søndag den 18. januar 2009

Memories from the Bronze Age


A couple of weeks ago one of our friends from Liseleje, Axel Hvidtfeldt, occurred on TV where he proposed the creation of a Bronze Age center in Northern Zealand. The background for this idea was the occurrence of a huge stone filled with Bronze Age drawing, Petroglyphs, close to Liseleje at Hyllingebjerg.

The Hyllingebjerg Stone is an 8.5 tons granite monolith, which was left atop Hyllingebjerg, by the receding icecap in Northern Europe about 10 000 years ago. Hyllingebjerg is a 28 meter high earth cliff at the coast of Northern Zealand in Denmark. The stone was in the Bronze Age, about 3000 years ago, decorated with rock carvings including ships, sun wheels and about 300 bowl shaped carvings.

The stone and its rock carvings were first discovered in May 1983 when it was lying on the beach at Hyllingebjerg, where it had tumbled from the cliff 28 meters above. The stone had lodged at the waters edge half buried in sand after storms had eroded the cliff. The Danish National Museum was alerted, but was not at the time, interested in a conservation project because of lack of funds.

Following a period with some interest from one of the National Museum’s specialists, the stone was moved to a local museum in Frederiksværk, Gjethuset, but in August 1999 an attempt was made to have the stone exhibited in a diamond shaped glass cage within a fully controlled atmosphere (Relative Humidity and Temperature) at the top of the Hyllingebjerg cliff, which 3000 years ago was a cultural and religious place. The project was not realised due to lack of funds, so the stone remained hidden away from the public in a dark corner of the “Gjethuset”.

At that time the rock carvings were not drawn up and barely visible. Sometimes during 2001 the stone was then transported to Stone Conservator Leif Vognsen´s facility at Gram in Jutland, Denmark, a journey of 317 kilometres. There is no record of this transport. The stone spent the next 4 years at Leif Vognsen´s shop. Here the stone was cleaned, but it is not known precisely which methods and which agents were used in this process and this needs to be further investigated.

The hundreds of rock carvings on The Hyllingebjerg Stone were in August 2004 identified by Scandinavia’s foremost authorities on rock carvings, Gerhardt Milstreu, and the Danish National Museum’s Flemming Kaul on a grant from the EU. The carvings were touched up with white paint and the carvings were photographed 2-Dimensionally. The beautiful 3000 years old artwork was now after 11 years again clearly visible. The stone was to remain at Leif Vognsen´s conservation shop for another year.

In November 2004 “Hyllingebjergstenens Venner” – The Friends of the Hyllingebjerg Stone - had received a grant, which made it possible to have the rock carvings photographed using a new 3-Dimensional photographic technique. We also had a model of the Egtved Girl from the same Bronze Age pose next to stone so as to give an impression of the size of the stone. The result was posted on the Internet and can be viewed at www.frvhistorie.dk/Hyllingebjergstenen. Here the artwork can be admired from all sides through manipulating the computer mouse.

The again on the 19th of November 2005 then stone was transported to Hilleroed, where it was put in a cold store, as it was explained by the National Museum, to protect the stone from decaying if left out to the rain and sun. This was a little bit stiff to the local historic committee and to our friend Axel Hvitfeldt, so right now they have increased their lobby, not only to get – at least a copy – if not the stone itself back, but to create a Danish bronze Age Center in the area of the find.

Now the Bronze Age – which in Denmark and the Nordic countries is dated from 1800 BC to around 500 BC, was a period with a nice warm climate, in fact you could grow grapes in Denmark. The coast line was much higher – maybe what we will see in another hundred years as a result of the melting of the inland ice. The period was named after the most precious metal used for weaponry and ornaments, most particular some very characteristic women belt ornaments.

The so-called ‘girl from Egtved’ (Pictured beside the stone )represents this glorious period and the short skirt clearly illustrates the climate.

At the North Zealand peninsula Halsnaes around Hyllingebjerg we do in fact find a lot of Bronze Age Mounds, very characteristic burial sites as well as remainders from villages and fishing places .There is little doubt that the Nordic Bronze Age produced a high level of technically well equipped ships, which are among the most typical drawings on the petroglyphs. It is believed that the carvings represent pictures of the sun and that the ship actually illustrates the transport vessel of the sun across the sky.

