Former Employees – Future Worries

October 5, 2014 — Leave a comment

You do not have to be a rocket scientist to know that former employees should not have the access to the company’s IT infrastructure as once they used to do. Yet, you would be surprised to find out in how many cases we forget to lock the IT door after someone leaves a company this way or another.

Why? It seems that we worry much more about the contract, social security, cancellation period, and all other more important issues that IT security in these cases seems like a trivial thing. We do not have time to clean the cyber working space after our former colleagues, but we do not forget the other things.

Believe it or not, there is a higher probability that your former employee will “hack” your company than any hacker you can possibly think of on this planet. The worst thing about it is that we leave an open door. Any unauthorized access is potentially extremely dangerous for your company or business.

This includes cases, when your former employee feels nostalgic about his old company’s account or wants to do you harm because he was fired. It only takes a couple of minutes to change passwords and adjust new security settings. Yet, we miss to act accordingly. This is how our former employee becomes our future hacker.

When Enough Is Enough

September 29, 2014 — Leave a comment

It seems that the US financial institutions just enough. They are apparently sick and tired of constant and damaging cyber attacks. So, they have decided to do something about it. It may sound as some kind of a bad joke, but of all the business entities in the world, they can certainly afford it.

So, what they have done? The Soltra is born. It comes as the direct result of a special partnership between the Financial Services Information Sharing and Analysis Center (FS-ISAC) on the one side and The Depository Trust & Clearing Corporation (DTCC) on the other side. Really impressive, indeed.

However, is it enough to ensure the adequate protection for the US finance engines? For what is worth, this is a remarkable change. It is not enough to take hands and dance in a circle hopping for the best. Yet, as soon as you join forces, resources and start information exchange you are on something serious.

The next step definitely worthy of our admiration would be to have the international financial security system launched as soon as possible. That would be something really special, wouldn’t it? If the hackers all over the world can easily unite and work together, so should we. No matter who we are and what we do.

The Broken Chains Of The Home Depot

September 25, 2014 — Leave a comment

Is this a new world record for the biggest commercial security breach? More than 56 million payment cards have been compromised. It is just like you have hacked the entire population of some of the largest European countries such as Germany, France or Italy. Let us focus on the aftermath of these events, shall we?

On the other hand, it would be wrong and unfair to blame it on all on the Home Depot. We can say that the Home Depot is actually a victim of the poorly protected and definitely outdated system. In a certain way we can dare to claim that is very likely that this negative event will have some very positive consequences.

It seems that we have been waiting for something like this to happen in order to seriously examine the possibility of introducing the latest smart payment cards based on the chip-and-PIN technology. Unfortunately, this would be the first time for the US customers enjoy all the benefits of this technology.

All is well that ends well. Can this also be true in the IT security field? Well, itndepends where you stand when a certain change occurs. For the 56 million users it is a weak comfort that this trouble was the very reason for the new protection technology introduction. Better ever than never. How about this one?

Chip-And-PIN A Safe Win?

September 22, 2014 — Leave a comment

So, what happens when you play a stubborn game in the cyber security field? Well, you do not have to be a rocket scientist to answer this one yourself, do you? Sooner or later, this way or another, you learn the lesson in the most unpleasant and painful way. This is what is happening in the USA.

Why? How? For some unknown reason the USA Shopaholics still hy? How? For some unknown reason the USA shopoholics like to use the classic and definitely outdated payment cards, which run with a magnetic stripe. On the other side, we have the chip-and-PIN payment cards, or simply smartcards.

These smartcards come with the microprocessor chip, which is responsible for all the fun. It is worth mentioning that we do not imply that these smartcards are necessarily too much of a trouble for highly skilled hackers. What we are saying is that you have better chances with the smartcards.

SO, what is preventing the USA to run without a second thought into the safe arms of smartcards. Well, for the beginning the price of chip-and-PIN terminals. Not to mention hundreds of millions of cards, which need to be changed. Eventually, the frustrated customers will make them to do all changes.

Goodwill Bad News

September 12, 2014 — Leave a comment

There is no such a thing as a good news in the world of IT security. As soon as you hear about the latest security breach, you are only offered with a choice how many people are being affected by it. This time Godwill was honest enough to admit that almost 900,000 credit cards related data are being stolen in almost 20 countries worldwide.

So, what is going to happen now? Well, you know the drill, don’t you. They are going to say that something is stolen, but no damage is actually being done. Should we trust them? What other option do we have? They say it is going to be fixed and under no circumstances will similar things happen again in the future.

Unfortunately, some of the well-known X Files techniques are to be applied, as well. If you cannot deny, then you have to find someone else to be blamed instead of you. In this case, Godwill believes that the third party vendors are to be blamed for the whole mess. Which is not a nice thing to say, and which also may be or not be entirely true.

Can you maintain a good mood after this bad news about the Godwill? Hard to say, but you still have to play. Maybe, we should appreciate the rare good news when we hear one that a major IT security threat or vulnerability has been prevented or solved successfully. How about that for a change?

