Random Acts of IT Project Management

Project Management for Information Technology

Archive for the ‘Security’ Category

North Korea Web Attacks

Posted by iammarchhare on 9 July 2009

You’ve probably heard by now, but for the past few days, there have been cyber attacks of various websites in North Korea and the US.  On Yahoo! News, the AP reported “US officials eye North Korea in cyber attack” yesterday.  While the IP addresses do trace back to North Korea, it hasn’t been proven (although certainly speculated) that the N Korean government is involved.

The attacks over the long weekend affected the Treasury Department and the Federal Trade Commission,  Then on Tuesday, the attacks affected various government agencies in S Korea.  Other US departments affected were the State Department and a website for the Secret Service.  Attempts upon the White House web site at www.whitehouse.gov were also made, but only visitors from Asia experienced problems accessing it.

In a similar report today, “Official says 7 SKorean Web sites attacked again”, affecting both government and nongovernment sites.

It is thought that the attacks are in response to alleged S Korean participation in cyber warfare exercises conducted by the US.  N Korea is again claiming that S Korea is planning on an invasion N Korea.

It appears the attacks were all denial of service (DOS) types of attacks.

How long do you believe it will be before security becomes another PMI process area?

Posted in Security | Tagged: , , , , , , , , , , , | Comments Off on North Korea Web Attacks

Internet Explorer Back in the News

Posted by iammarchhare on 7 July 2009

Microsoft has taken the unusual step in posting a security advisory about a vulnerability in XP and 2003 Server machines running Internet Explorer.  It is being called the “zero day” vulnerability.  Microsoft issues security advisories (Yahoo! calls them “updates”, which is confusing) around the second Tuesday of the month, but it broke the pattern because of the seriousness of the vulnerability.  It did this before with the Conficker worm earlier this year.

It is an unusual vulnerability because all that has to occur is for a user using IE on the XP and 2003 Server platforms navigates to a website that has been hacked.  The user does not consciously download anything, but the trojan is downloaded onto the users machine, escaping detection.  The propensity for users to click on links in emails from associates means that it is fairly easy to get people to visit the hacked web sites.  And, just in case you are ready to jump on the “I would never do that!” bandwagon, there was also a story about the Bermuda weather website getting hacked yesterday.  While it doesn’t sound like the same virus, it goes to show the vulnerability of surfing the web.

There is a workaround available.  Of course, you could just switch to Firefox, a much better browser, IMO.

In the end, MS is recommending that all users implement the workaround, even for Vista, because “there are no by-design uses for this ActiveX Control within Internet Explorer.”

That’s sort of a scary statement, when you think about it.  When you read the description, it is even more problematic.  You end up disabling either QuickTime or limiting Microsoft Media Player’s ability to play AVI and WAV files.  Whatever happened to the good old days when multimedia couldn’t harm your computer other than running out of memory?

Be aware that the automated “Fix this problem” button on the KB will do the disable QT workaround.  So, if you deal with a lot of QT media, you may want to use one of the other workarounds.

Update: I tried the registry workaround on Vista, and the “Fix this problem” button does not work because the key doesn’t exist. So, I’m not sure why they are telling “all customers” to implement a workaround. Perhaps they mean “all Windows XP and Windows 2003 customers”?

Posted in Security | Tagged: , , , , , , , | Comments Off on Internet Explorer Back in the News