These ships later developed into the Vikingships, but already in the Bronzeage they were obviously used as a means of transportation across the Baltic sea and deep into Europe on the rivers following the so-called amber-route, where the Nordic people exchanged fur and amber for precious metal and occasional weapon.

It is believed that the religion contained to Gods – a male and a female – which can be seen on contemporary petroglyphs in Sweden, and that these Gods later became absorbed in the Nordic mythology as Freya and Frey – or Freja and Frøj. Freya seems to have been the goddess Nerthus as described by Tacitus.

The 'sun wagon' from Trundholm Mose depicts the Sun God.

The beautiful North Zealand area would be perfect for a living Bronze Age museum, and as the Jelling Stone – one of the Unesco Heritage points in Denmark – is also in need for coverage against weather and sun the project for the Hyllingebjerg Stone developed by the Famous Danish artist Bjørn Nørgaard could easily be replicated and re-used.

I do hope that this project will attract interest also of some of the heavy weight foundations in Denmark. It would be a beauty along with the Neolithic center in Hjerl and the Iron Age Research Center at Lejre.

torsdag den 15. januar 2009

Cybercrime Predicitions


As is usual around the change of year a number of specialists in all disciplines try to make predictions of what is going to happen in the year to come. And also the ‘security specialists’ have been very active. Before we turn to the actual predictions it may be worthwhile to see what really happened in 2008 in terms of cyber attacks and cyber crimes.

To find evidence we can turn to Bernard Kwok, Senior Vice President, Symantec Asia Pacific

His analysis for what happened during 2008, described as ‘the best of the worst in 2008’ pointed to the following major observations:

  1. New Malware Variants and new Families of Threats – millions of distinct threats that mutate as they spread.
  2. Fake Applications – ‘Scareware’ – fake secure sw applications that install together with a Trojan horse.
  3. Web attacks galore – Symantecs figures point to the web as the prime area for attacks
  4. Underground Economy – hard to estimate the real size of this, the investigators claim that in a year they noticed stolen goods traded on the Internet at the value of more than 276 million $, but this is probably only a very small fraction.
  5. Data Breaches – this of course includes company specific data as well as public stored personal information. Particularly in UK and US some really extraordinary data losses of public data have been noticed.
  6. SPAM – Still very active and annoying, but in fact because of more advanced spam-filters down to some 60-65% of what it was at it’s height
  7. Phishing was also a major threat in 2008 – various techniques and baits used in different economies, Obama’s election was but one example.
  8. Browser and plug in vulnerabilities – cyber attackers are carefully studying loopholes and vulnerabilities and even if Microsoft Explorer’s total domination may be going away, there are still room for improvement also in other browsers.

Symantec Asia’s forecast for threats in 2009 point at 5 key areas:

  1. Explosion of Malware Variants – according to Symantec’s analysis, there is now more malware programs being released on the internet than legitimate programs! This calls for new types of detection programs needed.
  2. Web Threats – It is expected that web services will be the next area for introduction of threats. This points toward the need for some certification scheme for web services.
  3. The Economic Crisis will give rise to new types of fraud promising people to get rid of their loans or offerings , or maybe web sites promising new jobs. These types of fraud typically hits the weaker and poorer.
  4. Social Networks – phishing for username and account info. Based on the rapidly growing success of social networks also as a part of normal enterprise web sites, it is inevitable that more threats will come in this area.

SPAWAR

Other highly competent sources of knowledge of security threats include SPAWAR – The US Space and Naval Warfare Command Centre in San Diego. Among their tasks they will provide: "…revolutionary information superiority and dispersed, networked force capabilities to deliver unprecedented offensive power, defensive assurance, and operational independence to Joint Force Commanders."

SPAWAR also holds a research center for Cyber Warfare which probably is the best equipped research center in the World. Mike Davis is the Information Assurance (IA) Technical Authority (TA) at TEAM SPAWAR, and a Vice President of the Information Society Security Association.

In a recent meeting, he pointed at the following key trends that he could see:

- Growth of Malware and Botnet attacks - SQL Injections, Denial of Service Attacks – especially in the mobile use!

