Friday, November 10, 2017

The importance of a good glosary

Have you ever wondered who names the storms and hurricanes? Although many don´t know, there is a technique used when naming atmospheric phenomena to help a quick identification in the warnings of caution to the population. Most of these hurricanes and typhoons have female names, this is because during World War II meteorologists popularized the practice of using women's names for storms since they preferred to choose names of their lovers, wives or mothers. Fortunately, beginning in 1978, the names of men began to be included in the lists.

In cybersecurity we don´t have atmospheric phenomena but we fight every day against attacks, viruses and malware. The nomenclature of these elements is vital for their recognition and the disparity of denominations can generate problems for both the infected user and the organizations and companies that work in this field. Doing a review of the news of the week we find several names that it is important to start remembering because ... they are taking on the odds.

The first name that has reached our ears this week has been GIBON. It´s not the name of a company or new software, it´s a new type of ransomware considered by experts as a dangerous threat to the computer system running Windows. Silent and dangerous, it encrypts files leaving them completely inaccessible for users. Only after the payment of the ransom, the user will be able to access his documents and will he obtain full control of his system again. Ways have already been developed to eliminate this virus from the device so ... a lot of name and few nuts.

There´s a group of previously unknown computer espionage, until this week they were given the name of SOWBUG. Active since 2015, their main attacks have been directed against a series of governmental organizations in South America and Southeast Asia to steal their confidential data. This week the group has been exposed by security researchers from Symantec, who have discovered that the group carried out clandestine attacks against foreign policy institutions, government agencies and diplomatic targets. Two years acting and no name... curious.

EAVESDROPPER, does it sound like something? If you still do not know him, you should. This week a cybersecurity company has found 635 applications for iOS and Android that are vulnerable to this exploit. Eavesdropper represents a great threat for companies since developers have given global access to text messages, call metadata and voice recordings of each application they have developed with the credenzas exposed. This vulnerability could make a company's private information easily accessible to cybercriminals. Now that we know his name better keep him away.

Years ago it would have been impossible to think about the DDoS attack on request, but now this is possible. RAGEBOOTER accepts the payment in order to make flood attacks with the desired traffic (DDoS), overload the servers and deny others access. This service uses a technique called DNS reflection to flood a website and increase the amount of traffic directed to an address, thus being able to impersonate the IP address of search requests. The worst of all? It is legal and accessible to anyone who wants to download it.

The unanimity in the nomenclature is important when dealing with an attack or virus, since it allows greater control over it and a faster development of a method to deal with it. Long or short, these names always hint at some element that wants to shake the foundations of cybersecurity although we breathe easy, they do not always achieve it.


Post a Comment