Posts Tagged ‘hack’

Hackers Gone Wild, Where’s the Security When You Need It?

Wednesday, June 15th, 2011

It’s hard to miss all of the news headlines about hacker groups and security intrusions. These attacks now seem to be unavoidable even for Government agencies. For weeks now the public has been following the Sony Incident, which now appears to have been only the tip of the iceberg. Even the State Senate computers have fallen victim to a group of hackers known as Lulze Security.

Anon Logo

Anonymous

In the past week both the Lulze Security group as well as the cyber group “Anonymous” have taken responsibility for several attacks. Lulze Security have claimed responsibility for the attacks on the Sony Picture’s website, PBS.com, Fox.com, and the DDoS attacks on game company Bethesda.  According to thier LulzSec Twitter Page they are now apparently taking hacking request through a messaging hotline. As for Anonymous they have claimed to be responsible for the Bank of America attack, the Spanish Police Department attack, and are thought to be behind the Sony PSN disaster. To prove their infiltration on the Senate network Lulze Security has posted a list of files online along side their other postings. However, it was said that none of the data taken from the Senate’s network contained sensitive information. Although it’s not completely clear whether or not sensitive files were actually obtained, the intrusion itself displays the group’s capabilities and malicious intent.

Compared to last couple months, it seems that these types of attacks have changed direction moving from the acquisition of personal information to the infiltration of high powered and influential organizations. Besides gaining access to personal or financial information, perhaps these attacks are based on retaliation, display of power, or reputation. Speculation aside what’s truly concerning is the lack of security or the effectiveness of our current security.

Where is the security? Granted, these hackers are extremely clever and well versed when it comes to bypassing security measures but shouldn’t the current security for most organizations be able to slow them down at the very least?

Traditionally hackers or crackers are people who illegally obtain access to computers or computer networks to gain a profit, to protest, to expose security flaws, to challenge themselves, or to become infamous through their actions. As the hacking community continues to outperform one another as well as the security protocols of major businesses it is often the innocent consumers that pay the price.

There are different types of hackers along with different level of hackers. Not all hackers have the same attributes, some are good, some are bad, and some operate in the shades of gray. The following are the categories and characteristics commonly used to classify hackers.

White Hat: Also known as an ethical hacker this type performs intrusions for non-malicious purposes either contractually or to test their own personal security. They perform penetration/vulnerability tests to access the level of security and to improve it.

Black Hat: Represents the complete extreme to white hat hackers, they use their knowledge and ability to illegally infiltrate systems with malicious intent or for personal gain. These computer criminals identify a target, research their target, find security gaps, and then access it illegally. They perform hacks to destroy data, collect data for monetary value, or to build their reputation amongst the hacking community.

Gray Hat: As the name implies, a gray hat hacker is a combination of black and white hat tactics. A gray hat hacker may use black hat techniques to infiltrate a network for the purpose of identifying security flaws. Once identified, some hackers will offer a service fee to fix the vulnerabilities. This type of hacker acts under white hat motives but operates with black hat methods. Although these attacks occur without malicious intent they are still violating the organizations and individual privacy which can cause a lot of problems.

Black, white, and gray hat hackers are only the most basic breakdown, hackers can also be further identified by skill level, reputation, and intent. The following are different terms associated with these hackers.

Blue hat: Like a white hat hacker the blue hat hacker typically works with security consulting firms and is contacted to perform operational and system security testing.

Neophyte: Neophyte is used to describe someone that is a beginner to hacking and possesses very little knowledge or skills required for hacking.

Script kiddie: This category is made up of hackers who are more experienced than Neophytes but is still unable to devise their own methods of gaining access. They often rely on pre-packaged automated tools that are created by other hackers.

Elite Hacker: Is a name reserved for the most skillful and recognized hackers. These individuals or groups have built a reputation among the community. They continue to gain credibility by gaining access to harder targets, causing devastation, and being publicized by the news following their attacks.

Hacktivist: Also known as a cyber terrorist, with these hackers there are clear and present goals in mind to express a social, ideological, religious, or political point of view.