- Increased number of insider attacks

- Focus on protecting the infrastructure – ICS/PCS/SCADA Attacks (See conferences like this ‘Black Hat’ Event)

- Outsourcing Security Threats including Cloud Computing issues

- Focus on Host based Security

- Increased use of encryption in many more areas than previously

- Regularity Compliance tools and information lock down (PCI Compliance, HIPAA, SOX) and requirements for privacy

- Social sites will be new playing fields for DLP – Data Loss Prevention.

- General move towards ‘information centric security’ with data as the focal point as opposed to the traditional user/application rights management focus.

- More focus on inter-domain SOA-technology and federated security.

SC Magazine

The SC Magazine for Security Professionals published a forecast mainly based on inpur from Sophos:

“What seems certain, concludes the Sophos report, Security threat report: 2009,” is that the variety and number of attacks will continue to escalate, compromised PCs will remain the primary source of spam, and web insecurity and SQL injections will remain the primary distribution method of malware. “

Infected web pages are cropping up three times as fast this year as compared to last, while the number of infected web pages increased from one every 14 seconds in 2007 to one every 4.5 seconds in 2008, according to Cluley.

“There's a real challenge in how businesses big and small will manage this problem and ensure that their web sites are properly secured and hardened from SQL injection attacks,” he said.

In addition, malicious emails with a greater proportion of legitimate looking attachments, or web links aiming to infect unpatched users, are likely to be sent. Data leakage and identity theft resulting in decreased customer trust and loyalty will continue to pose problems for enterprises, Cluley said.

On the bright side – security software is getting better and more proactive.

For enterprises, Cluley recommended dealing with the security risks with a tiered defense against attacks, including up-to-date anti-virus software, firewalls, security patches and policy control and user education.

In another article from SC Magazine they described the innovations in cybercrime activities under the heading of: 2008: A year of cybercriminal innovation.

And the Danish TeleCom consultant John Strand also had his go at the threats in 2009:

John Strand not surprisingly, points to Wireless risks first:

Wireless risks continue!
There are so many ways to attack a client system via wireless vulnerabilities, as you can see just by looking at Karma, a set of tools for assessing the security of wireless clients, and karmetasploit, a tool that acts as a wireless access point and responds to all probe requests from wireless clients.

I believe that many organizations are about five years behind the curve when grappling with Wi-Fi threat vectors” ….

“ ..vendors implement new protocols and authentication schemes like TKIP, LEAP and PEAP in different ways. We need to fully research the protocols used by our vendors before implementing them in our organizations.”

But John Strand also predicts that new interest for hackers will be directed to the Operating Systems:

“While operating system attacks have not reached the effectiveness and prominence they had from 2003-2005, malicious hackers will most likely discover operating system vulnerabilities again. There has been a tremendous amount of research over the past few years in browser-based attacks like cross-site scripting (XSS), cross-site request forgery (XSRF) and clickjacking. But what if these techniques were used in conjunction with an operating system vulnerability?”

Finally John Strand points to a possible blind spot in the convergence taking place between Web servers and Browsers.

Ponemon Survey
Also the Ponemon Institution conducted a study – 2008 security Mega Trends Survey – where they concluded the following predictions for 2009:

“Cybercrime and outsourcing were named the top security concerns for 2009. In addition to uncovering a changing view of how IT organizations are becoming less siloed and more collaborative, key findings from the Security Mega Trends Survey include:

  • Outsourcing IT is a Major Concern
  • Data Breaches and Cybercrime
  • Workforce Mobility Contributes to Data Loss
  • Web 2.0, P2P, Virtualization and Cloud Computing are Growing in Prevalence “

The Study was conducted by Lumension Security and can be found here.

So the overall picture from all experts – with some variations – points to the same areas or issues. Or is it just that everybody is picking everybody’s brain that this seems so very identical? I will almost be willing to bet that CyberCriminals are more innovative than the sum of all the experts, and that some – until now unseen – types of threat will occur in 2009. With the growing number of computers in everything maybe a new type of crime will be focused on this ‘internet of things’ phenomenon?

The easiest thing of course is to project threats in the areas where you have some remedies and tools to cope with the known – and to sell!.

What we have to fear most is probably not what we know but those areas where we are not even aware of not knowing anything.