|
Surveys suggest hacktivist groups like Anonymous and LulzSec have managed to grabthe attention of businesses around the world , although it's still not clear what lies in their game plan beyondkeeping IT administrators as anxious as possible. Some areadvocating a "stand your cyber ground" approach that tweaks self-defence principles to encouragecompanies to fight hackers with hacks of their own, while The Pirate Bay took the opposite approach by coming out against a recent DDoSattack on British ISP Virgin Media. Recognising two sides to thisstory, some observers were debating the role that government should play in helping private companiesbolster their cyber-attack defences; prominent Australian academic Bill Caelli said the whole discussion wasproceeding far too slowly . Proceeding less slowly was AusCERT, the security industry's majorAustralasian conference. Themed Security on the Move, theconference (see our Day 1 coverage, Day 2 coverage and pictures , as well as exhibition pictures ) drew out a broad range of opinions, with some attendees wonderingwhether security was growing up at last. A delegate from Stratsec said intrusion detection systems are "needy and noisy" while a US Army Cyber Command attorney said the organisation had never evenseen a real cyber-attack . Researchers touted their success in a planned test of quantum cryptography over a 500km link in the US, while others said organisations "can survive" a hacktivist attack but weren't so sure about Android security particularly after one security player demonstrated an Android-based spying application . Other speakers warned that security attack vectors were going to continue multiplying fasterthan defences could keep up, with mobile devices proving to be the favourite ofmodern-minded hackers. Russian Android hackers are apparently building their Androidattacking skills , while the iPhone and iPad are gaining favour with others . Cyber spies, never deterred, are also exploiting flaws in Java and Flash. AusCERT speakers were also taking a broader view, noting that Facebook has become a favourite tool in human trafficking and considering the potential for state-sponsored cyber war to undermine existing trust models online . Cyber-attacks could "take us back to the pre-electric era" , Kaspersky Labs founder Eugene Kaspersky warned. Microsoft's Swedish operation was taking a novel approach, with a new educationalcampaign encouraging spammers to retrain as direct marketers.Telcos also need to do some educating as they work to regaincustomers' trust, some executives warned , while security firm Kaspersky was forced to do its own trust-building as it quashed rumours Apple had asked it to help bolster Mac OSX's security defences. Things were busy on the malware scene, with a new form of malwareaccusing the user of copyright infringement , then locking their computer and demanding payment to unlock it.Tatanga, another financially-focused malware, tricked users by claiming to offer free credit card fraud insurance. Anotherpiece of ransomware was targeting North American users , while a false alarm generated by Symantec security software had Excel users wrongly worried they had been hit with an exploit. Meanwhile, a security analyst said more than 10,000 Australian computers had been hit by the Windows-basedRamnit botnet , while another warned that a new virus hitting Australian computers would disable "most" antivirus software. Wikipedia warned users that some were seeing advertisements because they had beeninfected by browser-based malware. Nascent US telco Voyager postponed its mobile service launch after claiming its website had been downed by a malicious attack. Amnesty International's website was compromised and used to load malware onto visitors' computers, while aseparate hack saw $90,000 in bitcoins stolen and yet another one a variant of the Zeus Trojan wastricking Facebook and Web mail users into giving up their carddetails. Others were warned of booby-trapped RTF files and a cyber-espionage attack based in China, which has apparently compromised the systems of 22government and private-sector organisations in the US, Europe, andAsia. The continuing emergence of new malware has proved difficult forsecurity platforms over the past six months, CSO-Enex Test Labs' eThreatz testing revealed as particularly busy months for malware saw eventop-ranked detection tools missing some beats. That's little solacefor organisations like the University of North Carolina Charlottein the US, which admitted that a decade-long data breach hadexposed more than 350,000 personal identifiers . But it's not alone in facing down potential security risks: a survey found that 9 out of 10 executives and employees are using theirpersonal smartphones and tablets for business and about half aredoing so without their employers' permission. With many hackers focusing on small businesses because enterprises require too much work to attack, this could bea double whammy for mobile device-using SMBs. Many organisations are moving towards freer information sharing,with the Red Sky Alliance an example of how one group is approaching the problem. Microsoftwas working on the opposite issue, with one analyst arguing thatprivacy concerns about Windows 8 were "overblown" ; Twitter was also minimising privacy intrusions as its Japanese and global operations argued that many leaked logins and passwords were inaccurate or belonged to accounts that had been suspended.And Myspace felt the impact of poor privacy , settling a privacy complaint with the US Federal Trade Commissioneven as rival Facebook proposed change to its own privacy policy . No wonder security is such a downer for many and why so many are fighting to preserve rights in today'sonline world. Twitter joined the cause of privacy by resisting efforts to force it to turn over details on a userassociated with the Occupy Wall Street protests, while othersexpressed concern over the US Federal Bureau of Investigation's efforts to secure the right to demand 'backdoor' access to Skype,instant messaging and email systems. Yet, some governments are as keen to protect privacy as violate it: California legislators passed a bill preventing employers from demanding job applicants' Facebook andother social-networking passwords as part of their applications.One IT lawyer was arguing that concerns over the US Patriot Actwere overblown, while Victoria's privacy commissioner said his office was dead seriousabout privacy and would not hesitate to prosecute Australian companies whose useof offshore cloud providers ends up compromising Australians'personal information. Follow @CSO_Australia and sign up to the CSO Australia newsletter . The e-commerce company in China offers quality products such as Kraft Paper Shopping Bags , Padded Mailing Envelopes, and more. For more , please visit Poly Mailer today!
Related Articles -
Kraft Paper Shopping Bags, Padded Mailing Envelopes,
|