A typical system or network hack occurs in three steps, network enumerating, vulnerability scanning, and exploitation. Network enumeration is where information and the vulnerabilities are obtained using network scanners or enumerators. These are programs that report back information like user names, networked services, and shared resources. White hat hackers will use these reports to resolve the discovered security gaps whereas a black hat hacker would use them to gain deeper access. Vulnerability Analysis is when an attacker seeks out system flaws. To be vulnerable a system has to meet three conditions, it must have a flaw, the hacker has to have access to that flaw, and the hacker must be skillful enough to exploit that flaw. Lastly exploitation occurs by attempting to compromise the system through the flaws found in the vulnerability scan.

Some of the techniques hackers frequently use to gain access to a computer system or network are vulnerability scanning tools, password cracking, packet sniffing, spoofing or phishing, rootkit, social engineering, intimidation, helpfulness, name-dropping, Trojan horses, viruses, worms and key loggers.

Although the recent attacks have caused a lot of disruption and concern, hopefully something good will come from them like stronger security. Companies and organizations should view these attacks as a warning and take the time to strengthen their protection and conduct their own vulnerability testing while they still can. Not only is it important for major companies and Government agencies to be prepared but the individual users should be prepared as well. Computer users should make sure that they have sufficient computer security and keep up to date with the latest security news.

Thanks for Reading and Have a Great Day!

Dustin

ComputerFitness.com

Providing Tech Support for Businesses in Maryland

Sony PSN Update: The PlayStation Store Is Now Up and Running but Will it Stick?

Thursday, June 2nd, 2011

It has been over a month since Sony announced that the reason for the shutdown of their PlayStation Network service on April 20, 2011 was due to an external intrusion. On May 4, 2011 Sony had confirmed that the PSN Attack was able to obtain the personal information from over 100 million users. Following the hack, Sony remained confident and projected a short downtime for the network. Although Sony initially stated that they would fully restore their services by the end of the week, the recovery process experienced unforeseen problems.

PlayStation Network Logo

from http://us.playstation.com/psn/, June 2011

After being disabled for approximately 23 days, on May 15, 2011 the Sony PlayStation Network began restoring parts of their service country by country. At this time the sign-in for the PSN/Qriocity services, online gameplay, rental content, third party services, friends list, and chat functionality were all restored. Missing from the services that were brought back online was the PlayStation Store. Once back online the network again faced an issue concerning the password reset page. It was discovered that the password reset process was enabling unauthorized users to change the passwords of other users provided that they had knowledge of their email address and date of birth. After the discovery of this exploit the network disabled the password reset pages and resumed working to restore the PlayStation Store.

Sony announced that they will be offering customers free content as a part of a “Welcome Back Program”. The free customer appreciation content will be available sometime shortly after full restoration. Sony has also stated that the cost of the network outages and restoration was $171 million which includes the costs of security enhancements, customer reimbursements, and loss of content sales.

Yesterday afternoon (June 1, 2011) the PlayStation Network posted on the PSN Blog that that the PlayStation Store was once again up and running. The PS Store is now offering new updates, downloadable games, demos, add-ons, themes, avatars, and videos. For now, Sony is still in the testing process for the welcome back program download and expects it to be available for users shortly. Another PSN update is currently scheduled for Friday June 3, 2011.

Sony executives have stated “no system is 100 percent secure”, having learned from this occurrence Sony has made several security improvements and created a new Chief Information Security Officer position. The PlayStation Network is not the only Sony service to suffer intrusion, in a separate incident Sony Ericsson was also hit. The Sony Ericsson Hack was said to have affected over 2,000 customers.  According to The Huffington Post the servers at SonyPictures.com were also attacked on Thursday June 1, 2011.  This hack obtain the the information of 1 million users which was later posted on a website by hacker group LulzSecurity. Other recent security breaches include the Lockheed Martin Cyber Attack, Google Gmail hack and the PBS hack, these hacks present a clear picture of how technology can be used to do harm and provide an even greater reason for companies to implement as many proactive security measures as possible.

Although Sony projected an $860 million profit in a February report the company is now projecting a $3.2 billion net loss for the year. The loss is a combined result of several network hacks, security upgrades, customer remuneration, tax credit write offs from the previous quarter, and disruption in production caused by the earthquake and tsunami in Japan.

Taking into consideration the hard times faced by Sony recently, will you continue to be a customer or have you lost all faith in them? Share your thoughts below.

Thanks for Reading and Have a Great Day!

Dustin

ComputerFitness.com

Providing Tech Support for Businesses in Maryland