Monday, December 1, 2014

How to do Negative SEO for Reputation Management or to Kill your Competition

This isn't exactly a cyber security topic but protecting your website is and this could be something that is happening to you. First off, what is negative SEO? In April 2012 Google launched an algorithm called penguin. From that moment foward, negative SEO was born. You could now build spam links to your competitors or to knock out undesirable search results for managing your brands reputation. It wasn't just this algorithm Google launched that made this possible, but this was the beginning of several anti-spam black hat SEO algorithms released. You can see a full history at moz right here.

In October 2012, Google who had all along said in no uncertain terms you can't be hurt by negative SEO, released a disavow tool. This now made it possible to get rid of unwanted links that point to your website. You would think negative SEO is dead, right?

Think again..

Wednesday, October 15, 2014

Students and Surveillance

Below is a text summarization of this excellent article:


Instead, FERPA threatens to take federal funding away from schools who are found to have breached student privacy while it fails to mandate bare minimum security standards for the storage and transmission of student data. Though lawmakers and privacy advocates are regularly outraged at the immense volume of student data freely floating through the web, the repeated failure to create legislation that protects student data from being used for profit is astounding. In the case of Securly, the first filtering tool designed for schools, the controls set by IT and administration for web access can extend far beyond the walls of the school and determine what content students can access while using school- issued machines from their home internet connections.

Friday, May 30, 2014

Wednesday, May 7, 2014

An Insider Attack on the eCommerce Industry

An Insider Attack on the eCommerce Industry
CYBR650 Research Paper

Glenn Ford and Zack Rich
UMBC Cybersecurity M.P.S.
CYBR650 - Managing Cyber Operations
Dr. Robert R. Romano
April 29, 2014

An Assessment of Cybersecurity Environment in Russian Federation

An Assessment of Cybersecurity Environment in Russian Federation

Glenn Ford, Timothy Casassa, Zack Rich

Friday, March 28, 2014

Ransomware Challenges Posed by Cyber Criminals

Ransomware dates back to 1989 with the AIDS Trojan, which would modify the autoexec.bat file and once a computer booted 90 times the malware would begin to hide directories and encrypt the names of all files. It would then prompt the user to renew their license and contact PC Cyborg Corporation for $189.00 payment. This had to be sent to a P.O. Box in Panama (Smith, 2002). Today the number of unique new samples of ransomware malware is almost 250,000 in the first three months of 2013. This has doubled from the first quarter of 2012. Even more troubling is the reported number of infections. The visibility on infection data is limited because client machines share detection only with McAfee. There are two main reasons for the increased popularity of Ransomware: (1) Cybercriminals have easy access to anonymous payment systems, such as bitcoin; (2) There is a thriving underground market that helps with pay-per-install services on pre-infected computers, such as Citadel. Cyber criminals can also easily purchase ransomware kits, such as Lyposit, from the underground markets (McAfee Labs, 2013a, p. 12).

Friday, March 14, 2014

Was Edward Snowden Duped (Socially Engineered) By Russia?

I was recently talking to a high level executive who does a lot of work with the 3 letter agencies and he made some interesting comments. He said, and I paraphrase, "I feel sorry for Snowden." I asked why is that and he replied, "Because Russia tricked him into thinking he has done the right thing."

This got me to thinking about some other remarks I have heard, most recently in an NBC Meet the Press Interview..

Mike Rogers, The House Intelligence Chairman, said Snowden was “a thief whom we believe had some help”.

Mr. Rogers (not funny!) went on to say, "...the vast majority had nothing to do with privacy. Our Army, Navy, Air Force, Marines have been incredibly harmed by the data that he has taken with him and we believe now is in the hands of nation states.”

Thursday, March 13, 2014

Key Features of U.K. approach to Cyber Security

    The U.K. internet economy accounts for 5.7% of the total U.K. GDP. Looking at the two major sectors of the U.K. internet economy, the value chain is 2.6% and e-commerce is 3.1% of the GDP. The monetary total is estimated to be at £82 billion. Every £1 spent on internet connectivity supports another £5 spent in other channels as part of the U.K. ecosystem (Page, 2012).  Given these factors it is clear the nation's overall economy is now reliant on the internet economy.

The U.K. Department of Business, Information and Skills (BIS) commissioned a survey in 2013 with PricewaterhouseCoopers to determine the impact cyber attacks may be having on businesses. The survey found 93% of large businesses (250+ employees) have had a breach in the last year. Of the Small businesses (1-49 employees) surveyed, 87% reported breaches. Even more frightening was the large businesses averaged 133 breaches and the small businesses 17. The worst breaches cost £450,000 - £850,000 per attack on large businesses and £35,000 to £65,000 per attack on small businesses. However, the survey also shows that 36% of breaches were human error related and lack of security training and awareness was often to be at fault (Charlton, 2013).

