Cyber Crime And Business Punishment

October 3, 2014 — Leave a comment

Why do we need top IT security for our business? So, that the IT experts can earn more. Why do we hesitate to implement these adequate cyber security measures? Because, they are expensive. Because, they are time consuming. Because, we do not have enough qualified staff to implement it.

Well, we have heard so many excuses that we learned them by heart. On the other hand, there is one piece of statistical information that will make you think twice about these ridiculous excuses. There is something scarier than any known malware or virus, which can be found on the Internet.

Are you ready to face the absolute horror? Here it goes. Customers, clients, users, and others, call them what you want, who have experienced a cyber trouble associated with your business are more than likely to pay a visit to your competitors. In more than 50% of all cases, this will happen sooner or later.

Are you already googling in search for the IT security consultant? If you do not want to do it for yourself, then do it for your customers. If you are not afraid of the hackers, then you should be terrified of your competitors. What a lovely way to motivate businessmen to invest in the IT security. Indeed.

Don’t Feel Free With The IC3

October 1, 2014 — Leave a comment

Who or what is the IC3? The IC3 stands for the Internet Crime Complaint Center, which was launched as the partnership between the FBI and the National White Collar Crime Center (NW3C). It was supposed to protect you and work in your best interest. Then, how come the FBI has issued the warning about the IC3?

Well, it seems that we have matched our match with these hackers, who were able to disguise themselves as the IC3 itself. You cannot believe how detailed and credible they were with their plan. You were lead to believe that the IC3 is addressing you directly about the certain legal issue.

They ask you for some money to solve this matter without further troubles. People fall for it, because these hackers have done their homework properly. Now, the FBI itself has to warn you about this serious threat. So, what is the moral of this story? Well, there is more than one, that is for sure.

We should learn from these hackers. They were methodical, patient and above all, they examined the existing security system from A to Z. They have done our homework, actually. If they can do it, so can and should we. You need to know your enemy in order to defeat him. This is how it goes. Right FBI?

eBay Cross Site A Bitter Bite

September 27, 2014 — Leave a comment

Dear eBay, you should have known better. In this story eBay has not made only one, but actually two serious mistakes. The first one was nothing to do about the cross-site scripting (XSS) weakness. That was something used by the phishers in the worst case scenario for the eBay users themselves.

You were using eBay without a single thought that a current page has been hosted elsewhere. Your login data were given away voluntarily without any awareness about the phisher’s trap. So, what was the second mistake? As soon as this trouble was identified by an IT worker the eBay reacted.

This worker has reported this incident and eBay official response to the BBC. Then, instead of confronting the phishers responsible for this trouble eBay turned its anger on the BBC while desperately trying to cover up the whole thing. And, the rest of this story is a sad well-known story of how the things should not be done in the first place.

When someone with almost limitless resources, such as eBay, misses to apply some of the basic prevention measures, then there is simply no excuse or justification. We sure hope that other major IT league players, who are in a similar situation, will draw some useful conclusions out of this story.

Public Interest – Private Security

September 24, 2014 — Leave a comment

This year’s NATO summit passed under the blinding spotlights of the recent events in Ukraine. No wonder so many things associated with this organization went below the radars of our attention almost unnoticed. Yes, cyber boys and girls the NATO had enough time to discuss cyber security, as well.

Are you surprised or intrigued? Or both? The NATO Industry Cyber Partnership (NICP) has obviously decided to thoroughly change some things about its cyber security measures and structure itself. Well, when it comes to this one, we have two important questions to ask. Can you dare to make a wild guess?

The first one is naturally to examine the motivation for this “sudden” and surprising acknowledgment of cyber security’s importance. What went wrong? Or, maybe the NATO prepares itself for something huge. Russia or China, for example? The second question is definitely more important.

Why it has to be a private sector to handle these sensitive things on behalf of the NATO? What is happening with the top government agencies in this field? Should we be worried or flattered? Is this some kind of a recognition for a quality work or an indication of some new waves in the restless cyber sea?

Cyber Threat Alliance

September 22, 2014 — Leave a comment

It brings back the feelings of the good old days, doesn’t it? McAfee, Symantec, Fortinet, and Palo Alto Networks are the heart and bone of the Security Threat Alliance. These four riders are supposed to deliver the apocalypse to the doorstep of some of the most notorious hackers in the cyber world.

The basic premise in this case is actually quite simple and efficient at the same time. If the hackers all over the world can unite, how come we haven’t done the same already? What is keeping us from launching the United IT Security Colors of Benetton? Finally, someone has realized what needs to be done.

