Symantec last week was the first to get the word out about Duqu, the newly discovered network espionage malware designed to go after industrial control systems. It was quickly dubbed "Son of Stuxnet" by the media, and Symantec said 50% of the code base seems to be the same used in Stuxnet.
But most malware researchers commenting on Duqu indicated it seems to be designed more for reconnaissance of networks and industrial control systems rather than destruction, which was Stuxnet's ultimate mission.
CATCHING UP: Security roundup for week of Oct. 14
McAfee, which quickly followed Symantec in offering its Duqu analysis, disagreed with Symantec about something basic about this Trojan aimed at industrial control systems.
McAfee contends Duqu, the analyzed specimen of which is said to be associated with a code-signing certificate belonging to a company called C-Media Electronics in Taipei, is primarily intended to target certificate authorities in Asia, Europe and Africa. Symantec disagreed, saying the digital certificate used by Duqu had been stolen. Symantec did say the certificate had been issued to one of its customers -- though not naming it as McAfee did -- and revoked the certificate on Oct. 14 after discovering it had been stolen.
Symantec said at no time was its root or intermediate CAs at risk. Symantec notes it is seeing variants of Duqu. Analysis is ongoing, and the ramifications of the malware are potentially very serious.
Duqu on the loose wasn't the only attack phenomenon spotted last week. A massive SQL injection attack struck about 200,000 ASP.Net sites, according to research done by Armorize.
Google Apps and LA
Ever since Google, teaming with systems integrator CSC, beat competitor Microsoft in 2009 for a $7.25 million cloud-computing contract with the city of Los Angeles to provide what's now called Google Apps for Government, the city's experience with it all has been closely watched.
Last week, advocacy group Consumer Watchdog said the Google Apps project is seriously off-track with "broken promises and missed deadlines" because "a mere 17,000 city employees use the Google system, while 13,000 LAPD and other employees involved in law enforcement cannot make the move." Consumer Watchdog buttressed that claim by releasing documents it has obtained -- the organization won't say how it got them -- of communications between the city's technology manager and the CSC contracts manager.
CSC issued a statement acknowledging the city's law enforcement agencies had not yet been migrated to Google Apps because "the City identified new security requirements for the Police Department." CSC says they're all working together now "on one final security requirement." Google dismissed the Consumer Watchdog release of the confidential documents as yet another "press stunt."
What the city of Los Angeles is doing with cloud computing is still considered fairly cutting-edge, but if it's taking two years to sort out security issues associated with law enforcement, that suggests cloud-computing security may still be a tough nut to crack. Hopefully, the individuals involved in this project will finally be able to stand up and tell us specifics about the security issues they faced and how they solved them, so everyone can benefit.
Speaking of cloud security, Network World has a special report to share on that topic that can be read here.
Security research this week
At Georgia Institute of Technology, researchers say they've discovered how vulnerabilities in what's known as the accelerometer in smartphones can be exploited to capture keyboard keylogger data. The main research was done with various iPhones.
Another news story related to university research on smartphones came from work being done at Virginia Tech to customize Google Android software to lock down smartphones so that sensitive data isn't exposed. University researchers are hopeful the technology -- part of a project called GhostBox -- will be production-ready by year-end.
By the numbers
The annual Kroll report on fraud that polls executives from around the world on what their organizations have experienced in terms of theft of information and physical assets, plus bribery and corruption, paints a grim picture of the world today, especially in Africa, India and China.
Yet another report out last week shows theft in the retail industry rising globally.
And finally, a survey of more than 1,000 IT managers has many of them admitting that data breaches are occurring and information from their CEOs and other executives is being stolen. They also talk about why they'd get fired, such as for having sensitive data stolen from their CEOs. We've put the numbers together for you in this slideshow.
Read more about wide area network in Network World's Wide Area Network section.