Thursday, August 27, 2015

Twitter, leaks, stolen data and Sherlock Krebs

"There's one clear thing. If Thadeus Zu has not been involved in the hack, he certainly knows who did it". This is the conclusion of an awesome research about the Twitter profile @deuszu by the security expert Brian Krebs, in order to determine who's behind the leaked and theft data from Ashley Madison. It's the most famous case lately, but not necessarily the most severe or important one: the medical data are more and more requested, whereas criminals find more ways to infiltrate, unnoticed, in anybody's computer.    

A mysterious character, probably with a fake identity, who sends hundreds of tweets daily, adressed to nobody but it seems that they take part of a big discussion without mentioning any user. And with so suspicious actions like talking about the database of Ashley Madison 24 hours before any media did it. Coincidence in somebody who declares he's gone to Canada looking for his new love? Too much coincidence. The research by brian Krebs deserves a look from the beginning till the end.

But as we were saying before, the data leak from the web of dates is only the tip of the iceberg of much more worrying cases. A late survey by KPMG says that 81% of the health organizations have suffered any kind of successful attack or information breaches in the least two years. The 223 consulted admit it, being CIO, CTO or CISO in their companies. And, pay attention: 13% of them recognize that they're a target of external attacks at least once a day.

So important as prevent and identify the attacks is to know how to react against them. That was what PayPal has proven, patching in a few hours a very important vulnerability such as a cross-site scripting (XSS), which had allowed an attacker asking for "rogue" petitions from the checkout button of any shop, to request financial data from a customer in a fake URL. In other words, phishing from a XSS vulnerability. Congratulations to PayPal for the quick reaction.

But we should remain very vigilant. Specially because our browsing acquire more and more melodramatic aspects. Cybercriminals are making the most of the new gold vein: the malvertising. We're talking about malware injections in the web advertisements, with the peculiarity of not having a fixed pattern of malware activation, so it's very difficult to make a tracking and following of the infections. Malvertising is a technique known since 2007, but it's being massively exploited nowadays. To get some idea, last year these kind of actions increased in a 260%, with 450.000 reported cases.

Cybercrime becomes this way, more and more, one of the most involutionary disciplines all over the world right now. Whereas the rest of society flourish in digital business, the "bad ones" set traps in this land of opportunities. Don't let them gain the battle, the future is ours.   


Post a Comment