This week’s hot topics: GoDaddy: hacked or IT failure? Cyber attacks increase in frequency and recklessness and Mobile malware on the rise
GoDaddy: hacked or IT failure? (-1.0 sentiment)
The security industry has been rife with speculation and discussion around last week’s GoDaddy downtime. “Was it hacked or merely a power outage or technical fault?” was the question. It was later revealed by GoDaddy, one of the world's biggest Internet hosting and registration companies, that technical problems were to blame for a nearly six-hour service disruption that affected a portion of their 10 million customers on Monday 10th September.
“The service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented a series of immediate measures to fix the problem” stated CEO Scott Wagner.
Interestingly a supporter of Anonymous, the well known group of hackers, claimed responsibility on Monday for the attack that caused havoc at GoDaddy. This was reported on in more detail by the New York Times; “the person behind the Twitter account @AnonymousOwn3r took responsibility for the attack and said all of GoDaddy’s servers were knocked out with what is known as a distributed denial of service attack, or DDoS attack, in which a site is flooded with traffic until it collapses under the load.”
Whatever the cause, the impact was clear and widespread - drawing a renewed focus to the issue of business continuity measures. What business continuity measures do you currently have in place? Let us know @MicrosoftBizUK
Cyber attacks increase in frequency and recklessness (-2.0 sentiment)
The topic of Cyber attacks has been heavily discussed as reports emerge of an increase in both frequency and recklessness. “We’re starting to see nation-state resources and expertise employed in what we would characterize as reckless and disruptive, destructive behaviors,” said NSA Information Assurance Directorate Deborah Plunkett at a recent forum.
It appears cyber attacks are becoming far more organised and international in the last 3-4 years. Security software giant hacker group that attacked Google Inc in 2009 has launched hundreds of other cyber assaults since then, according to new research from security software maker Symantec Corp. This group were believed to have originated from China.
Symantec said the group had used a technique that enabled attackers to hack into highly secured systems, which suggested the hackers were either a large criminal group, backed by a nation-state, or a nation-state itself. "It was big news at the time, but what people don't realize is that this is happening constantly," Eric Chien, a manager in Symantec's research group, told Reuters. "They haven't gone away, and we wouldn't expect them to go away."
Earlier this year, head of the NSA, Keith Alexander, confirmed that data revealed a 17-fold increase in the number of computer attacks from hackers and organised cyber criminal gangs from 2009 to 2011. "The trend exists and we have to be prepared for it and think that it will only get worse because I believe that it will," said Plunkett.
President Obama is currently in the process of drafting an executive order that will work to further protect against Cyber Attacks. "I am thrilled that the conversation is happening. Am I disappointed that we're not there? Sure ... I predict we're going to have legislation. It will happen...and I'm also pretty convinced that one year after it happens, we'll think it's not enough," Plunkett stated.
Mobile malware on the rise (-1.5 sentiment)
There has been a large amount of discussion around the quarterly Threats Report from security firm McAfee which revealed that malware attacks on mobile platforms are increasing faster than they have in the last four years.
“Attacks that we’ve traditionally seen on computers are now making their way to other devices,” said Vincent Weafer, head of McAfee Labs. “This report highlights the need for protection on all devices that may be used to access the Internet.” In fact, the report highlights the existence of nearly 13,000 different kinds of malware targeting mobile devices this year compared to less than 2,000 in 2011. Currently, nearly all attack target Google’s Android OS. “Android malware shows no signs of slowing down, putting users on high alert,” McAfee warned.
According to Symantec's recently released annual Cybercrime Report unsolicited text messages (capturing personal data), and infected phones that sent out SMS messages that resulted in excess charges (aka Toll Fraud) are other examples of cybercrime that are on the rise.
As Bring Your Own Device becomes more widespread in business, mobile security is going to be an increasingly vital area of focus.
Share your thoughts
What did you think about these issues? Let us know @MicrosoftBizUK