Hackers breach grid, Conficker is lame, Obama's plan…

Posted by Robert Siciliano on April 10th, 2009

Robert Siciliano is a NextAdvisor.com Expert Guest Blogger

What a week. They say that if it doesn't kill you it makes you stronger. Lately, I've been killing my readers with lots of deadly data so I bet your security muscles are getting huge!

The security community has bombarded the media with fascinating claims of gloom and doom. (I'm guilty of it, too.) The hype hasn't entirely met the hyperbole. There have been no major catastrophic issues. The power hasn't gone out, and data breaches haven't occurred in the 3-15 million PCs that have been compromised by Conficker.

But that doesn't change the fact that there are still real problems that need solving. The security community and the media are getting better at discovering these new hacks, reporting on them and taking decisive action to fix them before they get worse.

For good reason, President Obama ordered a cyber-security review earlier this year. And he announced plans to appoint a top cyber-security czar, who will coordinate government efforts to protect the country's networks. This is a response to years of inaction, culminating in millions and millions of breached records by cyber criminals toying with our critical infrastructures and corporate networks.

The Register points out, "According to the Wall Street Journal – which cites unnamed national security officials – electro-spooks hailing from China, Russia, and 'other countries' are trying to navigate and control the power grid as well as other US infrastructure like water and sewage." That could get messy. Let's make sure the Cyber Security Czar gives the sewage situation his undivided attention. CNET reports that the Pentagon has spent over $100 million on its networks in the past 6 months in response to attacks on the government's computers. This is part reactionary and part proactive.

Wired reports that Conficker is now a lame spambot, selling fake Internet security software in the form of scareware. I'm going to shut up about Conficker, for the most part, unless this thing does something that impresses me.

Bob Sullivan points out today in "Why all the cyber-scares?" (as I did earlier this week) that, "Security experts use the term 'spreading FUD' – fear, uncertainty, and doubt - to criticize the sales tactics of firms that use hyperbole to scare customers into overpaying for security products. The Conficker incident appears to a be a classic example of FUD."

I'm all done with this week and I'm going to paint eggs.

For an Easter treat, identity theft speaker Robert Siciliano provides you with a hilarious rare glimpse of someone he loves walking for the first time. (I am human, you know.)

Robert Siciliano is CEO of IDTheftSecurity.com , an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of 2 books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Uni-Ball to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.