Monday, January 2, 2017

Groundhog day

Today, one year ago...

In 1993 appeared in the billboard "Groundhog day". In the film, an embittered journalist (played by the always funny Bill Murray) Woke up one morning, and the next, on the same day, on the day of the groundhog. Trapped in a date that does not stop repeating, the protagonist despairs and does everything possible to escape for waking up the same on the same day over and over. However, after a countless time and misdeeds, he begins to realize about his own mistakes, started being a better person and after he started learning from himself he got out of the loop.

Beginning 2017 and looking back, it is very interesting to see the parallels that are more than evident in what happened to the character of Bill Murray and what is happening every year in cybersecurity's field.
To begin with, we remember how we started 2016 by discovering a vulnerability in IBM WebSphere Portal. This composite application offered the companies the necessary tools for the creation of solutions based on SOA (Service Oriented Architecture). This vulnerability allowed remote attackers to obtain sensitive information from the affected data. However, the company, aware of the strategic importance of this service, knew how to proceed fast and published a new patch that corrected this problem.

Another perfect example of how we repeat the mistakes of the past was put by Sony and PSN servers (PlayStation Network) last year. After the hack they suffered in 2011, the company started 2016 without access to millions of users who tried to connect to their servers to take the first game of the year. Although the official statements at the time insisted that the situation was the result of routine maintenance, everyone was more than clear that it was probably a DDoS attack. 

On the other hand, someone who also tried to repair their past failures was Android. Last year launched a security update that repaired 12 vulnerabilities present in the old version. The biggest problem is that appart of those twelve, five were critical vulnerabilities. Despite the good news, users who did not own a Nexus had to wait for their respective manufacturers to implement it.

After all, our security as well as the consequences of our actions reside in ourselves. For that reason the reputed digital media Hipertextual published a series of tips to put in shape our security system and protect our files and our privacy of the possible threats. 

"Groundhog day" is a comedy that ended up being a cult movie. Obviously cybersecurity is not a topic we should be kidding about, but we can draw a lot of conclusions about this film. Repeat the mistakes of the past and not learn from them was the reason why the character could't get out of the loop in the film. In the world of cybersecurity, repeating the mistakes of the past has the consequence that cybercriminals continue to take advantage of these failures and will continue without leaving the square of exit. However, we are confident that this 2017 will get out of the loop little by little. Happy New Year!


Post a Comment