Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Tags

Browse by Tags

TechNet Blogs » Roger's Security Blog » All Tags » critical infrastructure protection
Related Posts

  • Blog Post: Analysis of the Estonian Attacks

    rhalbheer
    I just read a paper on the political analysis of the Estonian Attack. If you are interested reading my post on my other blog (as the analysis is not really technical but interesting) there you go: Analysis of the Estonian Attacks Roger
    on 21 May 2008

  • Blog Post: The Importance of International Collaboration–Even in Exercises

    rhalbheer
    One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents...
    on 16 Jun 2010

  • Blog Post: Bill would give Obama power to shut down Internet, networks during cyber attacks

    rhalbheer
    Interesting: Bill would give Obama power to shut down Internet, networks during cyber attacks Roger
    on 3 Apr 2009

  • Blog Post: Technology in the Mumbai Attacks

    rhalbheer
    One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting...
    on 2 Dec 2008

  • Blog Post: How long does it take to hack a Power Plant?

    rhalbheer
    I start to get scared – more and more. Back in September I blogged on Critical Infrastructure Protection – Live which shows what would happen if somebody would be able to tamper with power generators. Now, during RSA there was a guy called Ira Winkler telling the audience that they had the job to do...
    on 14 Apr 2008

  • Blog Post: Security Risks in the Supply Chain?

    rhalbheer
    At the moment I am travelling through the Gulf in order to launch the Security Intelligence Report v5 with local data. During one of the discussions today, a question was raised which I was thinking about quite some while (but – honestly - do not have an answer yet): How do you manage the risks in your...
    on 24 Nov 2008

  • Blog Post: Estonia’s Cyber Security Strategy

    rhalbheer
    Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different...
    on 8 Oct 2008

  • Blog Post: 10 Years of Trustworthy Computing at Microsoft

    rhalbheer
    Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this...
    on 12 Jan 2012

  • Blog Post: Security Intelligence Report: “Scareware” on the Raise

    rhalbheer
    You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let me try to give you an overview of the “highlights” of the report from my point of view: As I wrote in the title and as I blogged about this summer ( „Scareware“ on the Raise ) one if the biggest growing...
    on 8 Apr 2009

  • Blog Post: Hacking is destroying economic growth

    rhalbheer
    As usual (and probably as most of you) I started today scanning through my mails and RSS feeds for important and urgent information. By doing that, I stumbled across an article called Hackers and Nigeria vulnerability to cyber terrorism and I started to read it. As you know, I blogged several times...
    on 26 Sep 2008

  • Blog Post: Cyber Security: The Road Ahead

    rhalbheer
    This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed...
    on 14 Apr 2011

  • Blog Post: A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?

    rhalbheer
    I recently came across a paper called Shadows in the Cloud , which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network , an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the...
    on 21 Apr 2010

  • Blog Post: How to Build a CERT

    rhalbheer
    Often, when governments look into Critical Infrastructure Protection, they start to build a CERT (Computer Emergency Response Team) or a CSIRT (Computer Security and Incident Response Team). The questions then always comes up: How do you do that? ENISA (European Network and Information Security Agency...
    on 21 Jan 2011

  • Blog Post: Algeria: Conference on Certification (eID)

    rhalbheer
    When I tweeted last week that I am on my way to Algeria, I got quite some reactions and questions that I shall report how it was. So, let me try to briefly summarize my impressions. I was invited to speak at a conference on certification in Algiers. Well, initially I pushed back as I did not understand...
    on 17 Dec 2009

  • Blog Post: Attacks on MS08-067

    rhalbheer
    As we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk. Otherwise we would not have gone out of band… Interestingly enough, we have not seen widespread attacks since now. Earlier today now...
    on 26 Nov 2008

  • Blog Post: Comments on US-CERTs Advisory on Auto-Run

    rhalbheer
    You might have seen the advisory of the US-CERT titled Microsoft Windows Does Not Disable AutoRun Properly – if not, you will definitely have seen one of the articles covering this issue and telling you that our advice on how to prevent Conficker is flawed. This statement is not quite true the way it...
    on 22 Jan 2009

  • Blog Post: Publishing Secret or Sensitive Information

    rhalbheer
    With a lot of interest I followed the media on the latest Wikileaks’ publication of sensitive documents from the US Government. At least here in Europe, there is a huge debate whether this publication is really problematic for the United States. A discussion I do not want to comment here, as I am not...
    on 30 Nov 2010

  • Blog Post: SANS Commits $1 Million to Fight Cybercrime in Developing Countries

    rhalbheer
    You know that I criticize SANS from time to time. Especially when it come to their handlers, I am convinced that they are creating the problem rather than solving it. This time I have to say that I am impressed as they are helping developing countries to help to fight Cybercrime. This is as "we are...
    on 24 May 2008

  • Blog Post: Mutual Authentication in Real Life–Launching a Nuclear Missile…

    rhalbheer
    A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether...
    on 30 Mar 2011

  • Blog Post: Why I do not like e-Voting (Part 2)

    rhalbheer
    As you might know, I blogged on e-Voting recently ( Why I do not like e-Voting ) and got quite some reactions. A few here but most of them privately. Most of you seem to like e-Voting. Now, think again! Look at this article here Evaluating the Security of Electronic Voting Systems . There is a video...
    on 9 Sep 2008

  • Blog Post: Keep all your software updated and current

    rhalbheer
    I know that I keep going and going on that. When I talk to customers and mainly to providers of the critical infrastructure about security, one of the key things to me is to keep the software updated. It is about patching and it is about staying on the latest version of your software. To me, today Windows...
    on 13 Apr 2012

  • Blog Post: The “Year-2010” Problem: Failure of ATM cards!

    rhalbheer
    When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came – and the bug actually got hold of us. Initially I thought that I was reading a joke...
    on 6 Jan 2010

  • Blog Post: Should the Government be able to enforce security updates?

    rhalbheer
    This is actually an interesting question. A lot of governments enforce rules and regulations on how you have to run your car, how often you have to check it, in which condition you have to keep your tires etc. The same is true for a lot of other devices we are using. Now, it seems that the US just...
    on 13 Jun 2010

  • Blog Post: Council of Europe Octopus Conference- Some Thoughts

    rhalbheer
    l am still sitting in the parliament room of the Council of Europe at the celebration event for the Budapest Convention. It was another very good event advancing the challenges fighting Cybercrime. Let me try to summarize a few thoughts: The Budapest Convention is probably the best convention out there...
    on 23 Nov 2011

  • Blog Post: Cybersecurity–More than a good headline

    rhalbheer
    A lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking...
    on 27 Oct 2011