Saturday, December 6, 2014

The hack of the year

In the good old days it was said that the network grew so as exponential that a year in the Real World were seven years on the Internet. This rate of growth has been slowing, except in some areas where research continues and new software, new theories and new experts constantly appear. As in social media marketing and, to a greater extent, computer security, a world moving relentless, plunged into an arms race unstoppable today.

Undoubtedly, the hack of the year and next is the attack against Sony corporation by a group calling themselves #GOP (Guardians Of Peace), with pad included in its name, born to be trending topic. To the mystery about attackers' origin and motivation (it was said it was an attack by the North Korean government but today many experts doubt about it) we must add their disproportionated actions: they've disseminated on the Internet films not yet released, documents that reveal the salary of senior executives and, today, we know they are sending emails to Sony employees, threatening to attack them if they do not sign a letter against the company.

A brutal attack. Sony experts and law enforcement are working flat out to rebuild their leaky network and solve the case, which is sinking the company's reputation. Apparently, the attackers used a malicious code called WIPALL to infect Sony networks and acces them. Actually, WIPALL has little to do with a simple virus and is rather a suite of tools devoted to attack, espionage and demolition.

Speaking of espionage, not just bad guys are devoted to it, also secret services are advancing with quantum shifts in this area. New leaked documents from the NSA by Edward Snowden show that the US agency is infiltrated in worldwide major telecommunications operators and is able to tap a phone, it is, in minutes.

But that state of insecurity is attackers or victims' fault? Every day we see new holes that put our digital life in danger. Today we've known that methods to log into websites using our social networks' credentials, like Facebook or Linkedin, have serious flaws that allow to attack our accounts. Punishment to companies for their mistakes becomes now a trend, as has ruled a judge in the United States: Banks may request damages to Target Corporation, who had millions of credit cards numbers stolen from its network, because Target was aware of its security flaws and did nothing. Sentence opens the door to a legal precedent: we will soon see important consequences worldwide.

Anyway, if errors are for us to improve, they're welcome. Let's have a peaceful long weekend's Saturday.


Post a Comment