Security Musing and Writings

From time to time, our security professionals love to write-up their personal musing on a certain security issue. We hope some of these contents may provide additional food for thought. The write-up reflects each individual’s personal views and does not necessarily represent Securxcess as an organization.

Don't Count on IP Address and Metadata Too Much

In investigating or tracing a security incident, we are sometimes asked to determine from whence—or where—an incident occurred, besides its perpretrator. Usually, we perform IP address tracing to get some sort of evidence. Another possible scenario is when we are faced with a situation where a file is thought to be the evidence and we are required to ascertain that. Sometimes in this case, merely checking its metadata is considered one of the best ways in determining whether it is valid as a piece of evidence. Unfortunately, it is not the case; not even close.

The “Cyber-Pearl Harbour”

It was two years ago on a crisp autumn day in New York City, two months into my first semester at Columbia, when I read an article in the New York Times titled “Panetta Warns of Dire Threat of Cyberattack on U.S.” I remember that day so vividly, sitting in class perusing the news on my iPad waiting for the lecture to begin. Two years later in the wake of the Sony hacks, I wonder if Panetta (former Secretary of Defense and past CIA Director) had any inkling that a major Hollywood studio would be at the receiving end of the “cyber-Pearl Harbor” attacks he alluded to.