Stupid Ways People are Being Hacked!. Pasha Naserabadi
Читать онлайн книгу.
a former technical contractor for the NSA and employee of the CIA, last month revealed the existence of mass surveillance programs by the United States and Britain against their own citizens and citizens of other countries.
Cyber-attack Could Cost Sony Studio as Much as $100 million
(Reuters, 9 December 2014)
Sony Corp’s movie studio could face tens of millions of dollars in costs from the massive computer hack that hobbled its operations and exposed sensitive data, according to Cyber-Security experts who have studied past breaches.
The tab will be less than the $171 million Sony estimated for the breach of its PlayStation Network in 2011 because it does not appear to involve customer data, the experts said.
Mark Rasch, a former federal cybercrimes prosecutor, said: Losses in that range would not mean a big financial setback to Sony Pictures Entertainment. However, other effects, such as the loss of trade secrets, will be difficult to measure. Hackers have released the proof of documents that include contracts and marketing plans that could influence competitors’ strategies.
Malware Implicated in Fatal Plane Crash
(NBC news, 20 August 2010)
Computer monitoring system was infected with Trojan horse, authorities say!
Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware. An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off, according to reports in the Spanish newspaper, El Pais.
Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today, killing 154 and leaving only 18 survivors.
Bank Customer Data Sold on eBay
(BBC news, 26 August 2008)
Andrew Chapman with the hard disk drive he bought on eBay
An investigation is under way into how a computer containing bank customers’ personal data was sold on eBay. The computer, bought by IT manager Andrew Chapman for £77, had the sensitive details on its hard drive. Mr. Chapman, from Oxford, said the machine contained information on several million bank customers. Details of customers of three companies, including the Royal Bank of Scotland (RBS) and its subsidiary, NatWest, were involved. RBS said an archiving firm told it the computer had been “inappropriately sold via a third party”.
CHAPTER 1 – How It Happens?
How does a cyber attack happen?
A Cyber Attack may happen for different reasons, such as bugs, administrative mistakes and user’s faults.
Bugs!
A bug, is an unknown vulnerability made during software development, which had not been discovered before releasing software.
Some bugs can really be dangerous and allow hackers break into computers’ security systems and access resources easily.
Hackers look for these bugs – and sometimes they succeed.
If you use an application on your computer and there is a bug in that version of the application that hackers could find, it means that you and everybody using that application are potentially at risk.
When the application developer finds the vulnerability, they will publish an upgrade for fixing that bug.
Therefore, the best way to be wary of bugs in software is to keep it up-to-date.
Administration mistakes!
Administrators are one step behind hackers!
On one hand, hackers are generating new methods and tools for penetrating networks, and on the other hand, administrators try to block these, daily.
During network implementation, administrators are able to prevent unauthorized access to network resources. If they ignore some of the details and aren’t thorough in their configurations, they can leave the door open for hackers to access internal resources.
These kinds of mistakes are mostly common for enterprise networks, which are attractive for a hacker to get inside.
Users’ fault!
This is the only one we can personally prevent!
This is the most common mistake threatening end-users and can be prevented by training and awareness.
To give a simple example, there is no chance of your organization being protected with expensive hardware and software while an employee writes their password on a piece of paper and tags it on the computer!
On the other hand, we are using computers, internet, tablets, smart phones and banking accounts and it means we need to know how to keep safe in the 21st Century.
Here, we focus on the ways that can help us to reduce the users’ mistakes, which is the only option an end-user has!
Just imagine, you have been hacked!
Imagine your email account has been hacked and you have no control over it. What is going on?
If someone has access to your email, it is possible for them to gain access to a lot of personal, commercial, professional, and family information.
Many people believe that the information stored in their is personal and not valuable to others. Consequently, they do not pay much attention to keeping their password a secret.
It might be interesting to know that if you do not pay enough attention, your email can easily be hacked and if this happens, unimaginable problems can occur.
If you are using email to exchange personal or family information, other people’s access to your email could result in your private information being exposed to the public.
If you are using your email for commercial or business activities, the existing address book in your email is enough to reveal your kind of relations with other people and companies and the prices you sell or buy the products, which can be a secret in the competitive market.
If you are a student, having access to your email means access to your research projects and even somebody else achieving victory over you unfairly.
If you are a famous person and somebody gains access to your email, it is even possible for him or her to abuse your social reputation, political status and financial credit.
This abuse could include asking your relatives for money at your expense, or even doing propaganda for a political candidate of their choice rather than yours!
Having