When you can't live without bananas

Get email updates of new posts:        (Delivered by FeedBurner)

Wednesday, July 13, 2011

IT Security vs Human Idiocy

*Quote placeholder*

***

Human Errors, Idiocy Fuel Hacking

"Staff secretly dropped computer discs and USB thumb drives in the parking lots of government buildings and private contractors. Of those who picked them up, 60 percent plugged the devices into office computers, curious to see what they contained. If the drive or CD case had an official logo, 90 percent were installed.

“There’s no device known to mankind that will prevent people from being idiots”...

Tactics such as spear-phishing -- sending a limited number of rigged e-mails to a select group of recipients -- rely on human weaknesses like trust, laziness or even hubris.

That’s what happened in March, when attackers used a clever ruse to exploit their discovery that RSA -- the company that provides network-access tokens using random secondary passwords -- was in a hiring campaign.

Two small groups of employees received e-mails with attached Excel spreadsheets titled “2011 Recruitment Plan,” the company said in April. The e-mails were caught by the junk- mail screen. Even so, one employee went into the folder, retrieved the file and opened it...

“The team that hacked us is very organized and had a lot of practice,” Uri Rivner, head of new technologies at RSA Security, said at a June 17 conference in Spain. “I can compare them to the Navy Seals Team Six, which hit Osama Bin Laden”...

Technology executives are attractive targets because their positions give them access to a trove of information, and they tend to believe they’re better protected from computer hackers than their employees...

Security specialist Thomas Ryan created a fictional online-security analyst using pictures taken from a pornography-related website. Through e-mail and other online correspondence, he said he gained access to e-mail addresses and bank accounts, learned the location of secret military units based on soldiers’ Facebook photos, and connections between people and organizations.

The fictional woman received private documents to review, speaking requests and job offers from Google Inc. (GOOG) and defense contractor Lockheed Martin Corp...

In a February attack on Sacramento, California-based security firm HBGary and its sister, HBGary Federal, the hacker group Anonymous said it cracked the passwords of CEO Aaron Barr and Chief Operating Officer Ted Vera, and discovered they used the same passwords in e-mail accounts, LinkedIn, Twitter and elsewhere"
blog comments powered by Disqus
Related Posts Plugin for WordPress, Blogger...

Latest posts (which you might not see on this page)

powered by Blogger | WordPress by Newwpthemes