Tag Archives: online security

Cyber-Threats More Of A Concern To Americans Than Physical Terrorism

Posted on by
Reply

Terrorism can take many different forms and according to a new study, it seems that people in America are now more concerned with the threat of cyber-terrorists than they are with the likes of al-Qaeda.

The security study carried out by Unisys discovered that the top three priorities for Americans when it comes to matters of security in the presidential campaign are as follows:

  1. Protecting government computer systems against hackers and criminals (74 percent)
  2. Protecting our electric power grid, water utilities and transportation systems against computer or terrorist attacks (73 percent)
  3. Homeland security issues such as terrorism (68 percent)

Admittedly when you compare the phone survey sample size of only 1,000 people to the total national population which is over 311,000,000 it’s hard to say that these results are reflective of the entire country. However, this doesn’t mean that they should be disregarded.

The survey asked “How important is it for a candidate to emphasize the following issues in the upcoming 2012 presidential election?” and had some additional questions about how concerned people were about identity theft and online fraud.

But should people actually be more concerned with cyber-terrorists? Realistically, there is a higher chance (touch wood) that I would fall prey to online fraud or identity theft than there is of me being injured (or worse) in a physical terrorist attack. But at least with the former, there are much more tangible measures that we can each take as individuals to prevent such woes befalling us.

It’s important to remember that any information stored or submitted online will run varying risks of being intercepted, shared or destroyed. If you make a habit of sharing or storing personal information in the cloud or through public channels, then you must live with the possibility that someone else could gain access to your data and use it for malevolent purposes.

If you have sensitive information that you must share, then you’d be well advised to seek a method of private secure sharing. After all, it’s best to share with your own world, not the whole world.

Hacktivists Bring Down Soca Website With DDoS Attack

Posted on by
Reply

The Serious Organised Crime Agency’s website was taken offline on Wednesday following a Distributed Denial of Service attack. Soca recently took down 36 sites involved in selling large quantities of stolen credit card data, but a spokesman for the UK agency would not confirm whether or not it knew who was behind the attack or why it took place.

The spokesman was quick to downplay the incident and point out that no confidential information was ever in danger of being stolen or made public, saying:

DDoS attacks are a temporary inconvenience to website visitors but do not pose a security risk… Soca’s website contains only publicly available information and does not provide access to operational material.” He went on to add that when the site was taken offline on Wednesday evening, Soca “took action to limit the impact on other clients hosted by the [same] service provider.”

This not the first time that the Soca’s website has been targeted. In June 2011 members of the hacktivist group LulzSec forced the site to be taken offline using similar techniques. But why haven’t sites wised up to DDoS attacks?

Rik Ferguson, a security expert from Trend Micro, said that while it is possible for many sites to protect themselves from DDoS attacks, the cost cannot always be justified. His analogy may seem a little silly, but it does make a good point:

“The sensible person doesn’t walk around in a beekeeper’s outfit to keep the wasps away from their ice cream in summer. The sensible person accepts that wasps are attracted to ice cream and that wasps will always outnumber ice creams.”

In recent years we are seeing an increasing number of attacks aimed at bringing down websites. But I suppose the question is when will this end? Even though hackers are being arrested, as their skills increase it can become harder to track those still operational. Do you think that the authorities will ever purge the web of hacktivists?

Combined Police Operation Takes Down 36 Credit Card Fraud Sites

Posted on by
Reply

This week saw a victory for the authorities in the war against data theft and credit card fraud. The UK’s Serious Organised Crime Agency (Soca) arrested two men, leading to 36 sites used for selling stolen card and bank details being shut down.

The men who were arrested are suspected of making large-scale purchases of data from e-commerce type platforms known as Automated Vending Carts (AVCs) which afford criminals the ability to sell large quantities of stolen data quickly and easily. These 36 sites of this nature that were shut down now direct visitors to a screen informing them that the web domain has been seized by law enforcement.

Along with the two arrests and the virtual take-down, the UK’s Dedicated Cheque & Plastic Crime Unit also seized a number of computers that are thought to have been used to facilitate offences under the Fraud Act.

In the past two years, Soca – along with other organisations such as the FBI and Australian Federal Police – has recovered more than 2.5m items of compromised personal and financial information. This recovered data has been passed to financial institutions both in the UK and overseas in the hope that it will help stop fraud taking place against the relevant accounts. It is estimated that this has prevented over £500m worth of fraudulent transactions.

Ultimately how easy a target an individual is for an identity thief depends on how much of their personal information is readily available in the public domain as well as what is stored ‘safely’ online. With hackers and criminals becoming more adept at obtaining this information, it is time that the innocents thought long and hard about what private information they post online and how they choose to share this information.