Monday, October 10, 2016

Miraculously saved

Today, one year ago...

A fast-paced action plot, set in one single day, and in which only a miracle could save a family from the murder by the revolutionaries. This is the summary of the film ‘No escape’, with Owen Wilson, Lake Bell and Pierce Brosnan, that came to the big screen one year ago now. As in the fiction, in the world of cybersecurity there are many events that can stir up the scene, and stay safe could be a question of miracles.

A year ago, in addition to the premiere of this film, a researcher from Symantec discovered a very original malware. Under the name of Wifatch, the “bug” entered insecure systems to… secure them! Behind such a great and selfless feat, we found a group called The White Team, whose leaders said in an interview that with this action they had managed to “save bandwidth by eliminating malware from the routers and illegal software, as well as preventing disruptions and the theft of credentials and money”.

Beyond this digital fairy tale, the activity related to malware usually has more spurious targets. It was estimated that a cybercriminal band could be earning up to 3 million per month, according to Cisco. It was supposed that they were carrying out the exploit of Angler, attacking a daily average of 9,000 unique IPs, using proxy servers, with 40% of success. They used the kit Angler to assault computers and inject them ransomware.

Another example of how difficult it is to be safe in this difficult environment: the case of the Cleaver network in Iran. Its aim was to direct phishing attacks and spear-phishing, and its methodology was very peculiar: creating fake profiles on Linkedin, with up to 500 contacts each, to be credible in the eyes of those managers they wanted to deceive.

And precisely, managers were the protagonists in the news 365 days ago (day up, day down): the data theft from more than 50,000 driver’s licenses, which occurred in May 2015, led months later to an investigation that culminated in the IP of the CTO from the rival company, Lyft. This company denied everything, of course, but the episode is there. You can’t even trust your “colleagues”.

All this happened a year ago while some lawmakers had as their priority the data protection understood as a battle between the Old Continent and the United States. One European law that generated a lot of ‘hype’, and forced to make some changes to the service. That mess (that still remains one year later), was called ‘Safe Harbor’. A mess, as in the film ‘No Escape’, that we can only be saved from by a miracle.


Post a Comment