Last week we had two big news coming out, which for some reason, never got any traction in the main stream media or for that matter even in the mainstream technology world. The technology world in today's world is all about gadgets and Apple!
The two big news were related to Security breaches at two major corporation that supports a huge clientele and considered by some security companies as the pioneer in their vertical. I am talking about Comodo Security and RSA Secure ID.
Comodo Security is the major digital certificate authority and security software maker. The digital certificate is used by Google, Yahoo, Microsoft, Skype and Mozilla. Digital certificates are used to authenticate a website and facilitate encrypted communications between sites and their users.
The details are few and far between, but Comodo was able to trace the hacks of the digital certificate to a state-backed operation in Iran.. I hope they come forward and clarify the methods of claims and give details of it. If that claim is true - then I will be inclined to see the details that the hackers were able to leak out. Companies like Google were able to clarify that no digital certificates were compromised on their site. Yahoo was forthcoming in the information. They did acknowledge that their yahoo mail was breached. Now, this is a little bit concerning to me, as an individuals personal information was compromised. This can really jeopardize once's identity and in cases be life threatening. As far as Comodo is concerned - they have stopped the digital certification and fixing the certificates.
The second news coming out was the breach in the RSA Secure ID tokens. Now RSA secure ID tokens are two step identification and authentication process implemented by most fortune 2000 companies. The two-step authentication is considered to be the golden standard in security. RSA has issued a statement stating that no client information was compromised. I would like to believe them.
They have stopped issuing any more tokens and asked clients to lock down Secure ID management database that powers the tokens till they resolve the issue.
This brings us to one major point -- Are we really in to Cyber War here? Is the intent to hurt a country financially more advantageous then attacking them? Isn't it the irony that the country that pioneered the cyber technology is left behind in cyber warfare, outdated thinking, policies, and strategies that make them so vulnerable to losing any cyber contest with a hostile nation?
I hope we collectively create a plan and secured not only the critical information, but also make internet a safer place?
I hope they don't "butcher" it like they are doing with net-neutrality!
The two big news were related to Security breaches at two major corporation that supports a huge clientele and considered by some security companies as the pioneer in their vertical. I am talking about Comodo Security and RSA Secure ID.
Comodo Security is the major digital certificate authority and security software maker. The digital certificate is used by Google, Yahoo, Microsoft, Skype and Mozilla. Digital certificates are used to authenticate a website and facilitate encrypted communications between sites and their users.
The details are few and far between, but Comodo was able to trace the hacks of the digital certificate to a state-backed operation in Iran.. I hope they come forward and clarify the methods of claims and give details of it. If that claim is true - then I will be inclined to see the details that the hackers were able to leak out. Companies like Google were able to clarify that no digital certificates were compromised on their site. Yahoo was forthcoming in the information. They did acknowledge that their yahoo mail was breached. Now, this is a little bit concerning to me, as an individuals personal information was compromised. This can really jeopardize once's identity and in cases be life threatening. As far as Comodo is concerned - they have stopped the digital certification and fixing the certificates.
The second news coming out was the breach in the RSA Secure ID tokens. Now RSA secure ID tokens are two step identification and authentication process implemented by most fortune 2000 companies. The two-step authentication is considered to be the golden standard in security. RSA has issued a statement stating that no client information was compromised. I would like to believe them.
They have stopped issuing any more tokens and asked clients to lock down Secure ID management database that powers the tokens till they resolve the issue.
This brings us to one major point -- Are we really in to Cyber War here? Is the intent to hurt a country financially more advantageous then attacking them? Isn't it the irony that the country that pioneered the cyber technology is left behind in cyber warfare, outdated thinking, policies, and strategies that make them so vulnerable to losing any cyber contest with a hostile nation?
I hope we collectively create a plan and secured not only the critical information, but also make internet a safer place?
I hope they don't "butcher" it like they are doing with net-neutrality!
Comments
Post a Comment