February 13, 2013 | 1 Comment | Mark Russinovich
President Obama highlighted the need for cybersecurity in his 2013 State of the Union Address:
America must also face the rapidly growing threat from cyber attacks.
Now, we know hackers steal people’s identities and infiltrate private e-mails. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems.
We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy. That’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information-sharing and developing standards to protect our national security, our jobs, and our privacy.
But now — now Congress must act, as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks. This is something we should be able to get done on a bipartisan basis.
The same day he issued an executive order aimed at information sharing with private industry to improve the cybersecurity of our national critical infrastructure systems.
February 13, 2013 | post a comment | Mark Russinovich
Check out how I came up with the titles to my novels and my view on cloud security in this From End to Edge interview with Yuri Duiogenes and Tom Shinder:
January 30, 2013 | post a comment | Mark Russinovich
In a story that reads like it came strait out of Trojan Horse, the NY Times announced today that it has been infiltrated by Chinese hackers in a campaign that ran over the last several months since the Times readied a story on a the corruption of a Chinese official:
Hackers in China Attacked The Times for Last 4 Months
December 22, 2012 | 1 Comment | Mark Russinovich
I’m excited to announce that I’m delivering two sessions at the prestigious RSA Conference on cybersecurity, which takes place in San Francisco from February 25 to March 1. One is Malware Hunting with the Sysinternals Tools, where I teach you how to use several of my popular Sysinternals utilities, including Process Explorer, Process Monitor and Autoruns, to diagnose and clean malware infections. The theme of my second talk, Trojan Horse: The Widespread Use of International Cyber-Espionage as a Weapon, is obviously aligned with that of my novel Trojan Horse.
Here are the session abstracts and times and below them a link to the conference’s full session list.
HTA-R32 – Malware Hunting with the Sysinternals Tools
Thursday, February 28 09:20 AM – 10:20 AM
This session will provide an overview of several Sysinternals tools, including Process Monitor, Process Explorer and Autoruns, focusing on features useful for malware analysis and removal. We will demonstrate malware-hunting capabilities by presenting several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of current malware samples.
EXP-R35 – Trojan Horse: The Widespread Use of International Cyber-Espionage as a Weapon
Thursday, February 28 01:00 PM – 2:00 PM
Learn how governments including the U.S., Russia, China and Iran, use cyberspace as a theater of cyber warfare and espionage. Understand the trends and where escalation may lead.
RSA Conference full session list.
November 18, 2012 | post a comment | Mark Russinovich
I’m pleased to announce the winners of the Operation Desolation Cybersecurity Quiz book giveaway. The competition was strong, with over 700 submissions and many perfect scores. The five winners drawn randomly from the top-scorers are:
- Jason Stangroome
- Lee Pillay
- Kevin Brice
- Steven Alexander
- Sajen Jose
Even if you didn’t take the quiz in time to enter the contest, the quiz is still available for you to test your cybersecurity knowledge.
November 17, 2012 | post a comment | Mark Russinovich
I’m pleased to announce that Trojan Horse is now available for purchase in audio format from Audible.com, and it includes an exclusive 20-minute chat between me and famed former-hacker and author Kevin Mitnick talking about cybersecurity.
October 24, 2012 | post a comment | Mark Russinovich
On August 15 at exactly 11:08 a virus that had infected 30,000 computers of Saudi oil company Saudi Aramco woke up and deleted all the documents accessible to it, replacing the files with an image of a burning US flag. Sound familiar? If you read Zero Day, then it should, since the premise of Zero Day is a very similar attack, except directly against the US. The New York Times published an article today that reveals more information about the attack, including the official US theory that Iran was behind it. The incident highlights just how realistic and how at risk we are to a Zero Day-type attack:
NY Times: In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back
October 24, 2012 | post a comment | Mark Russinovich
Jeff Aiken authors a cybersecurity quiz in my short story Operation Desolation (available for only 99 cents). Now you can take the quiz to test your cybersecurity knowledge and if you do so by November 11 you’re entered into a drawing of signed copies of all all my books.
The Operation Desolation Cybersecurity Quiz
October 1, 2012 | post a comment | Mark Russinovich
I’m excited to announce that Zero Day is now available from Audible.com. Trojan Horse will be available soon and include a special 45-minute recorded chat of me and Kevin Mitnick discussing cybersecurity.
September 30, 2012 | post a comment | Mark Russinovich
In an eerie parallel to the opening chapter of Trojan Horse, last week Telvent Canada, a supplier of computer systems and software to electric companies in Canada and the US, announced that it had been hacked. Preliminary indications based on analysis by Dell suggest that the hackers are Chinese, operating in a group called the “Comment Group”. Read more here: