Friday, 21 December 2012

Hacking and Protesting

Anonymous India hacked into India's largest fixed line telecoms operator Bharhat Sanchar Nigam Limited (BSNL) and leaked company information in protest of the country's IT Act Section 66A which restricts citizen's freedom of speech and expression. *

Today, we can say whatever we want and let the world hear our voice without even speaking, thanks to the famous World Wide Web. You post one statement, it becomes controversial, then the next thing you know, it is already the talk of the whole world. The internet rapidly evolved into a blank slate where everyone can paint their ideas and opinions. It is a place where everyone felt free to do whatever, until government agencies drafted laws for cybersecurity.

Since the birth of democracy, protesting has become a common response when people feel their freedom is being threatened. Over the years, and across the globe, protesting has been and will always be people’s way of publicly announcing their objections and desires. Unsurprisingly, forms of protests have evolved with technology.

A proof to this is the recent breach in India. Indian government officials legislated a law which is allegedly suppressing citizen’s freedom of speech and expression. As a response, to the threat, Anonymous India hacked India’s largest telecoms operator, Bharhat Sanchar Nigam Limited.

We all know that hackers are very prevalent nowadays and the each nation's government finds it hard to control them. But putting a law into it might be beneficial to the government and the citizens even if it seems contradictory.
This particular protest may have a positive goal but a cybercrime is still a crime regardless of the end. For companies, government offices, and personal websites to avoid these instances in the future, they must ensure their websites with strong SSL Certificates from a trusted Certificate Authority. GlobalSign, being one of the world's largest SSL and client certificate provider, has just the right solutions for different needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.
For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Wednesday, 19 December 2012

Key Technology Trend for 2013

Companies progressively use automated controls to manage cost business operations and minimize business risk, says Turnkey Consulting.

Automated control is the application of control theory for regulation of processes without direct human intervention. Simply put, it means that it can self-regulate a technical-plant (such as a machine or industrial process) operating condition or parameters by the controller with minimal human engagement.
Turnkey’s research also outlined current technology trends and how they were viewed from a security perspective, with key findings as follows: *
 
Mobile
  • 48% of the organizations planning to invest in a strategy for mobile in the next 12 months are including investment in additional security in these plans
  • 17% are not including investment in additional security in these plans
  • Only 10% are not planning a mobile strategy.

Cloud Computing
  • 39% of organizations planning to invest in a strategy for cloud computing in the next 12 months include investment in additional security in these plans
  • 13% are not including investment in additional security in these plans
  • 22% are not planning a cloud computing strategy.

Big Data
  • 26% of organizations planning to invest in ‘big data’ technology such as SAP’s in-memory database technology, HANA, in the next 12 months include investment in additional security in these plans
  • 7% are not including investment in additional security in these plans
  • 31% are not planning to invest in big data technology.
Based on the given data, a high percentage of people are considering to invest in additional security be it on their mobile phones, cloud usage, personal computers or corporate devices. Encrypting your devices with strong SSL Certificates from trusted a trusted Certificate Authority, like GlobalSign is the best way to secure digital information. GlobalSign, being one of the world's largest SSL and client certificate provider, has solutions your company needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Monday, 17 December 2012

IT: Important to Businesses

Companies worldwide are planning to invest and rely on IT departments to increase efficiency on their work, stating that investments over the next three years will focus on cloud computing and business analysis software.*

Careers in IT seem promising for 2013. Surprisingly, the highest-performing companies – those that reported their financial performance is stronger that their industry peers – measured a different advantage for IT in their business.

"We must embrace disruptive technologies such as cloud and mobile that are propelling business growth to create an opportunity for IT to step out of a support function into a more strategic role," Juniper Networks Senior Vice President and CIO Bask Iyer said in a statement. "By creating new products and services and identifying new market opportunities, IT can truly transform and technologically enable the business.”

It's no question that IT can really deliver fast and reliable outcome. In fact, one of the main strengths of IT is the efficient execution of general business processes allowing industries to save not only time, but unnecessary cost. Thus, many businesses, with no doubt, will reach maximum growth should they begin to shift to and embrace IT operations.

This however, is not always the perspective when it comes to IT. Comparatively, small scale businesses or businesses not related to IT slowly recognize the potential value IT has to offer as a collaborative partner in identifying new opportunities.

