More Prognostications for 2010

Several of my Forrester colleagues have already weighed in with their 5_carsoninsightful 2010 predictions. I recently chatted with Shamus McGillicuddy at TechTarget where I shared my thoughts on the upcoming year. You can read the article here.  

2010 is going to be an interesting year with economic concerns impacting the security business. I suspect that businesses will need to regroup and think about their security spend again next year. Companies will probably remain gun-shy and hold budgets close to their vests. This could set up a shootout between increasing security threats and the desire to continue to control costs. Who will win? Your thoughts?

Happy Holidays y'all and here's wishing you a Secure New Year!

Hacking the In-Human Drone

A while back, I blogged on how researchers have developed tools to intercept streaming video from video conferencing systems and IP surveillance cameras. Today I feel so prescient with the Wall Street Journal's article on how Iraqi insurgents are using similar software to intercept the video feed of Predator Drones.

030813-F-8888W-006

The article has the catchy subtitle "$26 Software Is Used to Breach Key Weapons in Iraq; Iranian Backing Suspected." It discusses how the insurgents are using the software to intercept the Drone's unencrypted video stream, "potentially providing them with information they need to evade or monitor U.S. military operations."

According to the article, the military has been aware that this type of attack was posssible for some time: "The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."

Let's hope that the Pentagon has learned what happens when you ass-u-me things...

Categories:

Hacking the Human Network

A couple of network televisions shows have lately caught my eye.  Now I’m not a television critic but there were things in these shows that have security implications that warrant some attention.  These episodes came just as I had finished some hacking training and provide an opportunity to share some interesting new tools and attack scenarios.  

First, Alex Baldwin pimped Cisco’s TelePresence system on 30 Rock.  In the episode “The Audition,” Baldwin’s character Jack has bedbugs and is forced to use TelePresence to attend a meeting.  There is a very funny bit that takes product placement to a new tongue-in-cheek level:

TelePresence Screen: “Do you like the Cisco equipment?”

Jack:  “Of course, it continues to be the gold-standard by which all business technology is judged.  Cisco, The Human Network.”

Read more