind: Harvard cracks DNA storage, crams 700 terabytes of data into a single gram | ExtremeTech. It's officially the future folks. A one gram, biological, 700TB storage devices is unreal to me. It feels like we're living in a William Gibson novel pretty much at all times, doesn't it?


Thanks for stopping by this week, and we'll be putting up the usual hit list at the same time next week.