Recently, in the April issue of Linux Pro Magazine, they spoke on the hacking group Anonymous. This is a group of activists that have been hacking and attacking sites across the Internet. In fact, the magazine mentions that they were probably the first virtual social activism group. They gain their numbers by posting on different chat sites and luring their future fellow activists into the group. They then go about hacking and even just spreading gossip over the Internet (Goasguen, Hoyt, & Cooke, 2012). I remember reading about one of their rumors back a few years ago. If anyone is a Harry Potter fan, you will remember that before the 6th book was released, *spoiler alert for those that have yet to read and watch the movie*.....pausing so those of you can leave......OK! It was announced on several chat sites that Dumbledore was killed Anonymous took responsibility for that announcement. How did they find that out? Well, they did! Someone was able to hack into the computer system that Rowling had stored her book on and found that out.
Now, I wake up this morning, go to my email, and I see that I have received my daily dark reading material. The top headline for today's email; U of Nebraska Breach Highlights Education In Crosshairs. Come on! Another big site hacked! According to the article, no one knows who done it just yet, but what they were after is known. Their database containing over 650,000 students, professors, and staff was hacked into. Why is this happening? They actually mention why in the article. There is no emphasis put on their security. Most universities focus just on their IT department (Chickowski, 2012). Well, there is your problem. I bet if you go to all the sites that have been hacked in the past, you will find that common problem. More emphasis is put into making sure that the IT department is just functional. No emphasis is found in their security department.
What each company needs to have is a dedicated IT security professional, and preferably a Cyber Security professional. A Cyber Security professional is trained in helping keep a site safe while it has access to the Internet, hence the word "Cyber". They need a person that is trained to look at every detail, every aspect, and every little piece of information before a site is put up and made operational. Yes, there are still people out there like Anonymous that will still try to get in, but your site is going to be that much stronger and safer if you have that security professional. Without that security professional, your site is a sitting duck!
References:
Chickowski, E. (2012). U of Nebraska Breach Highlights Education In Crosshairs. Retrieved June 5, 2012 from http://www.darkreading.com/database-security/167901020/security/news/240001240/u-of-nebraska-breach-highlights-education-in-crosshairs.html?cid=nl_DR_db-sec_2012-06-05_html&elq=a6187b4dd8544000ba508e549f16af0e
Goasguen, S., Hoyt, J., & Cooke, R. (2012). Hacked One. Linux Pro Magazine. April 2012.
Seriously! This is good stuff. Bring them on.
ReplyDelete