Tuesday, August 2, 2011

Cyber criminals have been shaking the security world

What does the second half of the year have in store for the data security industry?

2011 is only half way through and there is a growing amount of cyber threat stories to recount already, including data security breaches, encryption breaches and e-mail /credit card theft incidents. Cyber criminals have been shaking the security world with attacks like never before. We have seen the rise and fall of groups like Anonymous and LulzSec, who have carried out some very high profile cyber-attacks on companies like Sony, large banks, the IMF, government agencies like the FBI.

Even the highly regarded security firm RSA had experienced a sophisticated cyber-attack that came through a security breach within the organisation. The attack that brought RSA to its knees originated from one spear phishing email that contained a malicious excel file which preyed on vulnerability within Adobe Flash. The phishing emails tricked users into opening a file, which installed a backdoor through the vulnerability in Flash. Due to the sensitive nature of RSA’s work, most details about what data was stolen have been withheld.

Perhaps the most publicized breach of all was the Sony PlayStation Network hacks in April, which ended up compromising over 100 million customer accounts, and had Sony shut down its services for over six weeks. Initially Sony said that 77 million accounts had been compromised, but later the company admitted another 25 million accounts had been breached.

The stolen information entailed customer’s user names and passwords, email addresses, home addresses, birthdays, billing information and security questions. This kind of information is the ideal ammunition for identity theft and data security threats through phishing.

These are just some of the serious data breaches that have taken place in 2011 so far.
To mitigate data breaches from attackers, accessing of all stored personal details and confidential information, must be authenticated physically by the relevant and authorised personnel to prevent any unauthorized entry.

No comments: