Wednesday, July 3, 2013

Errors that you could pay dearly

The Irish writer Oscar Wilde said "experience is simply the name we give our mistakes". In the world of online security, mistakes are a constant. Cyber-criminals take advantage of them to exploit security gaps or human carelessness. And when those criminals make mistakes security forces will be there to catch them.

We do not know what was the error that allowed a website of videogame company Ubisoft to be hacked. The consequence is that the passwords of their users have been exposed, so they recommend to change them as soon as possible. Fortunately there were not stored any bank details in the affected database. We hope they learn from the experience so that does not happen again.

Android device owners should be careful not to commit the neglect of being infected with "Trojan USB Cleaver". Apparently, when connected to a Windows computer a hacker could steal information like passwords from different browsers, as well as WiFi passwords and data network.

A small mistake in the field of computer security can have serious consequences for an organization. It could give a data breach implying financial damage, reputational damage and/or loss of competitiveness. On the other hand, a denial of service attack could paralyze all the company's activity.

Experience shows us that one of the best methods to prevent loss of sensitive data is the encryption of such information. Therefore, the California Attorney General has proposed to enact a law to ensure that companies operating in that U.S. state encrypt the personal information of its customers. It is estimated that the details of nearly a million and a half of Californians were put at risk in 2012.

Sometimes there are mistakes that can send your buttocks behind barsAndrew Auernheimer knows what that is. His mistake was to create an automated tool to extract the names and email addresses of 114,000 iPad 3G owners from AT&T's servers and to pass them to the online news site Gawker. Now he expects a sentence of 41 months in prison to learn the lesson.

Sometimes, it is convenient to make mistakes intentionally in order to find the ways to fix them. For this reason, honeypots are being used as bait to track attacks on critical infrastructure systems. In this way, we can analyze the hackers' behavior and techniques.


Post a Comment