Japanese Air Force One’s Menu List

September 10, 2014 — Leave a comment

This is embarrassing. This is potentially extremely dangerous. This is a warning. Well, choose which one of these descriptions is the most suitable one for the following. The flight schedule of the Japanese Air Force One has been hacked. You do not have to be a rocket scientist to know what it means.

How about the US Air Force One, for a change? What a nice thing for the terrorist to have. What a strong motivation for the hackers to obtain such data. When it comes to this you are free to name your price. Sky is the limit, literally. Who or what is next? How about the government’s officials?

This is disturbing, at least to say. If you recall, almost one half of the South Korea population was hacked. We mean, the personal data about the dozens of millions of people. But, that is the same thing. Nowadays, you can hack the entire country, just like that. You can offer it in the black market.

Our brave new digital world is definitely a scary place. So, we need some cyber samurais to save the day in Japan as soon as possible. Otherwise, who knows where their Air Force One may land. Maybe, in China or North Korea. There are no untouchables for hackers. This is the lesson we need to learn here.

The Hungry Nude Games

September 10, 2014 — Leave a comment

Nothing will be the same. We know. We will never be safe. We fear. Yet, there is always something good, which can be found more or less in something bad. It is a sad thing that we needed some nice looking nude bodies to raise our awareness about the ugly truth about IT security.

Do not you just love one of the most famous NSA sayings. It goes something like this. If you do not have nothing to hide, there is nothing to fear about. When we apply this one to our iCloud trouble we get something like this. If you do not take nude photos, you do not have to worry about the unwanted exposure.

Or, do not be a celebrity and make nude photos as much as you like. Our dear celebrities can invest some of their money in top security solutions. Of all people they can certainly afford it. Some cyber bodyguards will be more than welcomed in this situation. We live in the digital world. Right?

Yes, we already have an idea. Celebrity IT Security at your services. Protecting your nakedness with our top cyber watchdogs. We can even make a movie. Hollywood cyber detectives. For us it is funny. For our celebrities it is definitely tragic. Enjoy while it lasts. The photos. You got that one right. Right?

California Kill Switch Bill

September 4, 2014 — Leave a comment

It has been cooking for quite some time. Now, it is time for us to see some actual working in this matter. California is the first state with the kill switch bill in force. You do not have to be a rocket scientist to know what is this bill all about, do you? You cannot have the absolute anti-theft guarantee.

However, you can make all smartphone thefts absolutely pointless. With this feature you can log into your web account and kill your stolen smartphone literally. Its interior will become a melted and useless material in a matter of seconds. How can you be sure with this one?

Well, for what is worth, this is supposed to be a default feature for all smartphones bought in California. Although, some elements which can survive the kill-switch can still be used for spare parts, the damage for the thieves has already been done. It is simply not worth all the risk and trouble.

On the other side, we sure hope that the feature itself is protected enough. The last thing we need is some hacker killer, who decides how many smartphones to eliminate with a simple push of a kill switch button. Let us hope that we have not created the ultimate weapon against the smartphones.

Russian Cyber Mafia

September 1, 2014 — Leave a comment

Although, this post’s title may sound similar to the Swedish House Mafia, you can rest assured it has nothing to do with music. As a matter of fact, while someone’s fingers were playing the digital music of destruction, the other side was at the very edge of its tears and complete desperation.

So, let us see who are the main characters of our story. On the one side, we have the top Russian hackers. On the other side, we have the very symbol of the corporate America. This is how you end up with a breaking news: JP Morgan was hacked by the Russian hackers. Oh, this one sound terrible.

You know how it goes in the aftermath of this and similar events, don’t you? If a dinosaur such as JP Morgan cannot be safe, what about the IT security of the rest of us the mortals? At least JP Morgan can afford the top class IT protection. They have invented the money as we know it today.

How about a little spending for justified IT causes? The Russian IT school, including its hacker’s department has one hell of a reputation. However, not even they are almighty with the proper IT security measures. Unless something is done with this one, their next address can easily be the White House.

Hacking The Ghost Plane

August 26, 2014 — Leave a comment

This one you may find a little bit hard to digest. It seems that a group of Chinese hackers attacked the Malaysian Airlines HQ and stole the confidential data about the missing MH370. What in the world they plan to do with this kind of information? Are they going to sell it eventually?

Maybe, the Chinese hackers are eager to solve this mystery on their own? And, this is how you end up easily in the conspiracy labyrinth. Can you hack an airplane and blow it away from the sky? What if someone tries to cover his tracks with this quite unusual hacking activity?

When you ask these kinds of questions, you simply cannot avoid a situation of ending up with the bitter taste in your mouth. Is there some kind of a cyber curse over the Malaysian Airlines? What they need to change all of that? Well, they have to restore our trust as the top priority, that is for sure.

Keep an eye on the Net, will you? Maybe, we will have an opportunity to see some of the top secret unpublished data about one of the greatest missing airplane mysteries in the modern history. Who knows, the Chinese hackers can easily turn out to be truth seekers just like the rest of us.

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

Hacking