Securing a Happy Valentine’s Day
People approach security much the same way they do love. Some are romantics. Others are realists. To celebrate Valentine’s Day, here are inspirations by Tenable’s team of security experts.
by Jack Daniel, Technical Product Manager
Valentine's Day is supposed to be a day celebrating love, but I ask organizations to celebrate by not loving their security environment. Love means overlooking the little faults, finding odd behaviors endearing, and certainly not looking to upgrade. That sounds too much like what we already see in problem environments and is the opposite of what we need to secure our systems and networks. We need to find and root out faults and inconsistencies, and continuously improve ourselves and our systems. But it's still cool to pick up flowers (or better yet, bourbon) on your way home.
Ode to Syslogs
by Marcus Ranum, CSO
It's been 28 years, and syslogs are still as beautiful and interesting as the day I first discovered them. For being there when I needed them, and standing by me in my dark hours, I will always love my logs.
The Quest for APTs
by Ron Gula, CEO and CTO
The hunt for malware on your network is not unlike a quest for love. We look in all the usual places to find something interesting, not knowing exactly what we are looking for until we find our ideal match. You might have a phone number of a person you want to meet and this is much like having an indicator of an IP or a hash to find some malware. Finding real evasive malware that doesn’t fit any of your indicators is also like the unexpected sparks that fly when you meet that special someone for the first time. So while you are writing Valentine’s Day cards to your auditors and your CIO, don’t forget to leave a note in a README file somewhere on your network for the malware writer who you know is on your network, but you haven’t found yet.
Show Your Router Some Love
by Paul Asadoorian, Product Evangelist
My Valentine’s Day security thoughts are deeply rooted in embedded systems, specifically those found on almost every high-speed Internet connection. Attackers are reported to have compromised these systems, and turned them into port scanning machines, looking for port 80 and 8080. There is a long history of reported vulnerabilities, and associated attacks against routers used by many to protect their home Internet connections. The scary thing is that they often go unpatched, as firmware updates must be applied manually, and the typical home user is not aware that firmware updates even exist. So, this Valentine’s day, show your routers some love, change those default passwords and update your firmware. Your router will love you back in return.
Users Complete Me
by Space Rogue/C. Thomas, Technical Manager
It’s all about the users. We forget that sometimes. We protect our networks and our data, erect firewalls, conduct audits, examine logs, and install patches. Why? It’s our users. Deep down we really do love them. Yes, they choose weak passwords, they click on stuff, and they use their phones to connect to every WiFi network they see. But we still love them. We try to talk to them about SSL and they give us that oh-so-cute, deer-in-the-headlights look with their "But, but, Instagram...," reply. Sure, sometimes they forget their password, for the fifth time, this week, and yes we get angry with them. We complain to our other infosec friends about just how clueless our cute little users are but once in a while we get a suspected phishing email reported to us before they clicked on anything and well, that just makes it all seem better. So this Valentine’s Day, despite our cold curmudgeonly hearts, and those disapproving looks when you told us your computer was running slow, we want you to know, we do love all of you users. You are why we are here.
Don’t Share with Friends and Family
by Kenneth Bechtel, Malware Research Analyst
Today the majority of malware infects via drive-by downloads. That means infection by visiting compromised legitimate websites or clicking links distributed with social engineering in mind. When clicking that link on your favorite social network or email, ask yourself: “Does this sound legitimate, is it something the poster would normally post or say? Is it something cryptic—‘You'll never believe what happened next’?” Are you expecting an invoice from that company you never heard of? Why risk your computer and your online reputation? A little common sense still goes a long way. Your friends and loved ones will love it when you DON'T share malware infections with them, they may appreciate this advice as well.