Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
we want to hear from you >
Who: This is nation-state activity to penetrate another nation or corporations computers or networks for the purposes of causing damage, disruption or exploitation with an endgame objective of disabling an opponent's military capability or stealing important source code to increase their own power. These guys are the special forces of the threat landscape; super skilled buzz-cut clean shaven expert hackers. You’d never know who they were however – because if I told you I’d have to kill you.
Why: Cyber Warfare has been described of as the fifth domain of warfare with the Pentagon formally recognizing cyberspace to be just as critical to military operations as land, sea, air and space. It is reported that at least 100 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities. Cyber Soldiers may operate as APT (advanced persistent threat) or corporate spies at times, but everything they learn is geared toward a specific nationalist objective.
What: Stuxnet is a great example of this attack method, a text book case of an APT. The Worm was discovered July 2010 and is the first specialized complex malware to only target industrial software. It was aimed at compromising the Iranian nuclear program and believed to be the work of a well funded group of 5-10 people over 6 months. Speculation: only a nation state has these capabilities.
Early last week I was a guest of the OWASP San Diego Chapter who invited me to give a presentation on the Top Ten Web Hacking Techniques of 2010. An audience of nearly 50 filled the room, graciously hosted by Websense, and was treated to a sushi and sake dinner while I described and demoed the last year's latest research.
For those unfamiliar with this top ten, every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. The Top Web Hacking Techniques acts as a centralized knowledge base, a way to recognize researchers who contribute excellent work, and digestible way for the community keep up with the latest trends -- a look forward. After the presentation I got the opportunity to meet many new people and learn more about the things in Web security that most interest them. Lots of chatter about where OWASP as an organization should be heading, conversations about the latest hacks in the news, what various Web security vendors are up to, and of course, several personal appsec projects. If you are in the San Diego area and interested in the subject matter, you should really consider attending.
Jeremiah Grossman
Google announced a number of new technologies as part of their Google Inside Search Launch (http://www.google.com/insidesearch/). One of the more interesting elements is their idea to speed up the Web with something called "Instant Pages." The basic idea is that they are taking their ability to correctly guess what a user is going to search on, and pre-loading the content from the origin server onto your local machine. Apparently, this will only work with the Chrome browser.
On the challenging side, this leads to some interesting exploit scenarios. In the past, search algorithms have been duped to have malicious pages show up in results. In those cases, although they are dangerous, the user still has to click on one of the top results to get infected. In the new scenario, the big question is if a user can be exploited by simply searching, without even clicking on a link.
Though Google has assured in a subsequent interview that they don’t believe this will be an issue due to several aspects of their technology, there still exists an interesting possibility for exploitation of unsuspecting users, as SEO poisoning continues to be an ongoing problem. Remember from our 2010 Threat Report, searching for breaking trends and current news represents a higher risk (22.4% of search results poisoned) than searching for objectionable content (21.8%).
In slightly related news, Google also announced voice recognition to search. It will be interesting to see how the rogue AV camps will also be utilizing this to their advantage in the future.
Who: These are the heavyweights of the cybercriminal world. Corporate attack and espionage is a stealthy, organised, funded activity by professional agents operating rather like the legitimate companies they hope to steal from. The worker bees are usually found beavering away with state of the art computing equipment, multiple monitors and the blinds well drawn. While the big cheeses are well connected individuals with fingers in pies and eyes firmly on the ball. Together they make a formidable team.
Why: Big Bucks. These guys are out to target company confidential data which can then be sold on to the highest bidder. There are two distinct categories within this group; one aiming long term using Advanced Persistent Threats (APT) and the other group more focused on short- to midterm financial gains.
What: The APT attack nicknamed Operation Aurora in 2009/2010 was aimed at US high tech companies including Google and Adobe. It was thought to originate in China with speculation of Government involvement. Aurora exploited a zero-day vulnerability in Internet Explorer with a goal to steal IP and modify source code.
Since President Obama announced the events in Pakistan over the past weekend, Websense has been monitoring a large wave of scams and malicious content surrounding the death of Osama bin Laden.
Today the US Government has confirmed it will not be releasing the pictures of bin Laden’s body which should help minimize the number of people who are falling for these scams. But as the pressure builds on the US Government to release these photographs, there has been very little written on the impact this would have to the cyber-security space.
Most of these scams have so far relied on social engineering. Judging by the number of people falling for the previously mentioned scams, they have been successfully lured into believing these pictures are available. These have been successful, despite the fact that pictures have not been released.
But what if the US Government were to actually release these photographs - what would happen next?
As Chief Security and Strategy Officer for Websense my calendar is filled with customer visits, events, and meetings in different cities each month. All the time spent on planes also allows me to catch up on my reading and keep up with the latest trends and topics in the security world. While I may not have quite as many airline miles as George Clooney in Up in the Air, I like to think I am getting close. What I would like to do in this blog is share the knowledge I gain each month surrounding new insights or particularly interesting talks I have with top security executives, creating the opportunity for everyone to benefit from my travels (without the lost luggage).
If you are an IT executive, leverage me to help you with the changing landscape of IT Infrastructure and Security. My role is to listen to your needs and help you develop strong security strategies. Then I bring these needs back to Websense so that we are always on top of the latest trends and always listening to our customers and what they want out of a security solution. I also spend a significant amount of time helping CISOs develop strategies in my five areas of expertise:
This week, I am doing two presentations at CSO Perspectives 2011. I look forward to sharing the stage with two dynamic CSOs who have deep experience securing their enterprises from every attack imaginable. And they both have their own views on how to deal with a fast-paced threat environment in ”organizations without borders.”
Jerry Archer is the Senior Vice President and Chief Security Officer for Sallie Mae. We’re going to talk about what Angelina Jolie has to do with data loss prevention. Sounds interesting, right? But Jerry and I have been talking about doing this talk for some time now. It will be a great discussion.
The discussion covered recent examples of Advanced Persistent Threats and the importance of informed security-focused decision-making. We looked at the topic from different angles: from the strategic viewpoint – how organizations should best prepare themselves to mitigate the effects of a breach of their network, and from a personal viewpoint – looking at the impact of cyber crime on individuals.Also on the panel were Peter Sommer (co-author of the OECD study 'Reducing Systemic Cybersecurity Risk'), Claire Yorke (co-author of the Chatham House Report ‘On Cyber Warfare’) and Dr Rex Hughes (a fellow in Cyber Security at Cambridge University). The event was chaired by Ben Hammersley, editor at large of WIRED UK.
How many clicks does it take to get to the malicious code of an infected website? Surprisingly, the answer is usually, just two. In this Websense Insight, our Labs report on how most internet users are only two clicks away from malicious content via three ways: from top sites, poisoned search results, and malicious links.. In the video, we use extensive data from analysis of thousands of links to illustrate that you may be in more danger from searching for items on the World Cup than you would in the "traditionally" dangerous "neighborhoods" of the "adult" or objectionable Web.We also present some fascinating and surprising data on how close you are to malware and links to malware from some of the most highly trafficked and trusted sites on the Web.
With millions of Tweets and Facebook postings flying around daily from personal and business users, have you ever wondered where the links in these postings go?In this Websense Insight, Websense researchers analyzed hundreds of thousands of social networking links to determine the ecosphere of links and the potential threat vectors of the social Web. Some of the findings may truly surprise you...
