SecurityIntelligence is another division of MalwareIntelligence that focuses on aspects related to Information Security. The proposed content related to security issues and aspects relating to the management and administration of an information environment.

June 15, 2011

The Art of the Cyberwar

The development of new technologies, in catching up with military interests and dependence on existing technology by developed countries, sets up a scenario where the cyber war, or war in cyberspace, is becoming more important.

All countries aware of the risks of such dependence developed defense programs against attacks that could jeopardize critical national infrastructure.

On the other hand, developing countries and major world powers are training computer security experts in various techniques of hacking, cracking, virology, etc.., forming true experts in cyber warfare, called cyberwarriors.

That does not fit anyone doubt that the future wars will not be determined or land or sea or air, but in cyberspace. The soldiers do not carry weapons or shields, but knowledge and deploy applications that war virus, disabling the enemy's critical systems that are technologically dependent.

This is the scenario where the world is moving now, a scenario of technological dependence, where countries with more traditional military strength will be losing ability to war for countries with highly qualified in computer security and cyber techniques.

This essay is intended as a point of reflection and knowledge about cyber warfare, on the present philosophy of Sun Tzu in the Art of War, and adapt their knowledge to technological scenario which we live and live, so we can get a modern compendium: The Art of Cyberwar.

Version in english
Version in spanish

Ver más

February 21, 2011

New whitepaper about Carberp Botnet

Is available a new whitepaper that describes the operation of one of the botnets "wanted" by the security community: Carberp.

The article, called Inside Carberp Botnet and written by Francisco Ruiz, Crimeware Research of MalwareIntelligence, details the different parts of this crimeware, leaving evidence of its full operating mode.

In recent weeks, has returned to Carberp impact due to the revival of several of his former C&C. However, experts believe MalwareIntelligence have concrete evidence that would demonstrate that in fact the original group that was behind the first generation of Carberp is broken, and that some of the new botnets that spread banking trojan Carberp are managed through a modified version of the original.

MalwareIntelligence have a Carberp Working Group, responsible for private research and demand of this particular threat. In the main blog, Ruiz also said that a botnet Carberp private market in a very closed environment, but since a few days ago, the marketing model has been released, giving some details of its current features and costs.

Ver más

August 31, 2010

Computer Attacks. Security weaknesses that are commonly exploited

A computer attack is to exploit any weakness or failure (vulnerability) exists in a program (operating systems and applications on this) in the physical components that make up the information environment, and even in people who use these resources.

The aim is, somehow, get information that can then be used for fraudulent purposes to benefit themselves from the offender. In general the benefit sought is economic in nature, causing a negative effect on the safety critical system, which then directly affects the organization's assets and result in loss of money.

This document provides a quick overview on these weaknesses, combined with possible countermeasures under which you may invoke to prevent effectively the different types of attacks that a system receives daily.

English version | Spanish version

More White papers in MalwareIntelligence web site.

Ver más

June 10, 2010

Computer Security or Information Security? What are we talking about?

Usually receive consultations in which, conceptually speaking, there is a notable confusion about the difference between computer security and information security. Therefore, we will try to clarify the issue in question.

While both issues are complementary and interact constantly in computer systems, the truth is that they have different aims. For one thing, computer security is responsible for protecting computer systems, the latter being understood as a combination of information, computers information and support people who use it. Basically, everything is in a computer environment.

While, Information Security is a much broader process involving not only the protection of information stored in computer systems but also ensures the information without discrimination where it's. In other words, information security goes far beyond its purpose is to safeguard the information, regardless of the means by which circulates or the place where it's stored.

Information is a "significant" assets that can be stored in different ways, in different ways and through different channels, not only can be stored digitally it can also be printed, written on paper in hand.

Not limited to these forms but can also be found in films, recordings, using the spoken language (conversational) and even the memory of people. Besides being able to be transmitted through various means, be they conventional communication channels (analog) or late-generation (digital).

Regardless of the character to take the information, it collects or spreading, should be adequately protected to ensure at all times the confidentiality, integrity and availability of data.

Therefore, the main goal in information security is just a way appropriate to protect the information, preserving a number of basic parameters for the assets (anything that can be measured through a cost) can be considered safe and secure, minimizing potential damage from any eventuality that may impede the normal operation of the organization.

Ver más

June 06, 2010

Some words about Information Security

Organizations are increasingly dependent on their computer networks and a problem affecting them, no matter how small, can compromise the continuity of operations, a situation which inevitably results in economic loss.

An increasing number and complexity of new computer attacks, becoming more specialized skills whose goals are an economic nature for the benefit of the attackers also in the midst of this variety, have been increasing disrespectful actions of privacy.

In addressing the issue on Information Security, a common tendency to scan only the aspects of computer media (backups, maintenance of computers, servers, networks, etc.), All aimed at ensuring that information is available, ignoring other aspects that must be addressed because they keep the same level of criticality, such as confidentiality and integrity of data and services.

It's important to note that the human factor covers over 90% of security and that the remainder consists of the technological aspect. Therefore, overconfidence and lack of awareness are the main problems.

Keep the information protected is equivalent to keeping it safe to threats to its functionality, either corrupt, improperly accessed, removing, and even stealing information.

Therefore, information security is to protect the information of an organization preserving and protecting three basic parameters: confidentiality, integrity and availability.

In the first of which seeks to ensure that only authorized persons have access to information. If the information is confidential should not be disclosed because the loss of confidentiality equivalent to the loss of secrecy. Furthermore, the more valuable the more information should be its degree of confidentiality and the greater the degree of confidentiality, the higher the level of security that must be implemented.

For its part, the integrity of the information ensures that data will not be altered, removed or destroyed by unauthorized entities, preserving completely with the methods used for processing. If the information is altered then it loses integrity.

Instead availability ensures that authorized persons have access to information, and its associated resources whenever they need it. The availability involves not only information but also all the physical and technological structure that allows access, transit and storage to ensure it arrives in a timely manner.

These three key areas form the main column of information security, and constitutes the essential mechanisms to ensure confidence in the business processes so they have the desirable situation for any organization.

"The information security is achieved by implementing a set of controls that include policies, practices, procedures, organizational structures ... depending on what you are trying to protect." 

However, every implementation must provide a balance between use and transparent maximum safety, all at a reasonable cost.

Ver más