Given that IT brings a number of advantages, it still has its flaws which may explain why some people are not fully receptive of it. If the system is not strongly guarded enough, data may be breached and lost in an instant. With the vast number of IT industries, the big question is who to trust? That’s where GlobalSign can help. We are one of the world’s largest Certificate Authorities and it’s our job to answer the question of trust. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

Also offered is GlobalSign’s CloudSSL, an SSL distribution service available via API and is designed specifically to help web services operate securely in the Cloud. It removes the restrictions of traditional SSL, such as one Certificate per IP address, and can be used across large virtualized environments without incurring additional license fees. CloudSSL partners make on-demand requests for SSL Certificates,including request for their customer base all within the top level Certificate issued to the Cloud partner. All the time meeting the highest security associated with the GlobalSign SSL brand.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Thursday, 13 December 2012

Chinese Government Sites Hacked by a Pakistani Group

A Pakistani group who titled themselves as Code Cracker has damaged over 400 Chinese government websites and sub domains.

A group of hackers named “Code Crackers”, also part of a larger cybercriminal group Pakistan Cyber Army, breached a total of 437 Government websites, posting their group’s defaced image on the office website and all subdomains of Xuchang City after the attack. The complete list of affected sites can be seen here on PasteBin.

This is not the first time the website of Xuchang City People's Procuratorate endured a breach. Last September 2010, an Indonesian cybercriminal group, “Hmei7”, hacked the website. And just recently, last November 29, 2012, it suffered yet another breach by a group named “DevilzSec”. It just shows to prove that Xuchang City People's Procuratorate website has the information that hackers would need or want. Regardless of the reason, they should be alert before another group makes a four-peat!

China being one of the strongest and dominant countries to date cannot afford to lose any first hand/ important files or documents to hackers. To minimize the percentage of getting the website hacked again, one can never fail coming prepared. GlobalSign, being one of the world's largest SSL and client certificate provider, has right solutions for your website's different needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

GlobalSign also offers cost efficient solutions for enterprises like yours having a number of domains and subdomains to secure – SANs and Wildcard SSL, respectively. Subject Alternative Name (SAN) is utilized by multi-domain SSL certificates from GlobalSign to enable you the flexibility to secure up to 40 different domain names, subdomain, and public IP addresses using only one SSL certificate and IP address.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Tuesday, 11 December 2012

500,000 Aussie Credit Card Thefts busted by Authorities

A group of 16 Romanians were allegedly involved in probably “one of the largest data breach investigation ever undertaken by Australian law enforcement.”

The obvious crime done was the robbery of information of more or less 500,000 Australians who have done their purchases using their credit cards. How this was done was through the break-in of hackers to the database of 100 retail stores where customers’ card information were stored at the time of purchase. Police said that they weren’t able to exactly quantify, but about 30,000 of the stolen card detail from Australian businesses’ database were already used to illegally buy things worth $30M.

Apparently, retail stores were independently operated and small scale in nature, thus making them more vulnerable and easier targets because no stringent security protocols are employed in their internal computer systems. This has been the common game plan for cyber criminal these days; small businesses become easy targets because of their illusions of invulnerability –thinking that since they are small in size, they would not attract any cybercriminals.

All affected businesses were told how they were hacked, and they all agreed to install better security systems which would prevent any such event again. On the negative side, those are only 100 out of the almost 500,000 involved. It has come to authorities’ knowledge that Australians whose credit card information were exposed are still unaware of the privacy breach. Despite this, authorities claimed that none of them shall lose money as they are guarded by banks’ and financial institutions’ privacy policies.

“Australian banks and credit unions have reimbursed the 30 million dollars in financial losses suffered by the 30,000 Australians whose credit card details were used to commit frauds around the world and will continue to bear the cost if more frauds are committed.” *

This issue has been raised! Why suffer and take the blame when it's not your fault? Whether you're managing a small scale business or you're the online shopper who keeps on purchasing, you need to be educated on security. Not just for our own benefits but for others as well.

Encrypting your website with strong SSL Certificates from a trusted Certificate Authority, like GlobalSign is the best way to secure digital information. GlobalSign, being one of the world's largest SSL and client certificate provider, has solutions your small scale businesses need for it to get online shoppers trust your website and shop without hesitation. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Friday, 7 December 2012

Can Phishing Attacks get any trickier in the coming year?

Spear phishing emails rather than the mass phishing mails is reported to be the tactic Phishers will be using this coming 2013.

