Top 10 security stories of 2008

What were the particular hot topics in security that caught the attention of IT PRO readers this year?

The level of technical knowledge needed to become an online fraudster lowered significantly this year, as savvy criminals took many of the IT industry's successful business principles and made them their own.

Malware-as-a-service was big this year, and it looks like 2009 this will become even more common as the credit crunch makes it more tempting for techies and ordinary users alike to make some good money by stealing data.

4 - Lessons to learn from a year of data breaches

It started in 2007 with the HMRC breach, and due to the uproar that followed, 2008 was the year that data breaches in the public and private sector began to be reported.

Advertisement
Advertisement - Article continues below

It was a gradual learning process, but it is only now that those in charge have started to realise their responsibilities in taking care of the private data that they hold.

According to research, the average cost of a data breach by record is 47. That's a lot when you consider the number of records that businesses and the private sector tend to hold. It's in all of our interests that data is kept as safe as possible from being lost, be it taken maliciously or accidentally.

3 - Kaminsky's DNS vulnerability

This was one of the big headline threats this year, as Dan Kaminsky found a problem at the very heart of the way the internet works with a problem with the Domain Name System (DNS).

This meant that if a managed to take advantage users could be transported to malicious made-up sites even if they typed legitimate addresses. This could also create serious problems with online transactions and email.

2 - Ten of the most infamous black hat hackers

Hacking was back in the news as Gary McKinnon desperately fought to avoid being extradited to the US for crimes against the military. As IT PRO revealed, he wasn't the first to have been involved in committing malicious acts online.

Interestingly only one of the hackers mentioned in the feature was doing it for financial gain the reasons for the other hackers included revenge, curiosity and even simply as pranks.

It's a whole different playground now, and the new generation of hacker is out there but they won't be silly enough to have their work as seen as public knowledge like these guys.

1 - Over 10,000 websites rigged with criminal code in massive attack

Advertisement
Advertisement - Article continues below

One of the biggest threats to surface this year was web-based malware which found its way to users via legitimate sites and drive-by downloads.

This particular incident was one of the largest attacks of its kind as criminals worked out that one of the best ways to get users to download malware was to target websites that people knew and trusted.

It's a clever way to get malware on machines, effectively piggy-backing' on the reputation of other sites.

Another example was with the Asprox' Trojan, which managed to infect thousands including the NHS website .

Trojan horses were a constant bane for the security and anti-virus vendors to deal with, and file sharing also became a problem, as McAfee reported what it claimed was the most significant malware outbreak in three years.

It was done using file sharing as users passed infected video and music files which were sent over peer-to-peer file sharing services.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019