Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Help us Leap Ahead

Published: 2008-08-30
Last Updated: 2008-08-30 17:18:15 UTC
by Marcus Sachs (Version: 1)
0 comment(s)

Readers, we (the Internet Storm Center) were asked to help with a project to find a few game-changing ideas in cyber security. We've been asked to seek ideas from our global readership - that's you - for technology (or non-technical mechanisms which are made possible through technology) which can be deployed over the next decade to change the cyber game into one which the good guys can win.

Unlike many research agendas that aim for steady progress in the advancement of science, this project seeks just a few revolutionary ideas with the potential to reshape the landscape.  Also different is that the project targets a time horizon of about a decade from now for palpable impact, so along with the new concepts we must also describe the strategy that brings those ideas to fruition.  In other words, they are looking for ideas that can be developed quickly and will show results within the next ten years, but they also need a strategy for getting the idea into use.

Exploring the problem through a "game-changing" metaphor to stimulate new thinking, they are looking for ideas that change the rules of the game, change the stakes, or change the game board.  So we are looking for a couple of candidates for the big idea.  Do you have any ideas?  If so, send them to us via the contact form and we'll post them here for others to see and discuss.  Please keep your idea brief, don't worry about the details for now.  Just what is the technology (or non-technical mechanism made possible through technology) that you think might change the game?  However, do start thinking about how your idea would be carried out and what roadblocks might prevent it from being deployed.

Marcus H. Sachs
Director, SANS Internet Storm Center
 

Keywords:
0 comment(s)

Here we go again - Hurricane Relief Sites

Published: 2008-08-30
Last Updated: 2008-08-30 16:34:15 UTC
by Marcus Sachs (Version: 1)
0 comment(s)

Remember three years ago when hurricanes Katrina and Rita hit the US Gulf coast?  On the day Katrina hit New Orleans hundreds of donation sites appeared online, many if not most were scam sites.  Well this time around it looks like the people who like to register domain names in anticipation of a storm's arrival have already started registering them for Gustav and Hanna.  I'm not suggeting that they are up to no good, but simply pointing out that the rush has started and we need to make sure our users are aware of the potential for scam sites appearing online in the next few days.

For example, these domains were registered in the past 24 hours according to Domain Tools:

aidforgustav.com
gustav-recovery.com
gustav08.com
gustavcharities.org
gustavcharity.org
gustavcontractor.com
gustavdonation.org
gustavdonations.com
gustavdonations.org
gustavfund.org
gustavjamaica.com
gustavsecurity.com
gustavsupport.com
gustavupdates.com
gustavvictims.com
gustavvolunteers.com
hurricanegustavrecovery.com
hurricanegustavresponse.com
isurvivedgustav.com
killergustav.com
officialhurricanegustav2008.com
reliefforgustav.com
trackgustav.com
trackgustav.net
victimsofgustav.com

I checked several of them and the sites i viewed are just parked with a "for sale" sign on them.  Nothing wrong with that, but it's only a matter of time before the "donate here" buttons start showing up.

Marcus H. Sachs
Director, SANS Internet Storm Center

Keywords:
0 comment(s)
Diary Archives