Mass phishing - technique where phishers distribute thousands or millions of emails to potential victims to extract information from those who’ll give in to the trap - is no longer effective and is said to be the thing of the past. Spear phishing is said to be the new thing. Many say it is a more powerful tool than the mass phishing as attacks will be more planned and victims will be well targeted. How cybercriminals do this is through stalking and carefully studying a handful pick of victims and tailor the message until it is relevant to the recipient, enough for them to believe and respond either by clicking on the link, opening an attachment, or providing personal information.

It is a known fact that as technology continuously evolves, so does the strategy of cybercriminals. Rohyt Belani, CEO at PhishMe said “If 2012 was the year of BYOD, 2013 will be the year of mobile malware designed to take advantage of it. We have seen a growth in consumer apps that violate privacy, for example by tracking your GPS data, but in 2013 we will see criminals targeting mobile device users, specifically with the intention of getting inside their corporate email system.” *

Come to think of it, it's really possible that BYOD hackers will be successful at phishing information from users who surf the internet through their mobile devices especially now that mobile devices including smartphones and tablets can gain access to corporate database. This being the case, it will be advisable for corporations who embraced BYOD to be more aware of security protocols and more cautious of the files and/or links they will be opening because one wrong move can get your corporate network exposed and none of you will be happy about it.

“Spear phishing attacks are performed by humans, against humans.” While it is existent that we have software solutions, it will never be hurtful to be more cautious and to be more prepared. As the cliché goes, regrets are felt when it's just too late. So start installing antiviruses or Digital Certificate as an early preventive measure. These products combined with education of employees will help them become more sensitive to threats and understand when and why they need to report such suspicious attacks.

From the above-mentioned details, it is fitting that we learn more of these solutions and use them at their best. GlobalSign, being one of the longest established Certification Authorities and leading online security solutions has always been committed to providing customers with the most up to date security solutions capable of guarding users against modern-day attacks. One of its offered products is SSL certificate secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL. Not only that, GlobalSign also offers Code Signing Certificates that provide the ability for all developers on all platforms to digitally sign and bind their authenticated publisher identity to the software or executable file they distribute. The timestamp feature ensures end users that the software or executable file they are running is legitimate and has not been tampered with or altered since being published.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Wednesday, 5 December 2012

Thailand in Cybersecurity Crisis


With the rampant use of social media, Thailand’s ministries fear that the public sector is at risk of increasing cyber attacks.

According to socialbakers.com, in Thailand along, there are more than 17.6 million Facebook users today, with a notable growth of yet another 3.3 million users in the last six months, hailing the country at top 14 worldwide in terms of signed up Facebook users*.

Maj Gen Bunjerd Tientongdee, deputy director of the Ministry of Defense's Department of Defense Information and Space Technology, mentioned the role of social media in the Arab Spring uprising last year, stating that it is possible that Thailand would end up on the same leaf if social media were to be used for political purposes.

He also stated that the military was concerned that social media might lead to spread of misinformation which is critical, because government information should and is expected to be accurate and secured. With this being said, security shall be highlighted in this area. This is especially when Maj Bunjerd also mentioned that government servers have been threatened, but adding that he cannot disclose any specifics.

On another note, Maj Bunjerd has been honest to share that their legal framework regarding the design of law and regulations of their cyber security system has yet to evolve to cover the online world.

ICT Minister, Anudith Nakornthap, said only about 150 Thais have been certified as information systems security professionals (CISSP). About 90,000 people around the world are CISSP certified, he said, with Singapore housing around 1,110 of Asean's 1,608 certificate holders. The ratio of Thailand to Singapore is comparatively poor to Thais, given the huge amount of internet users in their locality.

Mr. Prinya, president of cyber security consultancy firm Acis Professional Centre, then added that "It would be a serious threat, especially in two years [when the Asean Economic Community comes into effect], if we are not aware of the need for cyber security improvement,"

This is a great opportunity to cater the starving industry. As cybercriminals continue to attack regardless of the target size, may this be a start for us to secure all relevant and important information our company holds.

The most common protocol for internet security worldwide is the use of digital certificates for servers which are more commonly known as SSL certificates. There are a number of issuing certificate authorities nowadays but in the cyber world which is vast, who do you really know who to trust? GlobalSign, being one of the world's largest SSL and client certificate provider, can satisfactorily answer the question of security and trust. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.


Source: http://ow.ly/fPCe2
*socialbakers.com