After the RSA breach, there was a fair amount of debate over how much security fallout there would be, if any. As one security analyst told SearchSecurity at the time, “Good crypto works even if an attacker knows how it works.”
Now, however, it looks like the breach has claimed its first major victim: Lockheed Martin, one of the largest defense contractors in America. As Reuters reported, the company “is grappling with ‘major internal computer network problems,’ said one of the sources who was not authorized to publicly discuss the matter.” While not explicitly stated, it sounds like normal e-mail access is restricted among other disruptions.
Robert X. Cringely reported on the attack early on, without naming the specific company, and wrote that countermeasures were taken, namely in requiring another level of authentication:
It seems likely that whoever hacked the RSA network got the algorithm for the current tokens and then managed to get a key-logger installed on one or more computers used to access the intranet at this company. With those two pieces of information they were then able to get access to the internal network.
The contractor’s data security folks saw this coming, though not well enough to stop it. Shortly after the RSA breach they began requiring a second password for remote logins. But that wouldn’t help against a key-logger attack.
The good news here is that the contractor was able to detect an intrusion then did the right things to deal with it. A breach like this is very subtle and not easy to spot. There will be many aftershocks in the IT world from this incident.
A month ago, as SearchSecurity’s Rob Westervelt reported, that added layer of security was already of renewed interest, despite being a traditionally hard sell to security-stingy executives. Now with Lockheed’s surprisingly public example, it might just be a much easier upgrade to get approved.
When I first started out as a beat reporter covering mobile for SearchMobileComputing, it was an interesting time: The iPhone was relatively new, BlackBerry was the only true “corporate” phone, there were serious questions between whether Android or LiMo would win out, and Palm was still a decrepit if beloved classic OS.
I even wrote a gem called Six simple steps to killing the iPhone (ignore reg link and keep scrolling down), advice that’s not too embarrassing until the last one:
Step 6: Take a deep breath
Others disagree, but both Hughes and Gold say the iPhone hysteria is no different in principle from other phone crazes before it — the Sidekick or the Motorola RAZR, which was at one point ranked #12 in the greatest gadgets of the past 50 years but is now regarded as a mid-tier feature phone at best.
“Somebody needs to come up with something that’s really innovative, and then you’ll see loyalties switch in a second,” Gold said. “I think it’s probably going to be folks in the Far East: LG or Samsung, or maybe a Chinese company we don’t even know about yet.”
The point is, at the time, iPhones were just a flash in the pan. They’ve now thoroughly invaded the enterprise; early IT resistance has softened, to the point that it’s hard to find an IT vendor who doesn’t offer some sort of server management tools for the iPhone (I’ll give Gold some points for his “company we don’t even know about yet,” as Taiwan’s HTC has come from underground white labeled device maker to very public contender).
That’s the background I come from when I read Preston Gralla’s predictions that Apple’s enterprise growth isn’t sustainable, and why I think he looks at the right data, but draws all the wrong conclusions:
As you probably know, May was Networking Month at IT Knowledge Exchange. We’ve been busy covering Interop 2011 and all of the latest happenings in the networking world. So if you’ve found yourself as confused about your network as those wires over there, check out some of what we’ve been doing and what we think you shouldn’t miss compiled below for your easy digestion.
In Seattle, an upgraded 802.11n mesh network means the police department can keep a watchful eye on more of the city than ever before, without the need to deploy costly new fiber lines. And if things go well, the pilot project will be expanded from a few wireless routers powering six cameras placed on Columbia Center, Seattle’s tallest building, to a broad mesh network powering 180 wireless routers covering about two-thirds of Seattle’s downtown area.
As SearchNetworking’s Shamus McGillicuddy reports, this proposed network, which is contingent upon further grant funding, would not only drive networked video but also a host of other potential emergency services:
In that scenario, the Seattle PD would use the group of APs downtown to create a mesh network, so first responders from multiple agencies could access the cameras. The first mission of this expanded network will be to deliver IP video surveillance along the waterfront, but Moss said the network will eventually deliver a variety of wireless services for multiple government agencies.
