his week saw social network LinkedIn get itself into the headlines for the wrong reasons once again, as it wasreported that GCHQ created fake profiles in order to hack into a major Belgian telecommunications company.
The attack on Belgacom was reported back in September but it was unknown how it had been carried out, but fresh reports claim that GCHQ used fake LinkedIn pages to redirect employees to sites containing malware. Security blogger Graham Cluley said that GCHQ’s Network Analysis Centre identified which of Belgacom’s network security and maintenance staff used LinkedIn and read Slashdot, and serve up replicated and malware-laden versions of the pages.
Naturally this is bad news for LinkedIn, who after the major password breach from last year and it was described by hacker turned consultant Kevin Mitnick as an ideal place to find victims for targeted attacks, as through no fault of its own it has found itself in the headlines. The question to ask here is should it have done more to vet new sign-ups and ensure that they were not used for spear phishing (as this has been the case in the past), as well as ensuring that it is securing user details. It’s a tricky business.
Following the major Adobe breach of last month, this story continues to roll on and on with analysis now done of the passwords used. In analysis by Jeremi Gosney of the 130 million+ passwords that were breached, it was revealed that “123456” was used by 1.9 million, while 446,162 used “123456789” and “password” by 345,834.
The old battle of password v security has been rolling for many years and some great analysis of the most commonly used passwords has been done following the aforementioned LinkedIn breach among others, but this is another reminder of the denominator that is the human user who is encouraged to have a different password for each website and application and make them secure, and how they both fail and bypass that advice.
In a related story, Facebook is analysing that password data in order to alert users whose accounts may be vulnerable to compromise because they used the same passwords. In an alert, some Facebook users be notified that their accounts have been blocked from public view until the changes have been completed, all the while assuring users that “Facebook was not directly affected by the incident”.
People are using the internet and secure applications are a part of the internet, but for many everyday users (by which I mean non security types) passwords are a barrier to be overcome, and using the same one for everything is a simple solution. It is hard to drum this out of people unless a simple solution is offered, and while the banking indus
try has done a great job of addressing this with two-factor tokens, perhaps it is time to rethink this with existing solutions.
try has done a great job of addressing this with two-factor tokens, perhaps it is time to rethink this with existing solutions.
Finally, just when you thought it was safe to go back into space, it seems that space could be infected by Stuxnet. Of course you cannot infect the universe (unless badBIOS is used perhaps?) but in this case, the International Space Station was infected by a USB stick carried into space by a Russian astronaut.
This followed news that Stuxnet had badly infected the internal network of a Russian nuclear plant, and the worm which targeted an Iranian nuclear facility has accidentally continued its bad ways. In space, no-one can hear you scream “badBIOS”.
