Friday, July 28, 2017

No pain, no gain

We are in summer. It is holidays and beach time, so you can go and swim in the sea. However, you get a bad feeling when you are in front of the sea with your flip-flops full of sand. It is time to take your t-shirt off and show your ‘curves’ to the people. At that moment you remember when you joined the gym in the beginning of the year to get on shape for the summer season. You couldn’t have started happiest, but after after second day, your friend called you for having some beers and you thought ‘that’s alright, I’ll get back to the gym tomorrow or the day after…’

No pain, no gain. This sentence comes true everyday in social networks’ world. As an instance, today we are talking about the best of the week in cybersecurity.

The one who has shown the ‘curves’ is our Justice Minister. LexNet, the information-exchange system between all the justice agents suffered a serious security breach that left the gates opened for every single user of the platform. This means that they had access to thousands files such as unfinished business, secret and sensitive information, etc. The most concerning thing about it is that more tan €7 million were invested, however anybody could have had access full access to confidential information just by changing the users’ IDs at the URL. We know the security inversion has increased, but has it been done conscencely?

Ask CopyKittens. Who are they? We are talking about a group of cybercriminals joined to Iran that have been operating since 2013. Through these four years the organization has been leaking a huge amount of details from different organitations: militaries, governmental, academic institutions, computing companies… With this profile you could think that we are talking about criminals with sophisticated hacking methods, right? Nevertheless, their abilities are actually quite ‘rudimentary’.

Persistence and preparation are two qualities extremely important in the cybersecurity world. The problem is that criminals already have made their homeworks. Do you remember Spring Dragon? This group, which has been acting since 2012 (however it is believed that it was actually created in 2007), has used more tan 600 types of malware during their attacks. Through this time, It has attacked all kind of politic parties, educational institutions and Eastern Asia telecommunication companies. A perfect example of constance and work, even though it hadn’t very good intentions.

With those many cybercriminals, why only a few of them are in prison?  Well, as we said, no pain no gain, and jail procedures take long. However we have good news for you, and they are big ones. Last Monday, German authorities declared BestBuy guilty. The famous hacker was accused of kidnapping more tan 900,000 routers with the malware Mirai from the network Deutsche Telekom. After more than of trials and researches, the trial was solved with a favourable resolution for the network’s deffensors.

Nevertheless, this has not been the only ‘victim’. Right yesterday, Greek police arrested Russian Alexander Vinnik for being involved in an operation of money laundering. According to police’s investigation (in collaboration with FBI agents), the accused would have been more than one year doing it, laundering more than €4,000 million.

It is because of that we have to be aware on the cybersequrity thing. People need to get ready everyday. How do we get it? Trying to improve our defenses and being informed and updated. It must be taken into account that if we do not get ready, cybercriminals will do it, and that could bring fatal consequences, more than having a ‘hot body’ during summer holidays.


Post a Comment