“We’ll be deploying cameras along the waterfront, and those will have to be accessed with the MSR4000 units because we will have harbor units or fire department or Port of Seattle police accessing those feeds from the water. So we need something with a strong signal on the waterfront,” he said.
It’s important to note that the “two-thirds coverage” is wireless coverage, not video coverage. Currently, Seattle police have to daisy-chain two trucks within wireless hopping distance of each other, making coverage possible at “major events” where there’s some planned coordination involved, particularly when the police can tap into surveillance cameras of nearby parking garages and restaurants. The new network, however, would allow continuous video coverage, keeping a watchful eye on Seattle’s waterfront even when the foot patrol isn’t on the prowl.
Since IPv4 addresses have slowly but surely begun to run out, the Internet Society has arranged a day to test out the future, or IPv6 at least: June 8, 2011. With the air of someone foretelling the apocalypse, IPv6 advocates strongly urge users and to join the revolution and leave IPv4 behind. On the brink of its fortieth birthday, IPv4 is about to max out on the number of unique connections and devices it can safely track. Many companies have jumped on board World IPv6 Day in order to test and demonstrate the decreased hassle of adopting the newest IP version. Major organizations such as Cisco, Bing, Rackspace, Google, Yahoo!, Facebook, and Juniper Networks have signed on to participate in the worldwide test, offering their content over IPv6 for 24 hours (although some companies already offer such access, 24/7).
But big name supporters don’t have everyone convinced that this is the beginning of the IPv6 revolution. As the VP of IP engineering at NTT America, Dorian Kim, told Carolyn Marsan, the Internet “will be even more heavily NATed than it currently is, but life will mostly go on.” On the contrary, chairman of the Internet Engineering Task Force (IETF) Russ Housley fears a “very fragile Internet” will result if increased network address translation, as necessitated with IPv4, becomes the case.
A Short History of IPv6
Created by the Internet Engineering Task Force in 1998, IPv6′s primary purpose is to expand the Internet’s address space while adding autoconfiguration, network renumbering, and security through the IPsec protocol. The push for IPv6 adoption has included support from Google, Verizon, Comcast, and especially the U.S. government with its 2008 mandate that all agency networks to demonstrate the capability to carry IPv6 traffic. In July 2010, the Federal Acquisition Regulation changed, requiring government agencies to purchase only IPv6-capable systems.
Whether or not the public is ready, IPv4 addresses will almost certainly run out in the next few years (In fact, Asia’s registry, APNIC, has already depleted its normal reserves). Perhaps that’s what the Mayans meant with their 2012 warnings?
Beating Around the IPv6
If you’re struggling with the question of whether or not to deploy IPv6, there are several options to make transitioning from IPv4 to IPv6 easier, such as dual stacking, or running both protocols simultaneously in your network. Network address translation allows the sharing of one public IPv4 address across several users. But users are urged to not stop there. Tools such as OpenDNS’s IPv6 Sandbox allow networking professionals to get their feet wet, starting a full month before World IPv6 Day.
To check if your devices are ready for World IPv6 Day, visit http://test-ipv6.com/ before June 8, and for troubleshooting info, visit the American Registry for Internet Numbers (ARIN). Be sure to check with your devices’ manufacturers about upgrading operating systems, browsers, and router software to ensure you are ready to test out IPv6.
What’s keeping you from taking the plunge? Let us know in the comments section or send me an email at Melanie@ITKnowledgeExchange.com.
Some vendors and analysts content that the network just connects boxes and all you need is a tactical network, capable of addressing current business requirements and challenges. Cisco wants to debunk the myth that “good” is good enough for your business. Read this whitepaper to further debunk the myth of a “good enough” network.
As networking month continues, we continue to bring you guides on the best places to get information and insight from networking professionals. Thank you to everyone who recommended a blog to us (in the forums and on Twitter), and especially thank you to those who write these great blogs! Check them out and let us know which are your favorites (or if we missed any) in the comments section.
I was admiring Jeremy Stretch’s blog over at PacketLife on Twitter, and he responded to remind me that there was a whole community of great networking blogs. So I checked them out, and so should you. The full list is here.
Aaron’s Worthless Words: Don’t let the title throw you, Aaron Conaway’s 12 years of experience with “designing, implementing, and supporting aspects of the network from switches to routers to firewalls to load balancers” makes this blog a great go-to for in-depth explanations and insights into networking processes.
