Tuesday, October 4, 2016

Internet and the rain: why do you get wet?

When it rains, the only way of not getting wet is to stay home. If you decide to go out, it doesn’t matter if you wear a waterproof because there’s always the possibility of getting wet. In the cyberworld it’s the same: the only way to prevent the hacking storm is to be disconnected and not get outside: no smartphones, not going online… Can you do that? The point here is not to avoid the rain, but to get dry in time and evade waterspouts (DDos), large puddles (ransomware), open clothes (data gaps) or to stay under the rain in the open field (malware).

In our Monday review about what happened one year ago, we find some cyber storms on the same dates in 2015. To begin with, we have two well-known companies called T-Mobile and Patreon. The first one suffered a data breach of 15 million files and the second one, a data breach of an undetermined number of records with names, emails, publications and billing information.

However, one thing is to get wet because of the bad weather, and the other thing is because your house is full of leaks. That was what happened to the biggest bank in Denmark, according to Sijmen Ruwhof, a researcher who managed to get confidential information thanks to Javascript and the source code of the bank URL. A glitch could have allowed him, if he had wanted to, to get the details from the bank accounts (cybercriminals’ favourite misdeed).

Some other times we can get wet when we have old clothes that got torn without us noticing it: that shoe with an unexpected hole, or to catch a cold because of the bad weather. That’s the case of a vulnerability with a rating 9 on the CVSS scale, discovered in a huge widespread software for compressing and decompressing files: WinRaR.

But the scariest days are those when the sky is overcast and it seems it’s going to rain, but it doesn’t happen, and you don’t know what to expect: get shelter, wear a waterproof, take the umbrella or leave it at home? At this time of the year, in 2015, Symantec identified a new type of malware that had infected tens of thousands of users. But, as in those days of unstable and uncertain weather, nobody knew why that malware had been spread, or what for, because their creators were not taking advantage of it.

What is unforgivable in any case is to get wet by mistake, because you are absent-minded, like in those occasions that you have been warned that it is cold outside, but you get out without a T-shirt. In those cases, hackers would be stupid if they didn’t hack you; like the case of the guy who thought he had bought the domain Google.com for 12 dollars. If this happens to you, the least people can say is: “What were you thinking, you fool?”

Image source: freeimages.


Post a Comment