Security roundup for Oct. 28: Cloud security holes; Facebook vulnerable?; China hackers lambasted

In last week's news, Amazon Web Services vulnerabilities were found and fixed, but other cloud service providers are probably susceptible to similar problems discovered by a German research team at Ruhr University Bochum.

The research team used a variety of XML-based signature-wrapped attacks to gain administrative access of customer accounts, then created new instances of the customer's cloud. They also used cross-site scripting attacks against open source private-cloud framework Eucalyptus, and said the Amazon service was susceptible to cross-site scripting attacks, too. To its credit, Amazon is paying close attention to this research and has worked to correct problems.

MORE SECURITY: Got cyberinsurance?

Potential vulnerabilities in Facebook also got attention last week, with Symantec pointing to an attack technique called cross-site request forgery that allows the attacker to piggyback into an active session. Symantec said it's working with browser vendors on solutions to attacks of this style it's uncovered.

Separately, consultancy CDW posted a blog item about an alleged vulnerability in Facebook that would allow a hacker to send a potentially malicious file to anyone on Facebook. Facebook downplayed the risk.

Well, maybe all this interest in Facebook is due to the countdown to Nov. 5, the day celebrated as Guy Fawkes Day in England, which is the day on which the shadowy hacker group Anonymous last August said it would "destroy" Facebook. Yes, completely destroy. And that's next Saturday ...

Security-event management

Last week IBM officially completely its acquisition of Q1 Labs, and the IBM Security Systems Division is making it clear that the Q1 security information and event management (SIEM) technology will be the centerpiece for IBM security products going forward. The goal is to extend SIEM, which traditionally aggregated and correlated real-time data from security devices such as firewalls and intrusion-detection systems, in several ways, such as combining it with identity management data, as well as business intelligence analytics.

The evolving role of SIEM came up when discussing with the chief security officer at Zions Bancorporation how the multibillion-dollar bank-holding company is adopting the data security warehouse approach. In this arrangement, the SIEM becomes another feed into a massive repository for analytics that can also take in business intelligence. This is all fairly new, but it suggests SIEM, one of the more important technologies advanced over the past half-decade for security, is not standing still.

China in the news, again and again

Last Thursday, The New York Times, The Wall Street Journal and Bloomberg all ran articles highly critical of China on security and human rights grounds, and each article took up a different topic related to information technology.

There was everything from accusations about Chinese hackers trying to hack U.S. satellites, to China out to set up an "Internet management system" to strictly control social-networking and messaging, to Chinese firm Huawei Technologies setting up a surveillance-monitoring system for the Iranian government through the Iranian cellular-telephone system.

Two weeks ago, Chinese-based company Huawei was complaining about getting the cold shoulder for U.S. federal contracts related to an emergency response system.

There are a lot of political nuances that are coming to the fore and information technology, at least on the part of the U.S., is not seen as something that can necessarily be separated from geopolitical security and human rights.

Last week as well, Richard Clarke, former cybersecurity adviser and now CEO and consultant at Good Harbor Consulting, spoke plainly when he said in his discussion of cyberattacks, "Frankly, the government of China is involved in hacking into American companies and taking that information and giving it to Chinese companies. It means our intellectual property is going out the door in petabytes and terabytes."

Read more about wide area network in Network World's Wide Area Network section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email CIO
• Follow CIO on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark