Displaying items by tag: Hacking

Data security (and privacy) has been in the news a lot lately as if it is a new and troubling issue. In fact this has been a major topic of discussion going back to the mid-1980s when the first consumer available modems hit the market. This started the practice of war dialing where phone phreaks would dial random numbers to see if any would answer to their computers. One of the more famous phone phreaks is none other than Steve Wozniak, Co-Founder of Apple Computers. These are the guys that pioneered the hacking scene (and in some cases the piracy scene as well). Back then security was primitive and usually consisted nothing more than a login and a password. Fast forward more than 30 years and the security of some places is little better than what it was back in the war dialing days.

Today (Sunday July 21 2013) Apple officially admitted that someone had hacked their developer site. The notification came out as a warning that some information including names, addresses and email information might have been accessed. What we find interesting is that this announcement comes on the heels of a multi-day outage to the same site. It looks like Apple might have known about the breach earlier and not told anyone until they confirmed that user data was compromised (in which case they might have been compelled to). This is not exactly what you want to hear from a company that prides themselves on the security and safety of their operating system AND their ecosystem.

Nintendo has announced that their Club Nintendo service where players can collect points for the hardware and the games they buy, and then to win a variety of prizes and gifts, got hacked or that unknown hackers broke into the database of members, and retrieve their data.

Security is a huge issue and has always been one ever since the first person decided they wanted to protect what they owned. Through the centuries the art of security has evolved and a multitude of inventions have blossomed on the scene to help us keep our property safe and secure. Once the data age started we had new concerns and our fertile minds came up with new and more creative ways to protect our new digital property. These two separate (yet dependent) fields are broken down into physical and digital security. The problem is that neither of these are effective unless we apply human security. This is the practice of securing people (humans) against being the largest security hole in any network or location.

Whenever I read a headline that shows a company using very outdated software or hardware has been hacked; I find myself wondering if the people responsible for their IT and Finance departments are looking for new jobs. When it is a government agency it makes things even worse. Friday May 3rd I think things hit a peak as it has been revealed that nuclear researchers at the US Department of Energy had their computers compromised.

Over the last few years we have followed the sorry state of cyber security in both corporate and governmental systems and have always been surprised at the solutions that they have presented. For some reason these groups want to remove responsibility from themselves for making sure their data (which in some cases is your data) is secure. This lack of corporate responsibility has led to misguided bills, acts and other nonsense that will still not do anything to stem the tide of security breaches. One of the most famous examples of this is QinetiQ.

A warning has been sent out to financial institutions and government agencies as the collective known as Anonymous has announced their OpUSA. The Operation as put forth by the hackvist group is supposed to target banks and government websites and is supposed to kick off on May 7th. Some security experts are advising the targeted organizations to prepare for Distributed Denial of Service Attacks and harden their sites against them.

Today I read some very interesting news. According to a few news outlets the Australian Federal Police have arrested another “leader” of the group formerly known as LulzSec. This would make the 2nd top dog of the Anonymous splinter group to have been taken in by authorities. So the question is; who is the real LulzSec leader? Is it Hector Monsegur (Sabu) who was caught in New York and turned informant for the FBI to avoid a lot of jail time or is it 24 year old Mathew Trevor Flannery who went by the name Aush0k?

If you want to talk about something frightening how does being able to crash a plane with little more than an Android Smartphone sound? This scenario that is right out of a movie script is apparently all too possible as was demonstrated at a talk by Hugo Teso. Teso who has 11-years of experience in IT and 12 as a commercial pilot combined what he knows about both fields and came up with a way to hack a plane.

Christopher Chaney, a 36-year old office clerk from Florida, pleaded guilty to hacking into e-mail accounts and interception in nine cases, although he was actually sued in over 50 e-mail account hacking cases. Among his victims were well-known actresses Scarlett Johansson, Mila Kunis and singer Christina Aguilera. He has to pay a total of $ 66,179 to the victims of his work.