More criminal vandalism by Anonymous, rebounding spam volumes and the risks of insider threats lead the world's IT security news for the past week.
It's becoming quite a routine event
with the Anonymous hacker's group welcoming Mondays with a fresh data dump of
personal information belonging to innocent people.
This time, the targeted Website was
myBART.org, the trip planning and services portal for the San Francisco region's Bay Area Rapid Transit
Anonymous supposedly breached the site using a SQL injection attack and stole
information to protest the regional transit authority's decision last week to
shut down cellular service on some of its stations.
The decision was made to prevent
protestors from organizing demonstrations at BART stations against two recent
fatal shootings by the transit police. Anonymous didn't stop with just a
virtual attack, as it also helped organize a physical demonstration in San
A person claiming to be a member of
Anonymous followed up with another attack on the BART Police Officer Association
Website and publicized personal information belonging to 102 transit police
officers. Interestingly enough, the main Anon Twitter account did not claim
responsibility for the hack as an authorized operation.
If that wasn't enough Anon activity, some
of the attackers went after defense contractor Vanguard Defense Industries
to steal thousands of
emails and documents. Released under the AntiSec banner, the attackers went
after VDI to further their goal of exposing government documents.
Hackers aren't really synonymous with
the attacks wrought by Anonymous, and eWEEK provided a look at some of the
world's best-known hackers
this past week. Complaints
about people left off the list were inevitable. Comedy Central host Stephen
Colbert interviewed one of the people on the list, Kevin Mitnick, on his
Colbert Report show on the Comedy Central cable channel last week.
During the course of the interview,
Colbert wondered aloud whether the United States government shouldn't be hiring
folks like Mitnick as "secret weapons" against enemy nation-states
that are attacking American networks. There are plenty of former hackers who
have gone on to work for the government (Jeff Moss, Black Hat founder, for
one), so perhaps Mitnick might get a phone call soon.
A pair of recently released reports found
that organizations are leaving themselves vulnerable to attack. The report from
Qualys found that more than 80 percent of Websites aren't implementing SSL
correctly,0 and a Protegrity
report found that recent data breaches at Citigroup, Epsilon and Sony
could have been
prevented if the companies had implemented basic security measures beforehand.
Data breaches aren't always by
outsiders, as pharmaceutical company Shionogi
well knows. A former Shionogi IT
administrator remotely logged into the company's network from a free WiFi
hotspot in a local McDonald's after being laid off.
During his intrusion, he deleted the
company's virtual infrastructure, equivalent to 88 physical servers, and
brought the company to a standstill as it tried to recover data. Organizations
are so worried about external malware and cyber-attacks damaging systems or
stealing data that they aren't paying attention to the kind of power their
former and current employees have. Organizations should promptly change all
passwords when key IT personnel leave and regularly monitor production
databases to make sure all users are current and authorized.
Malware and spam continued to dominate
headlines as security companies warned about an Android Trojan
variant that not only records
phone calls, but actually answers incoming calls without the user being aware
The source code for the SpyEye Trojan
was also released, in a manner of
speaking, as the malware toolkit's "lock" to restrict how many times
people can install the software has been cracked. Now malware developers can
skip shelling out $10,000 for the kit and go for the cracked version of the
software. Online piracy doesn't just exist for legitimate software, it seems.
The pirates are all too happy to rip off other pirates.
Security researchers are noticing a
massive spam outbreak for the first time since Rustock's American
command-and-control servers were taken offline in March. Spam volumes jumped dramatically
the week of Aug.
8 and continued increasing the week of Aug. 15, according to Avi Turiel,
director of product marketing at Commtouch.
While total spam volume jumped last
week, researchers at M86 Security noticed a significant increase in malicious
spam. The majority of the malicious spam appeared to be coming from the Cutwail
botnet, although the Festi and Asprox botnets are among the other contributors.