stan1 wrote:Target was using just such a tool, FireEye -- a technology developed with assistance from the CIA that tricks malware into running in a virtual machine so it can be monitored. Target's first tier support in India noticed the attack and notified headquarters in Minneapolis. Minneapolis didn't act (haven't seen an article yet that says why, other than to speculate that the attack happened during the Thanksgiving weekend when there would have been minimal manning at Headquarters and that some at Target might still have been skeptical of the FireEye capability).
Security tools like FireEye will fail too, soon, for the same reason that AV is pretty much dead - same root cause.
lightheir wrote:
It is likely that now and in the future, your data will be safer on the cloud than on a home computer then on your home computer with an active online connection.
Corporations of all sizes are already discovering this, and offsourcing a lot of functions like email and office-type apps to Google etc. so they can handle the security rather than attempting to do it in-house with a homebrewed solution. .
I'm not sure what your source is, or how you claim this as fact, but no company is moving their critical data to the cloud for the primary purpose of enhancing security. It's called faster, cheaper, cooler - often, at the cost of security. Do you really think Google has a good security track record? You can start reading here:
http://en.wikipedia.org/wiki/Operation_Aurora#History
BlueEars wrote:
Maybe I haven't quite woken up this morning (8:30am PST) but isn't the true data just login's and passwords? My banks and Vanguard house the critical data.
I doubt the hackers want to steal my spreadsheets although I'm rather proud of them. They are backed up to my personal cloud e.g. removable disk and memory stick.
Why should a chrome book protect my critical login's and passwords any better then Windows 7 with something like LastPass? It's an interesting thought though.
It's true - Bad Guys have different motives with regard to corporate hacking vs. individuals. The latter is generally more about cyber crime and making a quick buck... whereas the former is more about espionage and stealing IP. I wouldn't argue that a Chromebook is necessarily more secure than a Win7 machine, but you should consider all risks. One newer risk making an appearance in both the corporate and personal space is Cryptolocker - what would you do?
http://en.wikipedia.org/wiki/Cryptolocker
patrick wrote:
Firewalling off all incoming ports is the default setting for home versions of Windows -- even the obsolete Windows XP with SP2 (released in 2004!) did this. The router, if you use one, is a second level of firewall. UPNP opening ports from inside the home network should only happen if running local software that needs to take incoming connections, and only a problem if the local software is insecure too. UPNP opening ports from outside the home network won't be allowed unless the router is very very bad, which many routers are but not the majority of home users.
While what you state is accurate and helpful in the case of a direct hack attack against your home/work network, it does nothing to protect you from a phish/spearphish or if you visit compromised website/watering hole. Once malware is installed on an internal host (through an email attachment, comp'd website, etc.), odds are your home firewall allows HTTP/HTTPs (or all) traffic outbound to the Internet. The malware installs, heartbeats home, and you're done. Think an outbound proxy server saves you from that at work - think again.