It’s been a busy year so far for cyber thieves, hacking government and enterprise IT systems in growing numbers and scope. Network security applications are at the heart of any IT system’s defenses. Thieves slip some malicious network code through an unsuspecting employee using their “Bring Your Own Device” tablet or smartphone to download an attachment in many cases. In others it is more sophisticated and concentrated.
The recent spate of breaches of network security software clearly is giving IT administratorsreasons to stay up at night. If nothing else, they are paying more attention to application security testing vendors such as Veracode. In Veracode’s recently released annualState of Software Security Report (SoSS) they see the rise of the “everyday hacker” who will account for 30% of all SQL injection attacks.
Solutions providers such as Veracode provide proven cloud-based capabilities allowing IT security professionals to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Black Diamond offers a free application security scan to uncover application security issues and red flags.
Solutions providers such as Veracode provide proven cloud-based capabilities allowing IT security professionals to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Black Diamond offers a free application security scan to uncover application security issues and red flags.
So let’s pull back the cage gates and see what cyber hackers have been getting into, literally.
1. NY Times Endures Chinese based cyber attack for months
For four months, Chinese hackers persistently attacked The New York Times, breaching its computer systems and stealing passwords for its reporters and other employees. Ironically, these attacks on the NY Times network security first surfaced in October 2012 when the Times was investigating China’s Prime Minister, Wen Jiabao and his relatives for wrongfully accumulating his billion dollar fortune. The cyber hack was orchestrated by installing malware onto the company’s computers.
Analysis showed the malware was linked to computer attacks originating in China. The cyber attacks seemed more aimed at causing havoc than an attempt to search and destroy records related to the Wen family. IT security investigators believe the attacks seem to be part of a computer surveillance campaign against American news media companies that report on Chinese affairs. In an effort to shore up their computer and network security, The Times blocked all infected computers and networks, changed usernames and password for conceded accounts, and increased their scrutiny of network security applications.
2. US Federal Reserve gets hacked in response to Aaron Swartz suicide
In early February, The US Federal Reserve Bank confirmed one of its internal websites had incurred a data breach by thehacktivist group “Anonymous”. The initial network security scare involved stolen personal information of more than 4,000 bank executives. “Anonymous” reported publishing all the personal data of these 4,000 bank executives using a Twitter account registered to OpLastResort, which has also allegedly has wreaked cyber security breaches on other business and government websites. OpLastResort is a campaign that hackers related to Anonymous have started to protest against government prosecution of the computer phenomenon Aaron Swartz, who killed himself on January 11th. Hackers identifying themselves as Anonymous breached the US sentencing commission website in late January to protest against the government's treatment of Swartz.
3. Twitter Suffers Cyber Attack
In February, Twitter came forward to announce they were the latest site to suffer a breach of their network security. The social network said that approximately 250,000 Twitter user accounts were potentially compromised. The breach of Twitter’s network security involved gaining access to personal identifiable information including user names and email addresses. Twitter IT security technicians were able to detect unusual access patterns that led to them toward identifying unauthorized access attempts to Twitter user data. Once this live attack was discovered, Twitter’s IT team were able to shut it down immediately. Though this hacking shortly followed that of the New York Times, Twitter did not mention China or blame the hacks on any specific country or group. In light of this attack, Twitter has urged their users to be proactive in beefing up their security by using strong passwords that mix numbers and symbols with upper- and lowercase letters, not using the same password for multiple accounts, and disabling Java.
4.Yahoo! Mail Hacked After Video Uploaded on YouTube
Yahoo Mail users have been seeing their accounts broken into for months. Though Yahoo has reported fixing the hacking issue several times, there is still a reported rise in the number of compromised accounts. Yahoo’s network security breaches have been documented for some time. What makes this cyber attack unique is that it seems to stem from a YouTube video uploaded by Shahin Ramezany. On January 7, 2013 Ramezany uploaded a video to Google’s video site that detailed how to compromise a Yahoo account by leveraging a DOM-based cross-site scripting (XSS) vulnerability exploitable in all major browsers. Since then, the number of accounts being hijacked has increased and many users are either sending or receiving suspicious links to every address in their Yahoo account. Yahoo continues to upgrade its network security software to avoid future incidents.
5. South Korean Broadcasts and Banks Hacked
In early March, South Korean authorities investigated a hacking attack that brought down the servers of three broadcasters and two major banks. The army rapidly raised its alert level due to its suspicions that North Korea may be involved. Network servers at television stations YTN, MBC and KBS were affected as well as two major banks, Shinhan Bank and NongHyup Bank. While law enforcement authorities and government officials declined to immediately finger North Korea as the source of these cyber attacks, they have good reason to suspect their neighbor to the north as North Korean hackers have in the past targeted South Korea's conservative newspapers, banks and government institutions. In a move to deflect attention, North Korea has claimed that its own websites had been victims of cyber attacks, blaming the United States for presenting these attacks in attempt to sabotage the country.
So does the rise in network security breaches mean we should all stop using the internet and revert back to smoke signals and newspapers? Probably not the proper response. What the increase in cyber attacks reveals is that companies and government agencies need to shore up their attention to their IT Security Policy practices.
Since over 90% of corporations have suffered some sort of computer and network security breach in the last 10 years, it is a wake up call to IT security professionals to really drill down into their application security and see where there may be vulnerabilities. These vulnerabilities include:
- Social Media Outlets and how their employees are interfacing with them while using the company network of computers
- BYOD Mobile devices need to have increased application security measures installed
- Users own password usage tendencies can cause significant holes in network security and should be forced to use IT Security policy compliant passwords.
There are many other ways that IT network managers and IT Security employees can continue to build up their defenses against an ever increasing universe of hackers. One of the easiest and most affordable ways to increase network security is to use a next generation firewall from companies such as Palo Alto. Black Diamond Solutions works with companies to help shore up their network and application security measures and allows enterprise IT managers to rest easier knowing solutions are in place to mitigate the risk posed by cyber attacks.
Make sure to download Veracode’s recently released annual State of Software Security Report (SoSS) to catch up on the latest research regarding network security software vulnerability trends as well as predictions on how these flaws can be exploited if left unattended to. According to the report, the “everyday hacker” is probably looking at your servers right now trying to figure out where the holes are. Make sure you plug them by having a strong IT Security Audit that leads to strengthened IT security policies for overall increased network security.
References:
No comments:
Post a Comment