[Chapter-delegates] Internet Society Data Leaked

Juan C. Cigala, Internet Society Canarias presidente at isoccanarias.org
Wed Feb 16 05:04:23 PST 2022 

+1

-- 
Juan C. Cigala


On 2/16/2022 11:54, Veni Markovski via Chapter-delegates wrote:
> +1 to the request for more clarity; our members need to be informed, 
> and I don't want to share on social media a link to an article on some 
> website. There should be something at isoc.org, and in the news 
> section there's only one press release from 2022 - on February 4.
>
> Also, it's not a good thing to find out from a publication about some 
> of the details (I assume not all of them)...
>
> v/
>
> On 2/16/22 04:19, Roland Turner via Chapter-delegates wrote:
>> Andrew,
>>
>> Could we have a little more clarity on this please? Chapter members 
>> in multiple jurisdictions may have notification obligations arising 
>> from this.
>>
>>
>> The Jan 21 <https://updates.internetsociety.org/> update states:
>>> Fortunately, we have still not seen any instances of malicious 
>>> access to member data as a result of this issue.
>>
>> This appears a little unclear to me on two important fronts:
>>
>> *"have not seen"*
>>
>> An adversarial read of this is the rather horrifying idea that access 
>> logging was not turned on, so you (and MemberNet) haven't the 
>> faintest idea whether there were any unauthorised accesses, which 
>> would certainly allow you say that you hadn't seen any unauthorised 
>> accesses but wouldn't mean that there weren't any, even at a 
>> reasonable level of confidence. Hopefully this is not the case!
>>
>> *"malicious access"*
>>
>> The relevant question is not whether any accesses could be described 
>> as malicious, but simply whether they were unauthorised. An 
>> adversarial read of this is that there were unauthorised accesses, 
>> but because you don't have much information about the unauthorised 
>> accessers you not in a position to say that they were acting 
>> maliciously, however this would tell us nothing about whether there 
>> had been unauthorised access. Again, hopefully this is not the case!
>>
>>
>> To address both concerns, are you able to confirm that:
>>
>>  1. access logging was turned on and the logs were successfully secured;
>>  2. the logs appear to be complete (in this case "appear to" is fine;
>>     the requirement is simply that there are no unexplained gaps); and
>>  3. all logged accesses are authorised (i.e. because they were made
>>     by the application server, not random external IP addresses)
>>
>> ?
>>
>>
>> - Roland
>>
>>
>> ------------------------------------------------------------------------
>>
>> On 16/2/22 15:41, Hank Nussbacher via Chapter-delegates wrote:
>>> In case you missed it:
>>>
>>> https://www.infosecurity-magazine.com/news/internet-society-data-leaked/
>>>
>>>
>>> Regards,
>>>
>>> Hank
>>>
>>> _______________________________________________
>>> As an Internet Society Chapter Officer you are automatically subscribed
>>> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
>>> https://admin.internetsociety.org/622619/User/Login
>>> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
>>
>>
>>
>> _______________________________________________
>> As an Internet Society Chapter Officer you are automatically subscribed
>> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
>> https://admin.internetsociety.org/622619/User/Login
>> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
>
> -- 
>
> Best regards,
> Veni
> https://www.veni.com
> pgp:5BA1366Eveni at veni.com
>
> The opinions expressed above are those of the
> author, not of any organizations, associated
> with or related to him in any given way.
>
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
> https://admin.internetsociety.org/622619/User/Login
> View the Internet Society Code of Conduct: https://www.internetsociety.org/become-a-member/code-of-conduct/

More information about the Chapter-delegates mailing list