jump to navigation

No chance of getting caught November 26, 2012

Posted by Mark Hillary in Current Affairs, Internet.
Tags: , , , , , ,
add a comment

A computer hacking group caused losses totalling millions to financial service companies such as Mastercard and PayPal according to this news report of an ongoing case at Southwark Crown Court.

What is striking about the case is that the defendants believed in the concept of safety in numbers – if many people made an attack together then it would be far harder for the law enforcement authorities to prosecute individuals – and there was no gain to be made from the attacks. It was really just a protest.

This stemmed from actions such as making anti-piracy statements, or organisations that had failed to support Wikileaks and therefore became targets for the hackers.

Taken more broadly there is a very serious risk for any business here that the tabloid news coverage fails to mention.

If a company can so easily be prevented from trading by loosely affiliated hacking groups with a very low chance of them being caught and punished then there is a serious commercial risk. Any business stating a view on piracy or freedom of information that upsets someone can be targeted easily. Even crude methods such as flooding a website with hits or messages can take down and disrupt a business.

Information security has long been an integral part of the business strategy for companies such as retailers taking online orders, but it seems now that almost any firm engaging in any online transactions needs to take this seriously – or face a sudden loss of business if they attract the attention of hackers.

Hacking

 

Photo by Miria Grunick licensed under Creative Commons

Hackers attack the Euromillions lottery October 29, 2012

Posted by Mark Hillary in Current Affairs, Internet.
Tags: , , , , , , , , , , , , , , , , , , ,
add a comment

Hackers attacked the French site for the Euromillions lottery last weekend. Visitors to the site hoping for a flutter found messages in both French and Arabic warning them of the evils of gambling – with a hacking group called ‘Moroccanghosts’ claiming credit for the attack.

Clearly a group of hackers with an ideological objection to gambling thought that the most effective way to get their message across would be to destroy the Euromillions website. But is this just the start of a wider trend?

During the Occupy demonstrations various hacking groups took pleasure in flexing their muscles by vandalising the websites of companies they had an issue with – usually a particular complaint such as tax avoidance. If a company were perceived to be dodging tax by shunting profit and loss around the world so tax could be paid in the most favourable locations then it would be fair game for an attack.

It’s now a serious risk for any company, even those who pay their taxes and look after their employees, because it doesn’t need to be ideologically disgruntled hackers that destroy an online corporate footprint – it could be rival firms or governments who want to cause maximum damage to the reputation of an organisation.

This has all led to IT security becoming a considerably more complex area than just a few years back where the focus was on virus and worm control. Now, industrial espionage doesn’t need to be performed by spies wearing black jumpers and carrying tiny cameras – if a corporate system is not secure, hackers can just go straight in through the virtual front door.

And even now, the law offers scant protection in this area. Of course it remains illegal to mount a hack on a corporate website, but when the attack can be launched from anywhere, can be automated, can be masked through various anonymous hops around the world, it’s one area of business where hoping for the law to help is no real protection at all.

Fingers crossed

 

Photo by Jaina licensed under Creative Commons