Tuesday, August 26, 2014

Hacking is not a video game

What was the game that changed your life? A Super Mario or Sonic one? Maybe GoldenEye for Nintendo 64 or Metal Gear Solid for Playstation? Perhaps the Call of Duty, Grand Theft Auto or Assassin's Creed sagas? The electronic entertainment industry has given us so many masterpieces that is difficult to choose only one, right?

For some Chinese hackers however fun begins when they gain access to video game development companies’ systems and steal the source code of each game. That way they can crack them for free use and free distribution. Furthermore, the code allows them to develop tools for cheating and get higher scores than their competitors. According to a report by Dell SecureWorks, in many cases these amateur hackers use further sophisticated hacking techniques than those used by the Chinese government's own hackers: investigating public employee information to locate the ones with appropriate privileges, performing brute force attacks to find out their credentials and, once in their possession, accessing the company’s system and installing malware.

Other hackers are more interested in stealing user personal data from social networks such as MeetMe. This company has acknowledged a breach which led to several unauthorized intrusions due to a server’s wrong configuration. Although it is not as important as Facebook, Twitter or LinkedIn, the one million users of this American social network are a veritable booty for cybercriminals who could sell their personal details in the black market.

Nevertheless the information that can be extracted from a MeetMe account is nothing compared to the information on the background reports conducted by USIS for the US government. This company carried out employee background checks for the Department of Homeland Security, the US Immigration and Customs Enforcement and the US Customs and Border Protection units, among others. But the US government decided to dispense with his services following announcement of a security breach on USIS’ systems last Friday. This incident affected at least 25,000 public employees, including undercover investigators so their life could be in danger.

Meanwhile Google has announced the results of its #NoHacked campaign launched in 11 languages ​​a couple of months ago with the aim of raising security awareness among developers and webmasters. Examples like the ones above are a last call for everyone who has not properly protected his databases yet. For now, a million users already showed their interested in the campaign and a few hundred shared their own recommendations.

At least we can put an end to this article with news about two cybercriminals whose day of reckoning with justice has come. On the one hand, a man who was involved in an identity theft and credit card fraud ring known as Carder.su has been sentenced to 100 months in prison and restitution of more than $ 50 million stolen by his criminal organization. On the other hand, the alleged creator of the Internet drug market known as Silk Road, Ross Ulbricht, will face three new charges in addition to the four already weighing on him: “narcotics trafficking,” “distribution of narcotics by means of the Internet,” and “conspiracy to traffic fraudulent identification documents.”

All these news about the cybersecurity and cybercrime world can cause vertigo, but we guarantee you that to keep yourself well-informed is essential to avoid becoming a victim of fraud and cyber attacks. So we invite you to follow us through our social channels (find the links at the right sidebar) or here on our blog.


Post a Comment