[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, October 30, 2020

McAfee Labs Threats Report – Fourth Quarter 2013

Information Security
Author: Mark Dixon
Friday, March 21, 2014
8:05 am

This morning, I read the recently-released McAfee Labs Threats Report – Fourth Quarter 2013   The lead story was entitled “The cybercrime industry and its role in POS attacks.”  To introduce a timeline chart that includes successful attacks on well known retailers, the report states:

In December, we began to hear of a series of point-of-sale (POS) attacks on multiple retail chains across the United States. The first story to break was specific to Target; this attack has been ranked among the largest data-loss incidents of all time. Soon we learned of more retail chains affected by POS attacks. Neiman Marcus, White Lodging, Harbor Freight Tools, Easton-Bell Sports, Michaels Stores, and ‘wichcraft all suffered similar POS breaches in 2013. Although there has been no public acknowledgment that the attacks are related or carried out by the same actor, many of them leveraged off-the-shelf malware to execute the attacks.

McAfee

Two themes in the article particularly stood out:

  • Many attacks leveraged “off-the-shelf malware”
  • The attacks were executed by a “healthy and growing cybercrime industry”

The article concluded:

We believe these breaches will have long-lasting repercussions. We expect to see changes to security approaches and compliance mandates and, of course, lawsuits. But the big lesson is that we face a healthy and growing cybercrime industry which played a key role in enabling and monetizing the results of these attacks.

Intruders are better prepared, more organized and better equipped than ever.  It’s a crazy world out there.  

Comments Off on McAfee Labs Threats Report – Fourth Quarter 2013 . Permalink . Trackback URL
WordPress Tags:
 

Intel and McAfee: What Do You Think?

Information Security
Author: Mark Dixon
Friday, August 20, 2010
5:48 pm

Yesterday’s announcement that Intel would pay $7.68 billion for McAfee, Inc. triggered a couple of instant thoughts:

  1. McAfee has come a long way from when I first met founder John McAfee in the early 1990’s in a small, cluttered office in Santa Clara.
  2. Intel/McAfee: What strange bedfellows!

imageimage

According the Wall Street Journal article where I first read the news, Intel executives were bullish (as they should have been, after laying nearly $8 billion on the table in a surprise deal.)

“Intel executives argued growing security dangers require new measures, describing the acquisition as an essential step to design chips and other hardware that can protect systems better than software alone. …

"’We believe security will be most effective when enabled in hardware,’ Intel Chief Executive Paul Otellini said in a conference call.

In Yahoo press coverage, Mr. Otellini is quoted:

"Everywhere we sell a microprocessor, there’s an opportunity for a security software sale to go with it … It’s not just the opportunity to co-sell, it’s the opportunity to deeply integrate these into the architecture of our products."

Business week’s analysis was a bit less upbeat:

“Intel will have to persuade customers they need security in non-PC electronics in much the same way it has convinced businesses and consumers that they required chips that speed computing tasks or ensure seamless wireless connections.

“’Right now nobody is screaming for security in their cars and in their cell phones,’ said Gartner’s Peter Firstbrook.”

Forrester Research’s Andrew Jaquith was downright negative:

“What on earth does Intel expect to get for all of the money it is spending on McAfee? I’ve been scratching my head over this, and despite McAfee CTO George Kurtz’ helpful blog post, I am still struggling to figure this one out. …

“I see four problems with Intel’s strategy (at least as much as I can glean, so far):

  • Neither Intel nor McAfee are serious players in the mobility market …
  • Intel’s hardware platform strategy will not work. …
  • Intel doesn’t understand software. …
  • The security aftermarket will be very different on Post-PC devices. …”

What do I think?

  1. I agree that security at the chip level is part of an integrated end-to-end security chain that will be essential in the mobile market, especially as mobile devices are enabled for mobile payments and other high-value functions.
  2. I wonder why Intel had to buy a whole company to get the security expertise necessary to build in security at the silicon level.  Maybe McAfee has some diamonds in the rough hidden away in the R&D lab that will justify Intel’s big acquisition.
  3. This very visible acquisition highlights the critical need for Information Security, a topic that is near to my heart.

What do you think?

Comments Off on Intel and McAfee: What Do You Think? . Permalink . Trackback URL
 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.