One day wonders

Last week Dr Hugh Thompson of Blue Coat and RSA fame was in London. I was fortunate to find a slot with him to meet up and exchange ideas. I like Hugh because he’s not like the regular, dull vendors or CSOs that churn out the accepted security mantra. And he understands the importance of the human and political factors in achieving effective security.

Hugh updated me on his latest Blue Coat research on “One day wonders” i.e. websites that exist for less than a day. It’s an important landscape as a surprisingly high 71% of all web sites exist for 24 hours or less. More worrying is the disturbing fact that these sites attract hackers, villains and other bad people.

Of course most one-day wonders are legitimate and exist to deliver a better user experience. Many are organizations such as Google, Amazon and Yahoo with a substantial Internet presence. That’s why they’re popular. Unfortunately there’s a darker side, as malware operators seek to generate large numbers of popular sub-domains built on a foundation more evil domains. Sites are selected to support mass attacks on targeted victims, attacks that are highly scalable, difficult to track and easy to implement.   

Hugh and I also had an imaginative debate on current trends, including the Internet of Things. We both agree that security cannot be contained within devices alone. Against a landscape of continuously fragmenting technology (into larger networks of smaller devices), rapidly changing platforms, and uncertain access policies, security must migrate into the network. The challenge of course is where, when and how this will materialise. And of course who will control it.