Share

Related Links

Related Stories

  • FBI to roll out its super-Google search engine
    The N-DEx search engine, which the FBI revealed back in 2008 as a means for US law enforcement agencies to carry out Google-style searches on multi-agency databases, is about to go live in the US.
  • FBI identifies major Russian spam oligarch
    Reports are coming in that the FBI has identified a 23-year-old Russian as the lynchpin behind the infamous Mega-D botnet, which has been responsible for as much as a third of all spam generated around the world.
  • Suspected Mariposa botnet author arrested
    A 23-year-old Slovenian man – thought to be the author and creator of the infamous Mariposa (butterfly) botnet – has been arrested by Slovenian police, working in concert with their colleagues from Spain and a team from the FBI.
  • Estonia now firmly on the FBI cybercrime map
    The importance of Estonia, one of the most Internet-connected and e-trading nations on earth, has ramped up a notch or two with the FBI, which has announced plans to station a cybercrime expert and his/her team in the country later this year.

Top 5 Stories

News

Data on the internet is permanent after 20 minutes

21 April 2011

According to Ed Gibson - EdTheFed on LinkedIn - data that is posted on the internet should be regarded as permanent after 20 minutes, even if the originator has deleted the file.

Gibson, former head of cybersecurity with Microsoft and director of security with PWC Global, said that this is the approach the FBI now takes with internet-posted data, owing to the fact that the data is cached.

"Facebook is the elephant in the room on this front", he said, adding that the advent of web 2.0 services has changed the fed's take on the internet.

"Undergraduates are living and working in a different world to you and I. They live the internet. But they get an awakening after they apply for a job and the first thing their potential employer does is to check out their social media pages", he explained.

Gibson was speaking at Counter Terror Expo in a presentation entitled "Securing cyberspace in an era of global connectivity" and added that, because a growing number of users tap services like Facebook for their email - rather than conventional email services - the whole transaction is effectively in the cloud.

The problem with this, he says, is that networks are not secure any more and, with people scraping data and cybercriminals creating new rogue domains by the thousand - without any form of supervision from the authorities - users have turned in a band of yes people.

"We say yes to end user licence agreements. We scroll down to check boxes. We just get our jobs done, but without giving thought to what information is on the internet, or who originates it", he says.

And when smartphones enter the frame, Gibson says the problems of data security really start to rear their head, with few smartphone users giving any thought about the origin of the free apps they are downloading and installing, and who created them.

"Are we a frog that doesn't realise the water it is in is starting come to the boil?", he said, adding that a lot of suspicious web sites are now being hosted in a World War II bunker about eight miles off the NorthEast Coast of England, namely the Sealand operation.

And then there is the problem of the Anonymous hacktivists, said Gibson, noting that a lot of internet users are now allowing their spare broadband capacity to be used for DDOS attacks and the like by Anonymous.

So what is the solution the malaise of security on the internet?

Gibson advises users of all types to scan their systems using the Secunia web site by using the search box on the web site to analyse the security of the many applications that users have on their machines.

"You might [also] have a copy of Vista - the most secure operating system from Microsoft - on your PC. It's secure owing to its use f the User Access Control (UAC) option. But you still need to verify the security of the 70 to 90 apps that a typical desktop user has on their Windows machine", he said.

This article is featured in:
Data Loss  •  Malware and Hardware Security  •  Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×