Canada's boffins need A WHOLE YEAR to recover from China hack attack Canada's CIO has pointed the finger at China over a security breach at the nation's National Research Council. Ongoing attempts to breach the research agency's computers led the NRC to hit the “off” switch on Monday of this week, according to Canada's CTV News. Those attacks had continued for a month. CTV notes that the …
Firewall every network hosting an attack in China, Taiwan, or Korea.
Call it harsh, but almost none of those networks have valid APNIC contacts. Of those that do, good like finding one that cares about hacking. You can have the most secure system in the world but you're still losing bandwidth to the non-stop attacks and vulnerability scans.
As a Canadian, I would like to thank the Chinese hackers for nudging at least one government agency into creating a secure infrastructure. That's the upside. The downside is that each of the other agencies will not look at this and do the same until they too are "nudged".
The title of this article seems a little misleading to me.
It implies that there was damage done that will take "A WHOLE YEAR" to repair, when it seems to me that the attack simply uncovered inadequate security that will take a year to bolster.
The moral of the story is for other agencies and governments and private businesses who might be targets to start reviewing and improving their security now.
Or don't - it's only data that's the property of your citizens (having been paid for by their tax dollars) that's at risk.
Where Entity A needs to contact Entity B in a trusted manner they should come bearing a token.
That IP range specific Token should be available once a surety has been paid.
Get the remote to put up say 1M$ for a /16 (for example). Then should there be a proven breach from that IP range they forfeit that amount (not quite sure who to).
Obviously for a narrow IP range to have access the value would be less, for a single IPv6 it could be a few hundred beer tokens.
That way it becomes in the interest of the remote party to keep their house in order and the firewall white list is "those currently assured".
At one stage I did think there should be a daily image file embedded in every email sent to me, one of my images, copyrighted and only given use rights to certain non spamming companies. No Image have a bounce, incorrect use have a domain block with public shaming.
The current "send me some packets, any old packets, worse you've got and I'll stop what other stuff I'm doing and try to deal with them" is the wrong firewall dynamic.
@Powernumpty
Huh?
I am not trying to be intentionally rude but can phrase this no simpler way: what are you on about?
I need to access my Internet banking "in a trusted manner" - what do I need to do? Like the vast majority of people, I browse the Internet via a dynamic IP address, assigned and changed periodically by my ISP
What exactly are you suggesting the process be?
The simple truth is that the vast majority of systems with data of interest to 'hackers' have some path to the Internet, even if the system itself is not supposed to be accessible. That is the reality of the modern world because any data worth having is worth making accessible to multiple people. Data that is never accessed is not really worth having, after all.
The problem here is not unique to computing - it is a conflict between utility and security. I mean, if you have a shop, you can go a long way to preventing shoplifting if you make sure the door is locked at all times and an armed security guard rejects anyone without a verified appointment. Admittedly, some stores do indeed operate that way, but for the other 99.999%, such an approach goes against the goal of running a store, which is (generally) to sell goods.
@dan1980
I was thinking more about companies that need to do business with other companies via the internet but not to the level of shared network.
In the real world there is a degree of risk, the shoplifter has to physically enter the shop, that is a commitment and investment in the exchange, on the internet there is little if any exposure for the hacker.
In the physical world we used to have walls around businesses, they could be measured and built to suit the neighbourhood. It used to amaze me (being from the south east) that in Norway large companies often didn't have any fence at all, nothing you could walk up to the front door/window and press your nose on it.
Now in the internet business world your fence goes through every Favela, Nigerian internet café and hackers bedroom, much harder to tailor to the environs.
To get it back in scale I think companies should pull back from that model.
If a company wants to do business with a range of others in an intermittent basis have the remote end invest in the interchange, have them put down some value to show they are committed to working with you to keep the fence between you only as high as it need be. If a company thinks that every one of it's hundred remote offices need quick access to your valuable information either have them go through one secured proxy or have them put down a decent sum to say they are committed to securing their systems and by doing so protecting your resources. Currently to say “I want to you give good access to X thousand addresses I look after but I am no prepared to give you my name or one atom of security” is the norm.
the one and the same - both have interest in communications and encryption. A company I worked for used to supply the NRC and it was predominantly comms related equipment.
I wonder of they are still monitoring those HF zip transmitters?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
