Tuesday, 5 March 2013

What the hack?


The past few months have been characterised by a number of high-profile hack attacks. What the hack is going on? (Pardon the pun!) Quite a few things actually:

1Facebook and Apple®

Two of the most recent high profile hacks were those targeting Facebook and Apple employees. Although it has been reported as a hack, it looks more like a malware attack.

The result? Those computers that had Java plugins with vulnerabilities were infected.

The lesson to be learned? Do yourself a favour and disable the Java plugin in your browser. Trust me, you probably don’t need that plugin anyway. Tools such as GFI WebMonitor® (used to block malware) and GFI LanGuard® (which patches vulnerabilities in OSs and software) help mitigate the risk of these types of attacks.

Vulnerability exploits are among the most prolific forms of attack on the web right now, and if you, as an IT Administrator, haven’t included them as part of your plan, you should – now. Don’t wait until your company becomes the next victim. After all, if Facebook and Apple employees’ machines were infected…

2. The New York Times (and other cyber attacks)

Cyber-espionage and state-sponsored cyber attacks appear to be on the increase lately. Various nations have dedicated experts whose role is to find weaknesses in other countries’ systems or company networks and launch attacks to gain access and/or steal information.

These attacks are far more sophisticated than those attacks on Facebook and Apple. They are known as Advanced Persistent Threats and are a concerted effort to get to a company’s data. These attacks can be passive, that is they are silent attacks and just reside on the system, and “listen” to information which they then use to their advantage. Or they can be active, whereby attempts are made to disrupt the infrastructure, communications, power-generation and distribution.

3. Twitter Accounts

On many occasions, Twitter accounts are hacked because a weak password is compromised. Celebrities are the usual target because they typically have millions of followers, giving hackers far greater benefits when they obtain access to the account. Burger King® was the victim of this type of hack just for the “lulz” (a harmless prank with no malicious intent). In this case, the hack resulted in the rival Big Mac being advertised on Burger King’s Twitter account. The reason their account was hacked was likely due to the fact that the password was “whopper123”.

Well known TV presenter and journalist, Jeremy Clarkson also fell victim to an attack by a spammer. His account was used to market a diet website. Reacting in typical Clarkson style, he tweeted “I have been hacked by spammers. Luckily I have acquired a special set of skills over many years. I will find them. And I will kill them”. On a more practical level, choosing a strong password and ensuring applications are not allowed to connect to a Twitter account, would have prevented this from happening in the first place.

So how can you counter these attacks? Simple, make sure all your teams are using complex passwords for their social media accounts.

4. Leaked user data

This hack can lead to some seriously bad damage to a company’s brand. Do you remember the PlayStation® hack and the harm it did to the brand? It certainly won’t be forgotten anytime soon.

Protecting a company or network against these attacks requires a strategy, not just a quick fix. Start with basic spot checks to determine if you are encrypting user data, credit cards and passwords. Then check if your content management system is up-to-date. Have you had someone perform penetration testing of your system to see if they can gain access to your precious data?

Even if your company is relatively “small” it doesn’t make it less attractive to attackers. There is a growing black market which thrives on attacking small businesses because these businesses cannot provide the same level of network security as larger businesses can.