Wednesday, February 19, 2014

The foundations of cybersecurity

The foundations of cybersecurity

“You can't build a great building on a weak foundation. You must have a solid foundation if you're going to have a strong superstructure” (religious leader Gordon B. Hinckley). What happens to a building that is flawed at its base? Most likely, it will end falling down.

Just like the U.S. Navy’s intranet when it was attacked through a flaw on one of its websites by Iranian hackers last summer. It took them four months to fix the situation and had to assumed a cost of $10 million because they hired cybersecurity experts in order to to push out the hackers, repair the network and build safeguards to protect it from new attacks.



Several systems of industries, laboratories, warehouses or critical infrastructure using Schneider Electric’s SCADA (Supervisory Control And Data Acquisition) software could also falter at any time as a result of a vulnerability that could allow an attacker carrying out denial of service attacks.

Moreover the integrity of more than half of Android devices is in danger following the release of an easy-to-use attack code that exploits a critical old bug in the WebView interface .

Nevertheless, the structure of a building is not always compromised by a construction failure. External agents such as termites can critically weaken a wooden one. In computing, these termites are malware, small applications or malicious codes intended for harm. For instance, returning to Android, an alleged legitimate app has been reported as malware because it is downloaded automatically when a visitor accesses certain websites and, once installed, it sends information about the device. Besides it has capacity to execute remote code without previous user authorization.

The well-known banking trojan Zeus used by cybercriminals to access the bank accounts of their victims is even more aggressive. Its latest reported variant conceals its configuration file in a digital photograph to avoid being detected by an antivirus software.

If in the world of construction, builders and architects are those who pay the price if a building falls down due to faulty materials or an error in their architecture, in the digital environment, the scope of law enforcement is set on the hordes of termites that attack users, organizations and governments. Some progress has been made in recent years, but it is still very difficult to get closer to the heads of cybercrime, as it was have stated at the Kaspersky Security Analyst Summit in Punta Cana, which gathered officials from Romania, Germany, the FBI and the Interpol.

---

We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)7

0 comments:

Post a Comment