Showing posts with label statistics. Show all posts
Showing posts with label statistics. Show all posts

Thursday, February 19, 2015

Elevating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Discussion on Security Incidents

I am not a fan of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way many media sources cite "statistics" on digital security incidents. I've noted before that any "statistic" using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 terms "millions" or "billions" to describe "attacks" is probably worthless.

This week, two articles on security incidents caught my attention. First, I'd like to discuss cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 story at left, published 17 February in The Japan Times, titled Cyberattacks detected in Japan doubled to 25.7 billion in 2014. It included cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following:

The number of computer attacks on government and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r organizations detected in Japan doubled in 2014 from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 previous year to a record 25.66 billion, a government agency said Tuesday.

The National Institute of Information and Communications Technology used around 240,000 sensors to detect cyberattacks...

Among countries to which perpetrators’ Internet Protocol addresses were traced, China accounted for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 largest share at 40 percent, while South Korea, Russia and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 United States also ranked high.

NICT launched a survey on cyberattacks in Japan in 2005, when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 number of such incidents stood at around 310 million. The number rose to about 5.65 billion in 2010 and to 7.79 billion in 2012.

25.66 billion "computer attacks"? That seems ridiculous at first glance. Based on observations from "around 240,000 sensors," that's over 100,000 "attacks" per sensor per year, or nearly 300 per sensor per day. That still seems excessive, although getting closer to an order of magnitude that might make sense.

You might find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 trend line more interesting, i.e., 310 million to 5.65 billion to 7.79 billion to 25.66 billion. However, it is important to adjust for increased visibility at each point. I doubt that 240,000 sensors were operating prior to 2014.

(On a secondary note, I'm not thrilled by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 section saying that Chinese IP addresses accounted for 40% of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "attacks." While that may be a "fact," it doesn't say anything by itself that helps with attribution.)

Nevercá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365less, talking about individual "attacks," especially when counting cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m discretely, is outmoded thinking, in my opinion. "Attacks" could include anything from transmitting a TCP segment to a specific port, to attempting SQL injection on a Web site, to sending a phishing email.

If properly defined, "attacks" become somewhat interesting, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir value as indicators should extend beyond being simple atomic events.

I was much more encouraged by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second article, at right, published 18 February by Reuters, titled Lockheed sees double-digit growth in cyber business. It included cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following:

[Chief Executive Officer Marillyn] Hewson told cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 company's annual media day that Lockheed had faced 50 "coordinated, sophisticated campaign" attacks by hackers in 2014 alone, and she expected those threats to continue growing.

The use of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 term "campaign" is significant here. Campaign aligns with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operational level of war, between Tactics and Strategy. (Tactics are employed as actions at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 individual battle or skirmish level, while Strategy describes matching ways and means to achieve specific ends. See my posts on strategy for more.)

Campaigns are sets of activities pursued over days, weeks, months, and even years to accomplish strategic and policy goals. The term campaign indicates purpose, applied over an extended period of time. When cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 LM CEO speaks in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se terms, she shows that her security team is thinking at an advanced level, likely aligning campaigns with specific threat actors and motives.

When a CEO talks about 50 campaigns, she can have a more meaningful discussion with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 executives and board. She can talk about threat actors behind cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 campaigns, what happened during each campaign, and how cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 team detected and responded to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. The term Campaign also matches well with business operations; think of "marketing campaigns," "sales campaigns," etc.

I would very much like to see security teams, officials, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs think and talk about campaigns in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 future, and place statistics on "attacks" in proper context. Note that some threat researchers talk about campaigns when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y write reports on adversary activity, so that is a good sign already.