Who Is

watching out for you?

In today's world you need to understand a few more things...

Who Is

knocking on your virtual front door?

It could be someone down the block or from the Bloc

The most likely data theft threat you face

Robert Gonzalez (not exactly as shown)

11-June-2015 Textbooks, suits and ties make for bad security. 


According to Robert Gonzalez of Red Lambda the biggest problem with cyber security is you can have a dozen sensors and rules, yet at the end of the day no one understands the mind of the person on the other side of the keyboard.

“Most cyber security is completely misunderstood,” said Gonzalez. “It’s approached with a horrible suit and tie rigor in which everything is textbook.”

For example…

“Let’s say I’m looking to penetrate a company, for example a small credit union,” he said. “I’m not going to sit outside and brute force my way in. That’s crazy. I’m going to apply for a job at a low level, either there or someplace close by with an association to the institution, so I can get into the data.  Once inside I’m going to go through a very down to earth, simple process to exfiltrate their data. Then I’m going to move it.”

It’s true that many nefarious breach attempts happen from the inside.

“Exfiltrated data from the inside is the biggest problem in cyber security today,” said Gonzalez. “Especially when moving data out of an organization. The real money exists when targeting from inside the organization.

“Let’s say I have a USB key and bring my tools with me. I’m running say, Tails on it. I launch my I2P relay, I launch my Tor, and I’ve just created a circuit. Nobody on the inside is going to be able to detect me. I can launch a bowser and they won’t see me, because I’m already inside.”

Then what? Will he sell their mutual funds? Short their stock?

“Once I move the data, I’m going to stick it where it can’t be found,” Gonzalez said. “If I’m getting paid by someone, yes I’m going to use I2P and Tor. But you can be sure I’m not going to broadcast it, and my buyer is going to download that secretly, without anyone knowing. Why? Because I was able to walk out with all that data on a USB key, extracted from that organization.”

The I2P network is an anonymous deep web platform intended to provide total anonymity for its users. Tor is free software and a network designed to defend against traffic analysis.

“The reality is Tor itself is tiny – 7,100-10,000 sites,” said Gonzalez. “If I want to preserve my anonymity, and I’m going to sell this data, I’m going to fire up my I2P relay and Tor, and put it someplace where only my buyer can access it. What’s the point of advertising myself on a Tor site if I want to remain anonymous?”

So to stop him from walking out with that data you have to catch him before he leaves, because once he puts the stolen data on Tor and I2P it’s out in the wild. This kind of theft happens regularly and it doesn’t get reported… often because nobody at the victim organization is even aware of the theft.