automatic security tools and chinese p2p info leaking

Couple articles for security fodder.

The 7th Cyber Defense Exercise recently took place, which places networks run by various military departments under attack by the NSA in a controlled, scored, exercise. I found this nugget an interesting observation:

The choices in software tools for responding to any attack really boiled down to “automatic” versus “custom,” says Eric Dean, a civilian programmer and instructor. He adds that while automatic tools that do most of their own work are certainly easier, custom tools that allow more manual tweaking are more effective. “I expect one of the ‘lessons learned’ will be the use of custom tools instead of automatics.”

And a classified Hong Kong “watch-list” was leaked out onto the Internet. It appears a user brought some classified data home and stored it on a computer running a popular P2P application (Foxy). That’s a nice series of poor decisions.

The blunder occurred after a newly-recruited immigration officer working at the Lok Ma Chau border point took home some old classified files to study without authorisation.

His computer contained the “Foxy” programme and when he connected to the internet, the files were distributed without his knowledge.

Both stories came to me by way of the Infosecnews service.