jump to navigation

Hackers attack the Euromillions lottery October 29, 2012

Posted by Mark Hillary in Current Affairs, Internet.
Tags: , , , , , , , , , , , , , , , , , , ,
add a comment

Hackers attacked the French site for the Euromillions lottery last weekend. Visitors to the site hoping for a flutter found messages in both French and Arabic warning them of the evils of gambling – with a hacking group called ‘Moroccanghosts’ claiming credit for the attack.

Clearly a group of hackers with an ideological objection to gambling thought that the most effective way to get their message across would be to destroy the Euromillions website. But is this just the start of a wider trend?

During the Occupy demonstrations various hacking groups took pleasure in flexing their muscles by vandalising the websites of companies they had an issue with – usually a particular complaint such as tax avoidance. If a company were perceived to be dodging tax by shunting profit and loss around the world so tax could be paid in the most favourable locations then it would be fair game for an attack.

It’s now a serious risk for any company, even those who pay their taxes and look after their employees, because it doesn’t need to be ideologically disgruntled hackers that destroy an online corporate footprint – it could be rival firms or governments who want to cause maximum damage to the reputation of an organisation.

This has all led to IT security becoming a considerably more complex area than just a few years back where the focus was on virus and worm control. Now, industrial espionage doesn’t need to be performed by spies wearing black jumpers and carrying tiny cameras – if a corporate system is not secure, hackers can just go straight in through the virtual front door.

And even now, the law offers scant protection in this area. Of course it remains illegal to mount a hack on a corporate website, but when the attack can be launched from anywhere, can be automated, can be masked through various anonymous hops around the world, it’s one area of business where hoping for the law to help is no real protection at all.

Fingers crossed

 

Photo by Jaina licensed under Creative Commons

Advertisements

Cyber-crime doesn’t (always) pay July 29, 2011

Posted by Mark Hillary in Internet, IT Services.
Tags: , , , , , , , , , , , , , , , , , , ,
add a comment

If you have read the book ‘A few kind words and a loaded gun’ by former bank robber Noel ‘Razor’ Smith, you will understand how far the world has come from the days of blaggers charging into a bank branch with a shotgun and making off with a stack of cash.

Smith laments the amount of security measures attached to the movement of cash that now makes simple bank robberies almost impossible, and he notes that anyone carrying out such a crime today would be a fool. Cyber-crime offers the chance for greater riches without ever going near a gun.

All you need is a computer and some nous and you can commit various types of crime without ever leaving home. Fraud, organised crime, electronic espionage, IP theft, terrorism, activism, and even warfare can call fall under the wider label of cyber-crime and all can be perpetrated without much risk if you know how to cover your online tracks.

This all means that is it harder than ever to protect your company from criminals because there are now so many ways in which an attack can take place. Publishers may lose content to online thieves. Activists or terrorists may target your brand for attack with such tools as the dreaded denial of service attacks. Insiders can raid your company funds and misappropriate assets. The list goes on.

But the real point is that crime has now become virtual and hidden in the shadows. Mastering the technical skills of computer networks and the smooth-talking social engineering required to get passwords from the unwary now gives any unscrupulous hacker the keys to the vault.

Are we really prepared for this new era of crime?