Paul Wallbank – Brilliant Communications

Category: security

  • Lessons from the Associated Press Twitter hack

    Lessons from the Associated Press Twitter hack

    Today’s hack of the Associated Press Twitter account that sent out a fake report about the White House being attacked raises a number of issues about how business and the media industry use social media.

    Attracting most of the attention is the stock market ‘flash crash’ triggered by the fake report where automated programs responded to unexpected selling on the exchanges.

    This in itself is an example of a risky over reliance on technology by well paid people who should know better. There are a number of other risks that everybody, particularly business people should learn from the Associated Press hijack.

    Twitter as a news channel

    Without any verification, people started selling stocks based on a report spread through Twitter. This is understandable as Twitter has become the modern news ticker tape.

    Also understandable is how news organisations could pick it up, most newsrooms are under resourced and journalists are under pressure to break news. This opens opportunities for misinformation to spread.

    The real risk with the fake report was if it had been picked up by a mainstream media outlet or found its way onto the wire services. Fortunately this time it didn’t.

    One clear lesson from this is social media postings are not a source of truth, they have to be checked and verified. This is something advocates for using social media as a disaster management tool need to keep in mind.

    Think before you tweet

    During the search for the Boston bombers, social media users went feral and it shows how false information can spread very fast.

    For those of us using Twitter – or any other social media channel – we have to be careful about what we post and who we identify as lives can be damaged and misinformation spread.

    Thinking before we tweet or post makes it harder for rumours and misinformation to spread.

    Introduce strong social media policies

    Almost certainly the Associated Press Twitter account was hijacked because the single person in charge of the @AP account clicked on a spam link and gave away the account’s password.

    Social media sites don’t do a good job with their security which makes it difficult for businesses to monitor and control access to accounts.

    While the services have to tighten their acts, companies need to be sure that they have security procedures in place and the right people maintaining their business accounts.

    Hire the right people

    Competing wire service Reuters discovered the importance of having the right person running their social media presence having fired its deputy social media editor for inappropriate tweets during the Boston Bombing scare.

    Putting the intern or the youngest person in the office in charge of social media is a beginner’s mistake, a more serious error is to put a loose cannon in charge of the company’s online presence.

    Given the potential business risks involved with social media, it’s necessary to put someone trusted and responsible in charge of what appears under the company’s name.

    At the very least management has to do proper due diligence on the person they put in charge of their social media accounts.

    Securing your business

    Associated Press’ problem is typical of many businesses that don’t have tight security policies, the UK Department for Business, Innovation and Skills recently released a report finding that over 85% of British business have had some sort of security breach in the previous year.

    Given the risks posed by poor computer security, managers have to take the integrity of their systems seriously.

    Those who caught out by Associated Press’ hijacked Twitter stream learned  important lessons about computer security, online trust and verifying information. All of us should be aware we can be caught out in the same way.

    Similar posts:

    • No Related Posts
  • Microsoft’s China crisis

    Microsoft’s China crisis

    That the Chinese Public Security Bureau is blocking your messages – and may even be reading them – would make anyone pause before they used a service.

    Bloomberg Businessweek reports Microsoft Skype is doing exactly this with its Chinese customers. Anything deemed inappropriate is censored and referred to servers belonging to TOM Online, the company that runs the Skype service on behalf on Microsoft in China.

    The Bloomberg story goes onto detail how one Canadian researcher is reverse engineering the Chinese blacklists, giving us a wonderful insight into the petty and touchy minds of China’s censors and political leaders.

    What raises eyebrows about this story is how nonchalant Microsoft is about this issue, in a wonderful piece of corporate speak the software giant answered Bloomberg’s question with the following bland statement;

    “Skype’s mission is to break down barriers to communications and enable conversations worldwide,” the statement said. “Skype is committed to continued improvement of end user transparency wherever our software is used.”

    Microsoft’s statement also said that “in China, the Skype software is made available through a joint venture with TOM Online. As majority partner in the joint venture, TOM has established procedures to meet its obligations under local laws.”

    Microsoft have to fix this problem quickly, glibly saying the Chinese government eavesdropping on conversations is a matter for partners is not going to be accepted by most customers.

    It would be a shame should Microsoft’s Skype investment fail – Skype is a very good fit for Microsoft, particularly when the technology is coupled with the Linc corporate messaging platform, so squandering goodwill over protecting users’ conversation seems counterproductive.

    One of the great business issues of this decade is the battle to protect users’ privacy. Those who don’t do this, or don’t understand the imperatives of doing so, are going to lose the trust of the marketplace.

    Twenty years ago, Microsoft could have risked this. Today they can’t as they struggle with a poor response to their Windows 8 operating system and their mobile phone product.

    Losing the trust of their customers may be the final straw.

    Similar posts:

  • Would you know if you’ve been hacked?

    Would you know if you’ve been hacked?

    “I report to head office in Moscow” is a line which either means you’re in a James Bond movie or at a lunch briefing with the Russian security company Kaspersky.

    While the James Bond movie would be fun, the Kaspersky lunch was an interesting briefing on their new security product.

    A notable aspect of the discussion was the explosion in malware – there are over a hundred million malicious programs circulating on the internet with over 200,000 new threats every day.

    “We struggle to keep up,” says Kaspersky Lab ANZ Managing Director, Andrew Mamonitis.

    That a security company with 2,700 specialists struggles to keep up with the evolving threats emphasises the scale of the task facing a network administrators and IT managers.

    It’s a task beyond all but the biggest companies.