The real enemy is out there. The IT security players have finally figured out that there is no point fighting each other. The competitors in the IT security business are not the enemies. Hopefully, these guys can now focus their attention to fixing real problems instead of fighting each other.

The real question is, what is keeping us from making one international security threat alliance? Imagine all IT security experts acting as one. Imagine all IT security companies working on the same task. The trouble is, we need more people with proper motivation than with the unrealistic imagination.

Chip-And-PIN A Safe Win?

September 22, 2014 — Leave a comment

So, what happens when you play a stubborn game in the cyber security field? Well, you do not have to be a rocket scientist to answer this one yourself, do you? Sooner or later, this way or another, you learn the lesson in the most unpleasant and painful way. This is what is happening in the USA.

Why? How? For some unknown reason the USA Shopaholics still hy? How? For some unknown reason the USA shopoholics like to use the classic and definitely outdated payment cards, which run with a magnetic stripe. On the other side, we have the chip-and-PIN payment cards, or simply smartcards.

These smartcards come with the microprocessor chip, which is responsible for all the fun. It is worth mentioning that we do not imply that these smartcards are necessarily too much of a trouble for highly skilled hackers. What we are saying is that you have better chances with the smartcards.

SO, what is preventing the USA to run without a second thought into the safe arms of smartcards. Well, for the beginning the price of chip-and-PIN terminals. Not to mention hundreds of millions of cards, which need to be changed. Eventually, the frustrated customers will make them to do all changes.

Collateral Nude Damage

September 16, 2014 — Leave a comment

Oh boy, just when you thought the trouble with the celebrity nude photos could not get any worse we heard about the new bad news. It seems that New Zealand had some serious issues with the Internet this weekend. The poor curious Kiwi guys just could not help themselves. They had to see them.

The nude photos of some of the most beautiful actresses in the world. The hackers were waiting for the thing like this one. What a nice opportunity to infiltrate malware and all kinds of trojans. And now you have it. The celebs are in tears, and the users covered with fears. This is a lose – lose situation.

You do not have to be a rocket scientist to figure out yourself. So, what can we do about it? Both parties, celebs and we the plebs? Well, we should hold our horses and do our best to avoid the nude photos temptation. On the other hand, do not make movies and nude photos at the same time.

For what is worth, the hackers themselves have nothing to lose with this one. For them it is a clear win – win situation. As you can see some of the most powerful malware and trojan solutions feed on our vanity and voyeurism. Our human code is the strongest programming code. Unfortunately.

It’s Raining Cats, Dogs And Malware

September 14, 2014 — Leave a comment

You can rest assured that the cyber crime’s hand is a long one with surprisingly skillful fingers. When it comes to the modern day hackers you simply cannot exaggerate. However, this one is a little bit hard to swallow without the bitterness, even for the most pessimistic IT security pessimists.

We have completely neglected what is happening above our heads. The impressive army of weather satellites flies around carelessly and without the proper cyber defense on the ground. Yes, you heard that one correctly. Potential troubles in the sky may have solid ground origins and causes.

You may ask yourself, who in the world would try to hack the IT infrastructure of the weather satellites? And why? Better think twice. These satellites can come in handy for the spying purposes. You can do some spying and later offer your findings for a nice price. Does this one sound like a good hacker’s plan?

What can we do about it? Well, there is so much to do it. We should begin by paying some additional and absolutely necessary IT security attention in this field. You cannot control both bad weather and bad hackers, but you can certainly predict their actions. IT and weather security are all about proper predictions. Right?

Goodwill Bad News

September 12, 2014 — Leave a comment

There is no such a thing as a good news in the world of IT security. As soon as you hear about the latest security breach, you are only offered with a choice how many people are being affected by it. This time Godwill was honest enough to admit that almost 900,000 credit cards related data are being stolen in almost 20 countries worldwide.

So, what is going to happen now? Well, you know the drill, don’t you. They are going to say that something is stolen, but no damage is actually being done. Should we trust them? What other option do we have? They say it is going to be fixed and under no circumstances will similar things happen again in the future.

Unfortunately, some of the well-known X Files techniques are to be applied, as well. If you cannot deny, then you have to find someone else to be blamed instead of you. In this case, Godwill believes that the third party vendors are to be blamed for the whole mess. Which is not a nice thing to say, and which also may be or not be entirely true.

Can you maintain a good mood after this bad news about the Godwill? Hard to say, but you still have to play. Maybe, we should appreciate the rare good news when we hear one that a major IT security threat or vulnerability has been prevented or solved successfully. How about that for a change?

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

Cyber Security