Key Features of U.S. approach to Cyber Security

Cyber Security has become a focal point of national economic and security concern. On February 12th, 2013 President Obama signed Executive Order (EO) 13636: Improving Critical Infrastructure Cybersecurity. The EO sets the foundation for developing a framework in which private sector companies of critical infrastructures and the government share information and work together to prevent cyber attacks (White House, 2013). Even before this executive order there has been work done by various national agencies to help define and strengthen the nation’s cyber security, a few of which are discussed in this paper.

Wednesday, February 12, 2014

AMG Enterprise Security Plan - A Fictious Scenario for CYBR 620

My notes on this paper: Our group was assigned with developing a security plan for a fictitious company. We were not to worry about budget, but were asked to be as comprehensive as possible in the given maximum paper length. This is not a research paper so there are no citations/references except a few exceptions where we quotes ideas from our professor for this project. I'd love to hear feedback from you so please post a comment, email or tweet me. --Glenn Ford

AMG Enterprise Security Plan
Glenn M. Ford, Aaron S. Cameron, Michael J. Park
UMBC at Shady Grove

Executive Summary

AMG Enterprises is an American owned e-commerce company headquartered in Rockville, Maryland. As a company with sales in 22 countries, annual revenue of $61 million (U.S.) in 2012, 97 employees and patents and other intellectual property, AMG is under constant attack by criminals and other hackers. Protecting employees, facilities, equipment and data offers a myriad of challenges. The Confidentiality, Integrity and Availability (CIA) of AMG information is critical to the continuity of operations and to the trust placed in AMG by their customers and vendors. AMG has a comprehensive security plan and has implemented policies, procedures, countermeasures and the operational model of security to ensure the protection of all company assets, as it pertains to physical, network, operational, personal and wireless security. AMG’s headquarters was custom built with security as a top priority. AMG’s policies were drafted to ensure security throughout all aspects of operations. No expense has been spared in deploying countermeasures to meet all threats both now and in the foreseeable future.

Problem Overview

As an ecommerce online business, AMG has an online reputation and brand recognition to maintain. If this reputation is tarnished company growth can be severely degraded. Our customers have complete confidence and assurance that AMG is providing quality products, customer service, and security of all client information.
At the center of this problem is protecting the CIA of AMG Enterprises assets. These assets include: online reputation; brand recognition, client and company information, buildings, inventory, hardware, proprietary software, personnel and overall organizations information technology (see Information Technology Organizational Chart, Appendix G, Figure 1). The cybersecurity threats of data breach and/or threats, denial-of-service (DOS) attacks, insider theft of intellectual property, deliberate corruption of electronic files from hacker attack or malicious attacks including worms and other means are all security problems this document hopes to solve with security policies, procedures and standards and the Countermeasure Triangle (The People, Policy, Technology Triangle; see Appendix H, Figure 2).

Wednesday, February 5, 2014

BYOD Consumer Demand and Information Security - CYBR 620 Research Paper by Glenn Ford

My Notes on this paper: This is a MDM/BYOD paper I did for Cybersecurity Masters Program, CYBR 620 at UMBC Shady Grove campus.  The paper was to discuss problems and possible solutions with BYOD MDM. This paper was in APA format, with a few professor requested differences, but obviously posting to Blogger I lost some of the formatting. I'd love to hear feedback from any security people (or non-security for that matter).  I was very limited on the space allowed to write on this topic.  I know it could have been 100-200 pages and still not cover all the issues.  Please take that in mind when reading. In a related field?  Connect with me on LinkedIn --Glenn Ford

BYOD Demand and Information Security
Glenn Ford
UMBC at Shady Grove

Executive Summary

Having a BYOD policy without the proper security, device management and monitoring, and a positive user experience can put the enterprise at risk. Information can be monitored or leaked, devices and mobile infrastructure could enter into in an untrusted state, and users become frustrated and paranoid with the use of their device in the workplace. If the enterprise fails in their BYOD plan they will be at a competitive disadvantage for their current workers and ability to hire top talent.
Mobile security risks as well as threats by agents pose an ever growing and complicated problem to the information security of a mobile enterprise. Having the device compromised by authorized or unauthorized users or resources on the device, man in the middle, or end points compromised will lead to information being monitored or leaked. Other attacks such as DoS are at issue as well. Protecting the confidentiality, integrity and availability of the mobile device and infrastructure is at the core of mobile security. Mobile device management, monitoring, and user experience that can work across many platforms and be scalable also pose challenges. With BYOD users, privacy of the user’s personal assets is a great concern.
By providing security through defense in depth there is a known understanding that any single solution may have vulnerabilities but by applying layers of security there are levels of redundancy to increase security. Specific layered security solutions from the moment the device is turned on until the device is powered off are discussed. Solutions are discussed for the supply chain and physical security of the device. Combining the discussed critical solutions in a security policy such as transient authentication and FIPS 140-2 for data protection, dual layer FIPS 140-2 encryption for data in transit, and web based non-resident data only for sensitive information.
With 4 in 10 enterprise level organizations having had a BYOD related security breach, there needs to be fast response to solving the problems in the immediate future.