What Did We Learn From The Cyber Shockwave…March Madness Can Cripple Our Infrastructure

Just this Tuesday, February 16th 2010, the Bipartisan Policy Center hosted a mock cyber attack called Cyber Shockwave. The aim of this simulation was to understand the impacts of a cyber attack and assess infrastructure capability during such an incident. There are many articles explaining the motive and results of this simulation, and post mortem is still coming as we speak.

So, what did the simulation entail? It depicted a war game taking place in 2011 – basically an application installed on smart phones during ‘March Madness’  thatturned out to be a malware. This hypothetical malware affected telecom and IT infrastructure throughout the country, with the result actually bringing down the nation’s cellular network...but there is more. According to an article from ‘The Atlantic Wire’:

“Later, two bombs disabled the country's electricity network and destroyed gas pipelines... Soon 60 million cellphones were dead. The Internet crashed, finance and commerce collapsed, and most of the nation's electric grid went dark. White House aides discussed putting the Army in American cities.”

Also, according to an article from DarkReading:

Read more

Don't Sign Here Please

Visa just announced the expansion of their No Signature program. Citing its "popularity", Visa notes that: "According to a Visa Inc. survey, 69 percent of participants surveyed cited either convenience or speed as the primary reason for using their credit or debit card."  Wow.

What this seems to signal is that Visa, and perhaps the other card brands, feel that they will make more money by eliminating barriers to the sale, such as the 2.2 seconds needed to sign your name, than it would lose in fraudulent transactions, considering this program is for transactions of US$25 or less. Also, it appears that people no longer know how to sign their names.

I have often heard (in low, barely audible whispers) that US consumers were too lazy to care about security, which is why the US will probably never have CHIP and PIN transactions for enhanced credit card authentication.  We Americans are too darn busy to push 4 numbers on a key pad (4.3 second).  This drives folks in the other parts of the world crazy as they are in love with CHIP and PIN and, mistakenly, think that this technology eliminates all transaction risk.  CHIP and PIN cards still have a mag stripe that can be scanned, and skimming is still a problem. It's a great authentication method, however, and would really help reduce some of the smaller, card-present CC frauds were we to adopt it.

Americans need more paranoia about credit card theft. We are much more likely to suffer some type of credit card fraud or be affected by a major credit card breach than a terrorist attack, but for some reason we are unwilling to punch in a few numbers to help protect ourselves.

Read more

Categories:

MiFi Pwned!

Wireless hacking Guru, Josh Wright,has just announced that he has created havoc with a MiFi personal access point.MiFi is a little device that turns 3G wireless signals into WiFi.  The cool thing is that the wireless signal can be shared with other nearby computers.  According to Josh, he has found a way that, "An attacker can recover the default password from any MiFi device." This is big news because anyone who is involved with wireless ne

Read more

Categories: