The Bad Guys are Getting More Organized. Are We?
by Dan Lohrmann, Lohrmann on GovSpace
Wed, 2007-03-07 15:27
Topic(s): | | |

  Something new is happening in cyberspace. I think the bad guys are getting much better and more organized. The question is: are we?

 Many people are blogging about these new trends. One of the best pieces on this topic was sent to me by Joel Weever.  Written by Michael St. Neitzel, the article is entitled: "Welcome to 2007: the year of professional organized malware development."

 His central theme is that: “Malware writers have noticed that they can gain large amounts of money from distributing malware.” He also discusses how playing defense is getting harder and harder – and he recommends going on the offense against these guys.

 A good general article from the BBC was written about this trend last October. “Spinning a web to catch a hacker”  goes into some details around honeypots and how they can help.

 One last article that I like on this problem came from the Tech Republic last  June. “Online threats outpacing law crackdowns,” describes how law enforcement is outgunned.

 There is no doubt that this is a growing trend. How do we respond? It calls for collaboration and working closer with others. I’m active in Michigan InfraGard and the Multi-State Information Sharing and Analysis Center (MS ISAC)  for these very reasons. If you’re in the private sector, I recommend looking into your local InfraGard chapter. You can see a national InfraGard map with chapters listed at their site.

 If you are a local government employee, there are state ISACs being set up around the country as well. Contact your state’s CISO. For example, if you’re in Michigan, you can get information on joining our ISAC  at our Michigan cyber website.

 Whenever bad things happen, it can become frustrating knowing who to call. Developing your contacts early is essential, and it’s helped me on numerous occasions. I encourage readers to join one of these organizations so we can battle the bad guys together. 

 Over the next few months, I’ll share some stories on how collaboration can solve problems that we can’t solve alone as security professionals.

» read more from Dan Lohrmann | post a comment
Ads by TechWords
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
* Denotes a required field
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

IS/IT Project Mgt. Credentials From Villanova - 100% Online

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

Rolling the dice with your security? Take the Self-Assessment Test now

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Configuration Assessment: Choosing the Right Solution

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Enabling Compliance with Converged Mainframe Security and Storage

The Case for Business Software Assurance ~ Securing Your Applications