Ethereal Mind: Greg Ferro is a freelance Network Architect and Senior Engineer and Designer. He writes this blog as a way of giving back to the IT community, a guy after our own hearts! (He’s also on Twitter.)
Evil Routers: Jeremy has “designed, redesigned, implemented, configured, and managed large networks serving thousands of users” and has taught numerous courses on networking, security, and Windows Server. His expertise translates into mini-lessons and IT adventures in each blog post. He recently quit his job and outlines his reasons why as well as his passion for IT, which I’m sure many of you can relate to.
Fry Guy’s Blog: Jeff is a Cisco CCIE in Routing and Switching #22061. His blog covers all aspects of his adventures in networking, including book reviews and his conference schedules. Get mini-versions of his blog posts at his Twitter.
Other great networking finds…
Packet Maniac: This guy is a network engineer and architect with experience with packets and frames and Cisco equipment. He believes that “no network is too big or too small to conquer.” He’s also on Twitter!
Archimedius: Greg Ness “rants and rambles” about networking, security and virtualization.
Network Janitor: Kurt writes about all of the things he’s learned as a Network Engineer and as a guy studying to be one (CCIE and JNCIE). He specializes in design advice, building multi-provider and multi-technology network solutions, and IPv6 consulting. Check him out on Twitter as well!
The Networking Nerd: Tom Hollingsworth is also a Network Engineer who describes himself as a “voice/routing/switching/security nerd.” He’s currently studying for his CCIE, so wish him luck at his blog or on Twitter.
Where do you keep up with the goings-on in the networking world?
Wonder how Sony’s holding up after its recent data breach? It was another blow in the gut after March 11′s earthquake in Japan slowed production at Sony. Costs will only rise as the entertainment company amps up its security and begins to compensate its customers.
As Eric Holmquist told SearchSecurity.com in a Security Squad podcast, “It really is unfortunate that it often takes an event to get people to do things better.” So what do you do if your job goes beyond managing a network to renewing confidence in that network?
We’re making some headway in Networking Month with regular updates and ground coverage from Michael Morisy at Interop 2011. But you don’t need to travel to Vegas to get the latest in networking news; check out some of these Twitter feeds for regular updates, blog links, and one-to-one interactions with practicing networking pros. Did we miss anyone? Let us know in the comments section, send an email, or let us know on Twitter.
@packetlife: Follow for updates on his community PacketLife.net and his Lego adventures.
@mfratto: Mike Fratto wants you to know he’s not quite as grumpy as he seems. He also has ample knowledge in network computing, with focus on infrastructure and security.
@swackhap: Patrick Swackhammer has a cool name and knows his way around a network.
@corq: A self-proclaimed “network/sysadmin/security nrrd.”
@stu: This Wikibon researcher and analyst focuses on networking as well as virtualization and cloud computing.
@joltsik: He’s a blogger at the Enterprise Strategy Group, blogging about networking security among other IT topics.
@ahojmark: Follow for updates from CCIE #8525, a self-proclaimed “network nerd,” tweeting from Denmark.
@storageio: Greg Shulz has authored Resilient Storage Networks: Designing Flexible Scalable Data Infrastructures and other titles that contribute to the field of storage networking.
@ioshints: Recommended by @stu, Ivan Pepelnjak has been “designing, installing, troubleshooting, and operating large service provider and enterprise WAN and LAN networks since 1990 and is currently chief technology advisor at NIL Data Communications, focusing on advanced IP-based networks and web technologies. His books published by Cisco Press include MPLS and VPN Architectures and EIGRP Network Design.”
@CiscoPress: Follow for updates on the latest titles and resources for networking self-study materials.
@Juniper_World: Get updates on the networking industry and Juniper’s latest news.
@sonicwall: Get updates from the company that is “Relentlessly Engineering the Cost Out of High-Performance Secure Networking.”
Looking for the heart to proceed with your stumbling virtualization plans? The brains to figure out how to deal with unchecked proliferation? The courage to tell your C-levels that no, Amazon E3 isn’t the answer to all of life’s problems?