    Sometime ago I suggested every computer user should assume their computers are compromised and managers should work work on limiting what intruders can do to system.

    With staff bringing their own devices to work, those risks are multiplied as some devices will almost certainly be infected with malware.

    There are some basic things that computer users should do to make their systems harder to break however it’s almost impossible to protect against a zero-day exploit or the efforts of a sophisticated and determined hacker.

    With our homes and motor cars, we realise it’s almost impossible to keep determined thieves out, so we take precautions like alarms, immobilisers and basic security such as keeping valuables out of plain view.

    That attitude is what we now need with our computer technology, any hope of keeping your office server impregnable from outside attack is long gone.

    Similar posts:

  • Sharks patrol these waters

    Sharks patrol these waters

    The announcement that the New York Times was attacked by Chinese hackers after exposing the financial details of the nation’s Premier doesn’t come as much of a surprise to anybody following either China or computer security issues.

    One of the realities of modern computing is that systems are constantly being compromised, the complexity of IT networks is so great that even the best security experts can be caught off guard.

    Securing our networks

    In such an environment the normal business and home computer user has little chance against sophisticated criminal or government sponsored attacks, by the Chinese or any other spy agency.

    One example of how badly wrong things can go for an organisation is the hacking of security advisory firm Stratfor in 2011, this illustrated how small business practices of having relatively open networks and poor password security can have serious consequences.

    The issue is not how we fortify our systems against intruders, but how we manage the risk. A useful analogy is how supermarkets deal with shoplifters – they can’t eliminate the problem, but they can manage it in ways that control losses.

    Businesses, governments and home users have a range of things they can do to make it harder for hackers to get into a system and limit what they can access if determined one gets in.

    The limits of anti-virus

    Another aspect in the story that doesn’t surprise is the poor performance of the New York Times’ anti-virus software. According to Forbes, Symantec only caught one malware program out of the 45 installed by the hackers.

    I have an entirely rational hatred of Symantec. While running an IT support business, their products were the bane of our lives and we encouraged users to choose alternative security software because of the unreliability of many of Symantec products, particularly the once proud Norton brand that was aimed at home and small business users.

    At the time of the great malware epidemic in the early 2000s, Norton Anti-Virus had a huge market share and it proved to be worse than useless against the various forms of drive by downloads and infected sites that were exploiting weaknesses in Microsoft Windows 98 and XP systems.

    Windows weaknesses

    The common culprit was Windows ActiveX scripting language that Microsoft had introduced to standardise its web features. While a good idea, Microsoft made ActiveX a fundamental part of Windows and gave the features full access into the inner workings of the system.

    Sadly Symantec made the decision to run all their security software on ActiveX as well.

    As ActiveX was the main target for malware writers it meant that Norton AntiVirus or their Security suite would crash in a heap once a computer became infected and the Symantec software would actively interfere with attempts to cleanup a compromised system.

    Making matters worse was Symantec’s subscription policies which cut customers off from vital updates and their bizarre policy of not including important upgrades in their automated updating function.

    The failures of tech journalism

    All of these factors made Symantec a loathed product in our office. It wasn’t helped by a generation of tech journalists who wrote gushing stories about Symantec, gave their products favourable reviews despite the company’s lousy reputation and consulted their employees for expert comment.

    It wasn’t tech journalism’s finest hour. What really grates is the number of these folk still peddling nonsense about IT security and anti-virus software.

    That distrust of Symantec continues to this day and those of us who struggled with their products a decade ago are not surprised at their poor performance on the New York Times’ network.

    State sponsored risks

    In defense of Symantec, the Chinese hackers are very good and its unlikely any security software would stand up to a sustained and determined attack from them or their counterparts in the US and Israeli governments.

    We should also note that government agencies trying to get into systems is not just something done by the Chinese, US and Israelis; every government in the world is engaging in these activities against foreign businesses and their own citizens.

    So we have to accept that these breaches and attacks are a real threat to any computer and any organisation. It may well be should build our security strategies around the assumption the bad guys are already in the system rather than believe we can build a giant electronic fort to keep the bad guys out.

    One thing is for sure, you can’t rely solely on anti-virus software to secure your IT systems.

    Similar posts:

  • 702 ABC Mornings – Hacking 102

    702 ABC Mornings – Hacking 102

    A number of callers asked about protecting their Facebook pages and information from hackers and spammers. Details are on the Netsmarts webpage

    On 702 Sydney Mornings with Linda Mottram, we’re revisiting security and how it affects businesses and consumers after some stories of serious security breaches in everything from shops to pacemakers.

    We’re looking at some pretty important issues, including how four million hotel locks are open to hackers and thieves.

    Even more scary is the risk that pacemakers can be hacked. This story is a cautionary tale on good intentions being bought undone by bad security practices.

    For businesses, the risk of having customers’ credit card details hacked is a serious issue. Two years ago the US fast food chain Subway had a major breach when criminals managed to break into franchisees’ Point Of Sales systems.

    Recently the Australian Federal Police broke up a similar crime gang operating out of Romania.

    A misconception about computer security is that all hackers are evil. The reality is most aren’t and a good example of this is Random Hacks of Kindness where geeks get together to find ways of using tech to improve society. We’ll look at last weekend’s Melbourne event.

    Join us on 702 Sydney from shortly after 9.30am. We’d like to hear your views, comments or questions so call in on 1300 222 702 or SMS on 0467 922 702 or tweet with @702Sydney in the message.

    Similar posts: