Monday, February 17, 2014

A hospital for hacked companies

A hospital for hacked companies

- Doctor, Doctor. We received three patients with severe symptoms of having their user databases got hacked.

- Okay, we have to examine the seriousness of those gaps and to get them operated. Prepare the operating room! And notify all their users, tell them about the situation and ask advice them to change their passwords in order to prevent further damage. Please fill me in on the status of each.



- Patient #1 is the crowfunding website Kickstarter. It suffered a cyberattack last week. Hackers had access to phone numbers, email addresses and passwords of some of its users. Anyway, it seems that they only stored the last 4 digits of credit cards and passwords were heavily encrypted.

- Okay, we'll give it a few stitches and it will recover soon. But I want the source of the leak analyzed. Next, please.

- Patient #2 is the online media Forbes. After an onslaught of hackers from the Syrian Electronic Army, usernames and passwords of a million users were stolen. In this case, the passwords were also encrypted.

- Okay, a few stitches and we send him home. But first, please, analyze how these individuals could access their content manager system. Next.

- Patient #3 is the online directory muslimdirectory.co.uk. It seems to have been attacked by a hacker who calls himself th3inf1d3l. The assailant took over the access credentials, phone numbers, addresses, full names, emails of nearly 40,000 users... All the data was stored in plain text.

- This is very serious case, it is not enough to fix the gap, we will have to do a reconstruction of the whole security infrastructure. Take it to the operating room right now.

While patient #3 is operated in that peculiar hospital, in South Korea three credit card companies are fined after a leak of financial data from 20 million Koreans a few weeks ago. The person responsible was arrested, but KB Kookmin Bank, Lotte Card and NH Nonghyup Card will have to pay the ridiculous figure of 6 million won (4,118 euros) each.

Leaks of personal information are a pandemic of the 21th century. Therefore, researchers work tirelessly to find more secure and handy systems to replace the usual alphanumeric passwords that we all use. Israeli startup SlickLogin has worked on a sound identification system for smartphones in which Google may see potential because they just acquired the company. For its part, researcher Ras Al Khaimah from UAE states that the identification system based on geographic data that he has developed could reduce by 76% the number of data leakages.

---

We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)7

0 comments:

Post a Comment