If you’ve been reading the news lately and picking up all the commotion surrounding the hack attacks on some of the big guns like Google, Yahoo and Adobe you may be experiencing a twinge of anxiety over security for your own business. You may have thought the network was invincible so this news could leave you feeling shaky. You have good reason to feel this way – according to an article in the Sydney Morning Herald the number of hackers tampering with the financial information belonging to Australian companies is increasing. Obviously using the Internet and intranet for the company has become a viable solution to complete the target, but on the downside the criminal faction as much opportunity.
Australia’s Frequent Target for Cyber Crime
Symantec, data security company announced that the Australian and New Zealand businesses suffer 75% more safety fraction than the global average of 89% of the companies polled in the 12 months to recognize at least one intervention. Hackers are not necessarily going after the major companies where they can do away with large sums of money. Like any other thief, they go where the risks are low and they can get in and out of the system quickly and without detection. The fact is you do not have to be at any particular level of business profitability to target. Smaller companies tend to use less comprehensive IT security that makes them more susceptible. Generally hackers are interested in easy money.
Google and other large companies are not exempt
The threat is not always revolve around banking information or sensitive intellectual property. As Google discovered in December 2009, issues such as human rights are at stake in cyber attacks. The advertising and search giant was appalled to highly organized effort dubbed “Aurora” was made to hack into Gmail accounts of Chinese human rights activists. They managed to infiltrate only two accounts were not able to see the actual correspondence account holders. The action put Google in a situation where it found it necessary to warn Chinese human rights community attack and preparing to reduce business ties with China. Officials at Google did not directly accuse the Chinese government of being the perpetrators, but they decided to go to do business with land-based attempts to limit free speech on the internet. Google said concern for the safety of Chinese citizens and the possibility for them to be interrogated and imprisoned.
There were at least 20 other large internet, media, finance and technology companies included in the attack: Yahoo, Adobe, Symantec, Dow Chemical and Northrop Grumman to name a few. It was established through a technique called “spear phishing.” This resembles the attack against 100 IT companies in July 2009 where company employees were targeted with infected e-mail attachment.
SMEs have Minimal Defense
Most companies are totally defenseless against these sophisticated attacks. They use instant messaging and email which seems innocent at first because the sender appear to be friends and trusted colleagues. The message is optimized to avoid anti-virus programs designed for these applications. Clearly the best practices for IT security that have successfully kept the attackers at bay for years are no longer enough. It is an innovative caliber of attacks circulating around the world use customized malware written specifically for individual companies. Hackers do not seem to mind if it takes longer to get around antivirus software in use by large corporations. They continue to carefully optimize their malware until it is effective. Smaller companies that do not have the budget for large-scale security have not stood a chance. Hackers have the ability to commandeer laptop only one person and make it a gateway for all administrative access to the entire system of the company.
The security company, ISEC Partners studied attack on Google and the ensuing business we make fundamental changes in the way we protect our networks. They say that we simply have not been prepared for the level of sophistication demonstrated by the new cyber criminals.
Hacker Stories in the Australian news
Internet news sites reported to the direct effects of cyber hacking in Australia. Today Online posted a story on the topic called “Ghostbuster” that has been targeting Melbourne businesses as a response to violence against Indians. Whoever behind the attacks has been sending threatening email stating Australian servers will be hacked to racism against Indian nationals is completed. The action came in the wake of the murder of 21-year-old Punjabi student in January 2010. Several Melbourne company was violence when the entire network was thrown into chaos.
The technical section is The Age report on the effects of government websites by hackers associated with the group “Anonymous”, known for its attacks on Scientology. This is the same group that temporarily blasted pornography over your Prime Minister Kevin Rudd is. On the morning of February 10, 2010 a number of government sites were down. The attack was in opposition to the government’s plans for internet censorship. Communications Minister Stephen Conroy was not happy with the fact that Australian citizens could not get needed services online and found that it was irresponsible on the part of hackers.
The Sydney Morning Herald one reporter recalls statistics there are now more mobile phones in the country than Australians. It is not uncommon for a person to have two or three. The rising use of wireless broadband provides access and convenience for subscribers, but it also expands the territory for cyber criminals. As there are more obstacles cyber hacking wireless devices than terrestrial networks, such as the cost of making a call. But with advances in mobile phone technology to the point where it can replace the need to have a laptop the potential target for hackers present. The actual device can be safe and Wi-Fi networks, often free and faster for users in public places is a temptation for cyber criminals. You may think that you have linked to the site operated by the airport, hotel or coffee shop, but there is no way to know for sure who controls the IP address that now has access to everything on your computer or mobile phone. It is not difficult for hackers to introduce fake website that you think you can rest assured that they can use to steal from your system at any time in the future.
Millions of dollars stolen everyday from individuals and companies that use the Internet. We are warned often of viruses, worms and phishing scams, but somehow we get caught anyway. The situation is getting worse as hackers become better adept at breaking down a unique system designed to keep them out. If you are still experiencing discomfort of network vulnerability, it will pay off to attend to your gut feeling.