Friday, August 21, 2015

Do you kow who plays on your team?

Answered prayers cause more tears than those that remain unanswered. This could perfectly describe the situation at Ashley Madison, dating web service for married people. We have to add a new leak twice in size than the spectacular leak of the beginning of the week: 20 Gigabytes of data which look to contain even internal corporate data of the company. All of this meanwhile the German Parliament suffers a "blackout”, and a recent poll says that one third of the employees declare to have a “price” for leaking information.

The dating web Ashley Madison is reaching its limits. The managers claim that they are investigating what happened, that they are learning the lesson and, despite everting, it has to be taken into consideration that there is an undetermined amount of fake data in the leaks. But security experts like Brian Krebs have no doubt about the authenticity of the data. And they keep growing: 48 hours ago the news were the leak of 10 Gigabytes, the new leak doubles it (20 Gb) and could contain even more sensitive information. Remember the breach was on the news the las 20th of July and even then the company was threatened with making public this info if it didn´t finish its business activity.

The night of the broken systems

Meanwhile, the German Parliament (Bundestag), has downed completely offline today, but his time it is not caused by an attack, but explicitly to ”hone” the system. Don´t forget that tree months ago (15th of May) some unidentified criminal were able to access to the systems of the Lower Chamber, alerting all the intelligence services of the country. This blackout is something “embarrassing” based on the opinions of the Chaos Computer Club, which defines itself as “the bigger European hackers association”.

The Price of the data

Data comes, data goes. ¿At what price? When the enemy is inside, it´s hard to see it. But, a recent poll reveals that more than a third of the employees would be willing to sell data if the price is concordant with the served info. Financial statistics, product specs, customers and other employee’s data, info about the supply chain or commercial transactions… Everything is good when offering yourself to the highest bidder. The old industrial espionage, updated and with the threat of an information leak pending over our heads, a leak dangerous for the reputational and business risks (if they can be separated) of the companies.

For two dollars a month

We close with a brief note for all who feel the temptation of thinking that nobody is going to take the interest of stealing their credit cards credentials. Many times, criminals don´t look for big amounts, but a platform for small payments. As small as two dollars a month, an amount which allows you to have a “bullet proof” hosting (BPHS), highly demanded for all kind of illicit services, from hosting of malware to child porn.

If there is money, no matter how much, it will hava an utility. So be careful with where and how we use our credit cards. There is somedy stalking, always.


Post a Comment