Super Bowl “Digital Deflategate” is Not Just Air

When we think of large entertainment venues and events, it’s not just ticket fees and concessions anymore. Sporting is entertainment and this year’s Super Bowl LI (51) is one of the most complex, technologically orchestrated events in the world; ranging from tablet-based play books to RFID wearable sensors on players sending real time performance data…

Dyn DDoS Attack – How IoT Can Take Down the “Global Information Grid” Backbone (Part II)

Authored by Nick Murray, Demetrio Milea, Peter Tran and Davide Veneziano In Part I, How IOT Can Take Down The “Global Information Grid” Back Bone, we discussed the mechanics of DNS in context of the Dyn DDoS attack. In Part II of this blog, we will dive a bit deeper into the anatomy of the…

The Dyn Attack – How IoT Can Take Down the “Global Information Grid” Back Bone (Part I)

Authored by Nick Murray and Peter Tran Imagine that you are driving through downtown New York City (NYC) and only relying on your GPS for directions. All of a sudden, the GPS stops working and you are stuck in mid-town Manhattan traffic during rush hour. If you have ever tried to drive in NYC, you…

Summer’s Over: Spies go Back to School – Part I

As college and university students prepare to begin another school year, we see them as future entrepreneurs, computer scientists, engineers, politicians and civic leaders.  To add a twist, some of these students will also be our future digital hacktivists and cyber criminals. Take for example Carnegie Mellon sophomore Morgan Culbertson who was recently linked with…

Is There a Cyber Doctor in the House?

Given the increased complexities and sophistication of cyber adversaries today, the demand for skilled IT security practitioners has outweighed the supply —  particularly those skilled in security operations, intelligence, data analytics and forensic analysis. Drawing parallels to healthcare, increases in medical device, imaging, research/development and clinical care has involved much the same way. These advances…

Remedies for SOC Enterprise Amnesia

In my last post, I discussed a common syndrome experienced by many organizations called “SOC Enterprise Amnesia” whereby the most valuable data (intelligence) gleaned from events/incidents is flushed and forgotten as operational fatigue sets in while the volume of security control and instrumentation data continues to overwhelms the operators field of view. The outgrowth of…

Putting Threat Intelligence to Good Use

In recent blog posts I discussed the concept of Switch Targeting and the fundamentals of how adversaries use seemingly trusted hop points as vectors in and out of primary targets.  I also introduced the concept of R3 or (Readiness – Response – Resiliency) based on my experience in the field helping organizations position themselves to…

The “Switch Target” Part II – The Three “R’s” of Cyber Defense?

By Peter M. Tran, Senior Director, RSA Advanced Cyber Defense Practice In Part I of my post on Switch Targeting, I discussed the fundamentals of how adversaries use seemingly trusted hop points as vectors in and out of primary targets similar to how bank robbers target, stage and execute their robberies. Now I want to…

The “Switch Target” Part I – Why Me?

By Peter M. Tran, Senior Director, RSA Advanced Cyber Defense Practice  Conventional computer network defense (CND) concepts in the past 10 + years introduced practices such as adversary “beach head, pivot point, lateral traversal, command/control” analysis for passive cyber defense. If I don’t see it on my network, then I must not be a target…