See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Compatability & Converters
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Cyber Security: The Road Ahead
This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed...
14 Apr 2011
How much it takes to get on the No-Fly List
I questioned the value of No-Fly lists since quite a while as I read all these story about how people get on the list but this is kind of the strangest story I ever heard. A UK Immigration officer put his own wife on the No-Fly list as he wanted her to stay in the US – their marriage was kind of challenged...
6 Feb 2011
Publishing Secret or Sensitive Information
With a lot of interest I followed the media on the latest Wikileaks’ publication of sensitive documents from the US Government. At least here in Europe, there is a huge debate whether this publication is really problematic for the United States. A discussion I do not want to comment here, as I am not...
30 Nov 2010
Paper on Information Warfare
I often see a lot of discussions on Information Warfare. Today I just stumbled across a paper published by RAND called Strategic Information Warfare – A New Face of War – from my first impression definitely worth reading Roger
9 Jul 2009
After Estonia now Kyrgyzstan
There is definitely proof that during war times, armies add a virtual component to the “real life” war. Additionally we have seen the attacks to Estonia, where nobody really knew where they originated from (I do not mean the country but whether a government was behind them of just a group of hackers...
30 Jan 2009
How to circumvent Privacy Laws
As you all know, most jurisdictions allow individuals to ask for data collected by an organization (being it a company or a governmental organization). A lot of countries have Data Protection Commissioners that look into what companies and more often governments do with regards to PII (Personal Identifiable...
20 Aug 2008
SANS Commits $1 Million to Fight Cybercrime in Developing Countries
You know that I criticize SANS from time to time. Especially when it come to their handlers, I am convinced that they are creating the problem rather than solving it. This time I have to say that I am impressed as they are helping developing countries to help to fight Cybercrime. This is as "we are...
24 May 2008
Analysis of the Estonian Attacks
I just read a paper on the political analysis of the Estonian Attack. If you are interested reading my post on my other blog (as the analysis is not really technical but interesting) there you go: Analysis of the Estonian Attacks Roger
21 May 2008
How long does it take to hack a Power Plant?
I start to get scared – more and more. Back in September I blogged on Critical Infrastructure Protection – Live which shows what would happen if somebody would be able to tamper with power generators. Now, during RSA there was a guy called Ira Winkler telling the audience that they had the job to do...
14 Apr 2008
Analysis of Cyber-Terror
The US Military just released a pretty interesting in-depth article on Cyber-Terrorism and the different aspects of it. Even though it has a little bit more than 40 pages, it is worth reading: Cyber Operations and Cyber Terrorism Roger
13 Mar 2008
DHS Security Level on your Webpage
A blog reader sent me a mail informing me that he wrote a small application that links the DHS security level to your webpage. I added it to my news section and it looks pretty interesting. If you want to do that as well, here is the link: http://www.milestactical.com/hlsa.html Thanks to Justin Hofer...
1 Mar 2008
How critical are the Undersea Cables?
OK, I think I need to take this up a little bit as well. Let's look into what happened over the last few days. I think up to now we ended up with five cables cut in the Middle East. So, there are a lot of theories who was actually damaging those cables. The best one comes from WSJ J But there were...
8 Feb 2008
Was the plain crash caused by hackers?
If Al Qaida really has these capabilities, I am starting to get scared when I have to fly (which happens to me pretty often): There are reports that the plan crash last week could be caused by hackers attacking the plane before take-off in Beijing…. Al-Qaida ties to British crash probed Roger
24 Jan 2008
What is more important: Security or Privacy?
This is basically a very interesting and pretty fundamental question for the society. After 9/11 the US changed the way they work significantly. Just as an example: Airlines had to give the US government information about passengers flying to the US that actually violate the privacy laws in Europe. So...
17 Jan 2008
2-year old terrorist
Well, this is not new: Government agencies with insecure websites. Actually I did not want to blog on this (you find the article about an insecure TSA-website here ) but then I drilled into the comments and there is one that actually shocked me (well, no, this is wrong it did not even surprise me but...
16 Jan 2008
Fight against Terror and how it can be abused
I am not completely clear how much a lot of the measures we see (like the fluid restrictions on planes, the forced violation of privacy laws by airlines by having to transmit PII to the US, ...) really bring. On the other hand we definitely see some pretty weird things happening as any suspicion seems...
6 Nov 2007
Rumors about Cyber-Terror Attack, November 11th
This is an interesting phenomenon on the Internet: There is one source publishing the statement that they picked up an Internet announcement by Al Qaeda that they will start a cyber attack on November 11 th : DEBKAfile Exclusive: Al Qaeda declares Cyber Jihad on the West . From there on the blogsphere...
1 Nov 2007
Analysis of the cyber-capabilities of AlQaeda
I blogged already several times about Cyber-Terrorism. I think it is important to try to keep the pulse of these developments and to understand what the terrorists are capable of doing. There is an article about a recent event, where somebody tried to gain information about certain devices that ware...
1 Oct 2007
Critical Infrastructure Protection - Live
Department of Homeland Security did a simulation what could happen if a hacker gains access to crucial parts of an electrical grid. The video was marked "Official Use Only" but seems to have leaked to The Associated Press. They then made themselves a small video. See some articles: The Raw Video...
30 Sep 2007
How likely is “Cyberterrorism”?
If I am honest: I am probably the wrong one to answer this question. I am a security guy and not a terror specialist and the last thing I want to do is add just another useless blog post saying that it is extremely likely that the terrorist will soon bring down the Internet. However, there are good sources...
19 Sep 2007
Is this the Cyberwar?
This is a pretty difficult question to answer, isn't it? Let's just think of a few events that happened in the last few months, according to the press: December, 2006: China suspected to hack Navy site ( fcw.com ) May 2007: Denial of Service Attacks on Estonia ( News.com , Computerworld , …) June...
8 Sep 2007
Terrorism and the Internet
Since a long time (at least 9/11) there is a lot of discussion about the way terrorists use/will use the Internet, It is clear that the Internet is used for publicity and communication. There are experts saying that the Internet itself will not be a target for an attack for terrorists because of this...
26 Jan 2007
© 2014 Microsoft Corporation.
Privacy & Cookies