Security Scene: July 2022 Edition
By Adair Thaxton - Internet2 Cyberinfrastructure Security Engineer
Security Scene is a monthly roundup of cybersecurity news highlights compiled by Internet2 Cyberinfrastructure Security Engineer Adair Thaxton. Adair connects recent headlines to security best practices, within the lens of the research and education community and our broader digital society. Plus, she’s got jokes!
Happy Independence Days to our U.S.- and Canada-based friends. I hope you’ve all had the opportunity to spend some time relaxing this summer, and that you’ve worn sunblock. This is always the most difficult time of year for me to remain aggressively pale, but I’m doing my best.
Cloudflare has detected and mitigated an attack from the Mantis botnet, named for the mantis shrimp. Like its namesake, this botnet is fairly small (about 5,000 hosts) but can pack quite the punch – the attack mitigated was sending 26 million requests per second, over HTTPS. That’s more than 5,000 requests per second, per host! The blog post’s author explained the significance: “HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection.” The botnet is using compromised virtual machines and servers, which have the resources to allow for an attack of this size.
The Cloud Security Alliance has released a new report about customers who store sensitive data in the cloud. The report shows that while these customers are pretty confident about the cloud services’ security controls, they’re less confident about their own abilities to protect their organization’s cloud-hosted sensitive data. Two terms that were new to me are homomorphic encryption and confidential computing, both of which are intended to allow users to work with encrypted data while it remains encrypted.
The Cyber Safety Review Board has issued a report about the wider-reaching effects of the log4j vulnerability from this past winter. The report addresses the continued risks of the vulnerability and makes recommendations for security hygiene and improvement of the software ecosystem. They also mention that they “believe industry has come to understand that the Board is not an enforcement or regulatory body and is not focused on assigning blame,” and thanked industry partners for their enthusiastic cooperation. That’s really great to see!
I hope you’re all getting ready for school to start back soon. It’s always nice to see our students again! Remember to drive carefully, and network carefully!