Howard Schmidt said: "I think that anytime a breach of security of any size, especially one that contains consumer private information causes executives to ask "Can this happen to us and if so how do we fix it" With the compliance issues taking a bigger role in corporate governance world wide I would expect this to continue to be a board room discussion which will increase security."
And just in time for the holidays, Guidance Software (a self-proclaimed leader in incident response and computer forensics) suffered a breach that will probably get a lot of people fired. The incident during which some 3,800 customer credit card numbers have been stolen, occurred on November 25th but wasn't discovered until December 7th. Did Guidance Software contact their customers immediately? No. In the age where even children use mobile phones, IM and e-mail, they chose to send out notices of the breaches via regular mail. Why? They claim people change e-mail addresses too frequently while the location of the offices stays the same. I guess they think these companies also change their phone numbers all the time. Even if they do, shouldn't they keep an up-to-date database with contact information?
To make things even worse, the company stored customer records in databases that were not encrypted and if that wasn't bad enough they also kept the three digit Card Value Verification (CVV) numbers despite the guidelines by MasterCard and Visa that prohibit the storage of the CVV numbers after a transaction and require the databases to be encrypted. The company says they didn't know these numbers were stored for a longer period of time. I don't know if this makes things better or worse.
Rootkits go mainstream
On October 31st Mark Russinovich posted an entry on his blog entitled "Sony, Rootkits and Digital Rights Management Gone Too Far" that sparked a media frenzy. Russinovich discovered that Sony was using a rootkit as a method of control for some of their CDs. Sony got under much fire as both privacy advocates and the users were raging against such vile control actions and started boycotting certain Sony titles, bad reviews were starting to show up on shopping sites and Amazon.com contacted their customers and offered them a complete refund if they returned the "infected" CDs. At least now the public is much more aware of certain problems.
F-Secure made an interesting t-shirt that shows just how much Sony is "concerned" about their customers.
Not surprisingly this year had thousands of pages filled with reports of various types of malware wrecking havoc. So, are things getting any better or just worse when it comes to virus outbreaks? "It seems better. In 2003 we had tons of large outbreaks. In 2004 we saw some. This year only a handful." says Mikko H. Hyppönen. "However, the transformation from hobbyist virus writers to professionals also means more targeted attacks. These stay under the radar and don't become front page news - the criminals don't want to end up on the front page. We're seeing less outbreaks - so the situation seems to be getting better. It's actually getting worse." he adds.
The most talked about virus of 2005 is certainly Sober which caused a lot of problems and disrupted e-mail traffic for both MSN and Hotmail. F-Secure cracked the code and learned how Sober activates. More than 20 variants of the virus have been found since October.
Other "popular" viruses in 2005 were Zafi.D and several variants of Zotob. When it comes to numbers, Hyppönen says the situation seems better: "All of these cases were smaller than cases like the Mydoom/Bagle/Netsky war or the Sasser outbreak from 2004."