A lack of valued cyber-security skills has left businesses open to attacks resulting in reputation damage and data loss .Cyber-security skills shortage leaves companies vulnerable. Being aware of latest cyber-attacks and common attacks will help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers.
Details for nearly 200,000 Grand Theft Auto fan site users have been traded on the digital underground. GTAGaming.com, which posts news, screenshots, and other information about the Grand Theft Auto video game series, was breached earlier this month. Data on a hacking forum contains email addresses, hashed passwords, dates of birth, and IP addresses. The hacking forum has since shut down.
Blizzard, the game developer behind World of Warcraft and Overwatch, was hit by another DDoS attack on Tuesday. The assault coincides with the final day of its Overwatch Summer Games event. In an update to an official Twitter account, Blizzard admitted the assault was affecting its ability to deliver services.
Universities and NHS trusts in England have been hit hard by ransomware in the last year. Bournemouth University, which boasts a cybersecurity centre, has been hit 21 times in the last 12 months. Twenty-eight NHS Trusts said they had been affected. Ransomware is a form of computer malware which encrypts files and then demands a ransom for their release.
There is a new banking Trojan going around that uses Microsoft PowerShell to alter a computer’s local proxy settings in order to redirect users to the wrong server when trying to access a banking portal. Banking Trojans have hijacked computer proxy settings for years. This is how some of them operate. The difference is that they used local PAC (Proxy Auto-Config) files to achieve this, which they silently installed on infected hosts.
Biometric an ultimate authentication solution- how much secure is it!
Many technology experts talk about biometrics as the ultimate authentication solution – the technology that will make the ‘imperfect’ password obsolete. Despite the hype, most companies are approaching with caution. A big reason for low adoption could be that they are less secure.
Weakness of a biometric authentication
- Biometrics will be easier to hack than passwords. Not only are they subject to all of the current attacks that work when hacking passwords, but biometric data were never designed to be secret. Most people make sure not to divulge their passwords, but it’s difficult to imagine a world where everyone wears gloves constantly to avoid leaving fingerprints.
Users are able to safeguard passwords by taking precautions like limiting sharing through channels they distrust and not reusing the same password across sites. Containing the spread of biometric information is a lot more difficult. It might be easier to swipe a finger than type in a code, but this convenience comes at security cost.
- A stolen biometric has much greater repercussions for users than a stolen password. A biometric reveals a part of the user’s identity that is intensely personal and could be used to falsify travel and criminal records and legal documents.
In a recent U.S. Government breach, fingerprints of 5.6 million and Social Security numbers of 21.5 million individuals were compromised. In response, an intra-agency group was created to investigate the possibility of resulting payment fraud and creation of fake identities.
- Lack of revocability, meaning that a biometric cannot be tossed away and replaced like a password or a credit card number. Rather, it is permanently associated with a user. Recent experimentation with biometric template techniques like salting and one-way encryption reduce the collateral damage. But just as with passwords that are reused across sites, there will always be a poorly designed system that can result in a leak of biometric credentials, ruining them for all other systems. Despite advancements in security controls, one’s identity, which is invaluable and irreplaceable, will always be at risk.
- Biometrics don’t suit everyone. Consumer products, like mobile technology, will likely continue to use biometrics because of the premium end-users put on convenience, but enterprise products may opt-out to ensure maximum information security. CEB data show that 50 per cent of organisations haven’t evaluated biometrics for their business and of those that have, only 16% are planning to deploy them over the next two years.
Revelium and SIEM can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu
