Federal Friday - 4.11.14 - Another Quiet Week...

Blog Post created by jschim Employee on Apr 11, 2014

Can you believe how quiet it was this week? Nothing going on, everyday slowly dragging on, the tick, tick tick of the clock getting louder and louder by the second. Reminds me of the late-night drip from your faucet but more annoying because you're stuck at work. Oh wait, totally forgot this was a cybersecurity blog and mistook it for my crochet blog. You, much like us here at R7, were probably pretty busy this week. In that case let me officially say, happy freaking Friday, Federal friends!


I'll get into the big news from Tuesday in a minute,but first I'd like to focus on the other news from Tuesday - the slow death of XP. You're probably thinking I'm repeating myself a little bit here, and quite frankly I am. While the big news going into the week was XP's EOL, that thunder was quickly stolen by Heartbleed. It's very important to focus on both as quickly as possible, and while Heartbleed must be an immediate focus, don't forget about your systems that rely on XP. While security teams are being taxed this week it's important to continue to monitor any machine still running XP, understand why it's still running XP and what critical systems it's connected to. The risks can be pretty big as there have been 30 vulnerabilities specific to the OS that were discovered between 2012 and 2013. The semi-good news is that while support is ending, unless you're agency/organization is paying to keep it around like some foreign governments have opted to do, Microsoft did note that they will continue to update the malware signatures through July 14, 2015. While that doesn't solve many of the issues, it is some reassurance that Microsoft does understand the plight of organizations still utilizing the 12 year old OS. Here are 5 recommendations from an article on ComputerWeekly to consider as you migrate away from XP:


  1. Software and hardware auditing should be used to determine the state of the desktop in terms of software and hardware configuration.
  2. Reducing the number of applications, by simplifying the desktop PC environment, should be a priority.
  3. Don't forget Internet Explorer 6. Some internal websites and web applications may have been hard-coded to run only in IE6.
  4. Automated application compatibility testing enables IT departments to test which desktop applications are good to go and which are incompatible with Windows 7.
  5. Some application testing tools can fix many common application compatibility problems automatically, leaving just a few applications that need to be manually re-engineered.


In some other interesting, yet semi-obvious news, the LA Times noted that the power grid has surfaced as the most important domestic cyber threat. There have been all kinds of issues around the grid from squirrels and on-prem sniper attacks to potential cyberattacks. One would think that many of the electric companies would have sured up their systems but as highlighted in the article, that's not the case. While I've spoken in the past about 3rd party breaches, I look at the national power grid with similar glasses on. The power companies, in some respect, are the 3rd party. If one power company is vulnerable, it puts much of the grid at-risk. Take the massive blackout of '03 as an example. A tree decided to shed a branch in Ohio, landing perfectly on some power lines. A short time later the grid in Michigan became over loaded, which then moved to Canada causing more issues. The next thing you know NYC is under a massive blackout as the rest of the grid became over taxed (pun intended with 4/15 next week) and shutdown. The same thing can happen in an attack, and as the article highlights, the attackers don't need to be that sophisticated.


I promised I'd circle back on the other big news from Tuesday. I did my own research this week and discovered, as highlighted below, that the Heartbleed vulnerability has actually been around since 1984.




Also, check out our new Federal landing page on LinkedIn. It's focused on the fed crowd and I will be adding content along with our marketing team to provide you with as much information on the space as possible.