superior development, powerful marketing, excellent results

1. McAfee Uncovers Cyber Attacks

   Over the last five years, the IT security firm, McAfee has been working on an investigation that examined information form different organisations that they thought have been hit by cyber attacks.

   The investigation, named ‘Operation Shady RAT’, started in 2006 where they looked into the traffic going in and out of numerous organisations, and Mr Samani, McAfee’s Chief Technology Officer in Europe, claims that “From the logs we were able to see where the traffic flow was coming from,”.

   The total list of organisations that were under investigation is 72 and includes the International Olympic Committee, the UN and various security firms. Some organisations permitted them to “delve a bit deeper and see what, if anything, had been taken, and in many cases we (McAfee) found evidence that intellectual property had been stolen.”, said Mr Samani.

   He also added that “The United Nations, the Indian government, the International Olympic Committee, the steel industry, defence firms, even computer security companies were hit,”

   McAfee isn’t in a rush to say who they think is behind the attacks or if it is even a single group, but there is speculation about China being responsible for the attacks with Beijing always denying any involvement in cyber-attacks or the sort, claiming the accusations to be “groundless”.

   The stolen data’s whereabouts and use us unknown but the type of data can easily be sold on to competing firms to improve their own products and eventually allow them to take over the market, grasping a firm foothold in their sector and monopolising it, causing a major economic threat.

   Mr Samani explains the process of the attacks and how they developed to cause this attack.

   "This was what we call a spear-phish attack, as opposed to a trawl, where they were targeting specific individuals within an organisation," said Mr Samani.

   "An email would be sent to an individual with the right level of access within the system; attached to the message was a piece of malware which would then execute and open a channel to a remote website giving them access.

   "Once they had access to an organisation, they either did what we would call a ‘smash-and-grab’ operation, where they would try and grab as much information before they got caught, or they sometimes embedded themselves in the network and [tried to] spread across different systems within an organisation."

   Mr Cluley, a computer-security expert with Sophos, said firms were often distracted by the very public actions of LulzSec and Anonymous, groups of online activists who have hacked a number of high-profile websites in recent months.

   "Sometimes it’s not about stealing your money or publicly leaking your data. It’s about quietly stealing your information, which can have a very high political, military or financial value.

   "In short, don’t let your defences down," he added.

   August 5, 2011 by Jake
   

   Category: security, Silverchip News, TechnologyTags: news, Security, technology | Comments Off

2. Passwords, Personal Details and Hackers

   Hello World! Been a while since our last post so let’s get right back into with a very current and sensitive subject, Passwords and Personal Details.

   As you may or may not be aware, over the last 6 months or so there have been some major hacking stories both in and out the press with hundreds of thousands of passwords and credit card details being stolen and tens of millions of emails addresses stolen, so we are going to take a look today at what this could mean for you and your security.

   First of all, I will start with the Gawker Attack in December 2010, 1.3 emails stolen and 188,279 passwords. The loss of a password and email combination for most internet users is very bad news indeed; with this information, and by obtaining certain cookie information from your web browser (very easy to get hold of) a potential hacker may see the common website you visit, and with that they are presented with an opportunity to use the email and password they have already for you! Be this an email account, a low security ecommerce website or even something such as amazon or your favourite social media site!

   Any of the above can lead a potential hacker to even more sensitive data about you and provide them with a platform for full blown identity fraud, so the lesson for the above is to use different passwords for your online sites and change them regularly!

   Now, looking at the most recent examples of hacking, namely the Sony hacks where ‘only’ people publically available email addresses were stolen, there is an air of relief in the fact no credit card details we stolen, but if this was the case, why they take 77 million useless email addresses? The reason is, they aren’t useless.

   With this information a hacker knows 77 million email addresses that are commonly used on a variety of websites (let’s be honest you probably use the same email for most of your online accounts, and better yet the same password!) so the next step here is to find which of these email addresses are signed up low security sites, sites that let you attempt a login and if you fail, given you almost unlimited attempts! This is a brute force attack on a website to obtain the password associated with an email and can be devastating for the individual should they succeed, to give you an idea of what can be achieved, see the below chart.

   The below is a picture courtesy of onemansblog.com which shows you how quickly the average computer, with an average internet connection can crack a password with unlimited attempts:

   

   The above shows us, firstly the massive difference in time between a simple lowercase password and one which contains UPPERCASE character and random characters such as @’~#/?098-=+. From the above you can make your own conclusions on how strong to make your password, but take note, password security online is a big business for hackers and you really should take it seriously.

   Following the recent hacks our recommendation is to change all your passwords, use random characters such as telephone numbers to replace like characters such as a 4 for an A or 0 for o and use uppercase characters wherever possible. Remembering passwords in day to day life is a hassle I know, but recovering your identity will be much more hassle so remember 3 or 4 very secure 7 character + password should see that you stay safe online, and for gods sakes, don’t use the same password for all of your online accounts!

   May 6, 2011 by Jamie McMullan
   

   Category: custom web development industry news, security, TechnologyTags: hacking, Security, sony | Comments Off

Categories

• Charity
• custom web design
• custom web development industry news
• digital marketing agency
• google
• Other
• search engines
• security
• SEO
• Silverchip News
• Sky Dive
• Social Media Marketing
• Technology
• web development guidelines

Archives

• April 2012
• March 2012
• January 2012
• December 2011
• November 2011
• October 2011
• September 2011
• August 2011
• July 2011
• June 2011
• May 2011
• April 2011
• March 2011
• February 2011
• January 2011