Conversations On Cybersecurity: The Trouble With China, Part 2

You might also want to read Conversations On Cybersecurity: The Trouble With China, Part 1.

Alan Paller: Don't let them in.

When we left the attorneys, in the last installment, they were wondering just how the cyber industrial spies had gotten into their computers.

Alan: I don’t know how your intruders got in, so I’ll show you how an average intruder gets in. His first step would be reconnaissance where he uses the Web to find your IP addresses – the electronic tags that allow other computers to send information to your computers – and the names of the managing director and other senior partners and the structure of email addresses  like First.Last@lawfirm.com, or FLast@lawfirm.com, or something else. That information would probably allow the would-be intruder to spoof email (send mail that appeared to come from the managing partner to other people in the firm).

Attorneys: Slow down! Too much jargon.
Alan: Ok, let’s go back up to 10,000 feet. The intruder wants to get someone in your firm, who has powerful access to your computers – either a senior partner or the system manager or administrators – to open a back door for them through which they can steal all your data. Does that make sense?

See the rest of this item at: http://www.forbes.com/sites/ciocentral/2012/02/05/conversations-on-cybersecurity-the-trouble-with-china-part-2/