In-depth

Top 10 security stories of 2008

What were the particular hot topics in security that caught the attention of IT PRO readers this year?

It was a particularly eventful year in IT security, with the threat landscape changing significantly. We count down the ten most read security stories of the year.

10 - Malware on legitimate websites up 50 per cent

One of this year's most worrying changes in the world of security was the rise of SQL injection attacks, which made legitimate websites their target.

Criminals are now infecting links and content on trusted sites, effectively using the reputation that these websites have with their users. Often, this resulted in a download of malware or a link to a malware-laden site, but either way web browsers had to be on their guard more than ever before.

Advertisement
Advertisement - Article continues below

In 2009, this is likely to continue to be a serious threat, and anti-virus vendors are going to have to get their act together by using much more than the traditional anti-virus signature defence. Simply looking at the URL is no longer enough to spot an attack.

9 - The rise (and fall) of Chip and PIN

Chip and PIN was meant to be a godsend when it came to credit card and shopping security, but as IT PRO revealed, it also had its own vulnerabilities which criminals were very quick to exploit.

Cambridge researchers revealed that it was possible to hack into Chip and PIN terminals in order to collect PINs as well as collect credit and debit card details.

It was also revealed that cloning cards was still a problem, with criminals taking cards, copying them, and using them in countries where PIN numbers weren't being used.

It wasn't just Chip and PIN though. Experts claimed that cash machines weren't safe as you might have expected, as many of them were basically PCs running average operating software.

8 - LHC network hit by Greek hackers

This showed that even the biggest projects can be affected, as a bunch of hackers managed to hack into CERN's Large Hadron Collider facility and bring its website down.

Though they had no aim to bring down the project, it was still a worrying breach of security due to the fact that they were a step away from the computer control system of one of the magnetic detectors.

Overall it wasn't a great year for the LHC, which had to be shut down after a helium leak, with next summer the likely point where it can start up again.

Advertisement
Advertisement - Article continues below

7 - Oyster cards at risk of cloning

Transys lost the Oyster contract this year, and even though TfL are likely to deny it, this must have been a big reason about why that happened.

A group of Dutch scientists discovered that Mifare technology used in Oyster cards could be cloned by anybody with a standard laptop, and managed to ride for free.

The old contract will finish in 2010 but the new contract will involve two of the investors from them original deal, which might ensure that Oyster as we know does continue. Editorial here at IT PRO agree that the Oyster card system has generally been a success for Londoners.

6 - Cotton Traders website hack loses thousands of credit card details

At IT PRO, we have become used to the constant news about government data breaches, but this was probably the biggest example of a UK retailer being hacked this year.

Hackers managed to steal the credit card numbers of 38,000 customers after the Cotton Traders website was attacked. Payment industry trade association APACS said it was very serious because the details stolen could be used for card not present fraud.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/mobile/mobile-phones/354222/samsung-sails-past-apples-market-share-despite-smartphone-market-slump
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019