Tuesday, February 11, 2014

Threats from a black hat on the Internet

Threats from a black hat on the Internet

"Most of the time I am checking my own security, making myself pentesting weekly tests, checking all input and output connections, re-checking addresses when entering web sites...". Do you imagine that all users took cybersecurity so seriously? What kind of person could have a routine like this? In this case, it is the Spanish black hat (malicious) hacker K *** h.

Today it is the International Safer Internet Day, an annual initiative to promote worldwide safe and responsible use of new technologies. Being informed and acting in a prudent way are essential measures to protect ourselves from individuals such as K *** h. In an interview for Security by Default, the Spanish hacker reveals what kind of actions he usually performs, how much he is paid for it and what techniques he uses. He also states that he usually has no ethical qualms because their victims are mainly users who break the law by downloading software illegally.

It seems that in Spain we have a good squad of experts on violating others’ systems security. In fact, Kaspersky Lab has discovered one of the most advanced malware threats ever seen called "Careto" or "The mask". The analysis of certain expressions used on its code suggests that it has been developed by Spanish speakers, more specifically from Spain. The campaign has been active since 2007 until January 2014 and 380 victims (oil companies, the media, leading activists and governmental organizations) have been identified in 31 different countries.

Nevertheless it seems that Careto has nothing to do with a suspected security breach at a large U.S. hotel management company called White Lodging Services. After compromising their point of sale systems (POS), attackers could have obtained the bank card data of customers from Holiday Inn, Marriott or Renaissance hotels between March and December last year.

Cases like the ones above demonstrate that there is still a long path ahead concerning cybersecurity. But in the fight against cyber criminals, sometimes we reach to some extreme attention-grabbing situations. In France, a blogger who discovered on Google over 7 Gigabytes of documents from the French National Agency for Food Safety, Environment and Labour (ANSES) found himself with a fine of 3,000 euros for having downloaded, copied and published such documents knowing that he should not, even if they were publicly accessible.

In any case, the French agency was ridiculed for not having its files adequately protected. And protection is a key point on the Internet. Security problems can, for example, make businesses fall in the stock market or even make the value of a currency slumps, as happened with bitcoin when Japanese company MtGox stated that there was a flaw in the virtual currency's underlying software. Thus Bitcoin dropped from 700 to $ 540.

Keep your eyes wide open and be cautious in order to make a safer Internet day of every day.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)7


Post a Comment