In-depth

Top 10 security stories of 2008

What were the particular hot topics in security that caught the attention of IT PRO readers this year?

It was a particularly eventful year in IT security, with the threat landscape changing significantly. We count down the ten most read security stories of the year.

10 - Malware on legitimate websites up 50 per cent

One of this year's most worrying changes in the world of security was the rise of SQL injection attacks, which made legitimate websites their target.

Criminals are now infecting links and content on trusted sites, effectively using the reputation that these websites have with their users. Often, this resulted in a download of malware or a link to a malware-laden site, but either way web browsers had to be on their guard more than ever before.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

In 2009, this is likely to continue to be a serious threat, and anti-virus vendors are going to have to get their act together by using much more than the traditional anti-virus signature defence. Simply looking at the URL is no longer enough to spot an attack.

9 - The rise (and fall) of Chip and PIN

Chip and PIN was meant to be a godsend when it came to credit card and shopping security, but as IT PRO revealed, it also had its own vulnerabilities which criminals were very quick to exploit.

Cambridge researchers revealed that it was possible to hack into Chip and PIN terminals in order to collect PINs as well as collect credit and debit card details.

It was also revealed that cloning cards was still a problem, with criminals taking cards, copying them, and using them in countries where PIN numbers weren't being used.

It wasn't just Chip and PIN though. Experts claimed that cash machines weren't safe as you might have expected, as many of them were basically PCs running average operating software.

Advertisement - Article continues below

8 - LHC network hit by Greek hackers

This showed that even the biggest projects can be affected, as a bunch of hackers managed to hack into CERN's Large Hadron Collider facility and bring its website down.

Though they had no aim to bring down the project, it was still a worrying breach of security due to the fact that they were a step away from the computer control system of one of the magnetic detectors.

Overall it wasn't a great year for the LHC, which had to be shut down after a helium leak, with next summer the likely point where it can start up again.

Advertisement
Advertisement - Article continues below

7 - Oyster cards at risk of cloning

Transys lost the Oyster contract this year, and even though TfL are likely to deny it, this must have been a big reason about why that happened.

Advertisement - Article continues below

A group of Dutch scientists discovered that Mifare technology used in Oyster cards could be cloned by anybody with a standard laptop, and managed to ride for free.

The old contract will finish in 2010 but the new contract will involve two of the investors from them original deal, which might ensure that Oyster as we know does continue. Editorial here at IT PRO agree that the Oyster card system has generally been a success for Londoners.

6 - Cotton Traders website hack loses thousands of credit card details

At IT PRO, we have become used to the constant news about government data breaches, but this was probably the biggest example of a UK retailer being hacked this year.

Hackers managed to steal the credit card numbers of 38,000 customers after the Cotton Traders website was attacked. Payment industry trade association APACS said it was very serious because the details stolen could be used for card not present fraud.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now
Advertisement

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/technology/artificial-intelligence-ai/354796/ai-identifies-11-earth-bound-asteroids
artificial intelligence (AI)

AI identifies 11 earth-bound asteroids

18 Feb 2020
Visit/operating-systems/27717/how-to-fix-a-stuck-windows-10-update
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020
Visit/business/business-operations/354790/hp-shareholders-invited-to-come-dine-with-xerox
Business operations

HP shareholders invited to come dine with Xerox

17 Feb 2020