Wednesday, June 19, 2013

Hackers and voyeurs

"I'm a real voyeur" (Janet Evanovich, American writer). At least there are people like Ms. Evanovich who openly acknowledge that fact. However observing what others do or say without noticing our prying eyes on them is more usual than ever. Reality shows, social networking, all those situations when we can secretly record videos or take pictures thank to technology…

IP security cameras were born under the aim to provide a costly security technology that only government institutions and large companies could afford to the common people. But the truth is that they can also be used by hackers to "observe" being unseen. According to a study by some students of the Master's in ICT security of UEM, many of these cameras' software contains vulnerabilities (7 of the 9 analyzed).

In fact, if we think about it, hacking has a lot to do with voyeurism. It's about accessing other people's computers, information, photos, videos, bank accounts… always with the aim to be undetected. They even can try to access your webcam without you noticing it. +Maligno Alonso explains that there is a bug in Adobe Flash Player that provide access to a webcam through a clickjacking attack. Although it was assumed fixed, its discoverer has rung the alarm again.

This sort of "dark techniques" are even more alarming when the victims are minors. They can lead to cases of 'grooming' or sexual harassment, cyber-bullying , humiliation, distribution of material between pedophiles and so on. Nevertheless the Secretary of State for Security, Francisco Martínez, has warned that the children themselves are the ones who often send photos or videos to strangers.15% of European minors (from ones who use the Internet) have ever done that.

There are other technologies whose growth also come along with risk. In this case, we mean the HTML5 programming. Its advantage is its all pushed to the client. It is precisely there where its dangers are found, as the security expert and writer Ericka Chickowski states in +Dark Reading.

If we want to clip these hackers or cyber-voyeurs' wings, we must evaluate the type of security we apply to our systems analyzing at least five of the premises listed in Segu-InfoAttackers have infinite resources, the "X" security control will keep my organization safe, security is a goal to achieve, the security can be "added", my organization is not on risk.

We should also be clear on what the most common threats circulating on the Internet are and how they are such as phishing, data loss, Wi-Fi signal theft, identity theft or malware. Today all of them are explained on EnfoqueSeguro.


Post a Comment