Facebook hacked!

Facebook Inc., operator of the largest social network with more than 1 billion members, is working with the U.S. Federal Bureau of Investigation to probe a malware attack, people with knowledge of the matter said, reports newsday.

On Friday, Facebook said in their blog about the hack that this was a very “sophisticated attack” but that so far no evidence has been found that any Facebook user data has been compromised. Facebook Inc. operates the largest social network with “more than 1 billion members” worldwide.

Facebook stores the information of Facebook users. Since the social network is a primary target for hackers, the company employs a team which tries to detect and respond to any potential hackers. Facebook even pays “bounties to outside programmers who help identify malfeasance.”

Despite all of the company’s efforts to prevent an attack by hackers, however, Facebook discovered that a file on the laptop of one of its employees had been infected with malware after having visited a mobile developer’s website.

“By first hacking a mobile developer’s site, the attackers had ensured that they would infect the computers of engineers working for several companies, said Anup Ghosh, founder of Invincea Inc, a security firm based in Fairfax, Va.”

Upon further examination, Facebook discovered that the laptops of several employees had been infected with the malicious file. Facebook immediately cleaned all laptops that showed the malicious software and began an investigation into the hackers’ origin.

Oracle Corp, the owner of Java, has since issued a security patch that it says has fixed the problem. In its post, Facebook said it received the Java fix two weeks ago.

“As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.”

There have a number of cyber-attacks on prominent websites recently. Some 250,000 Twitter accounts were potentially compromised after attackers obtained access to their names and email addresses.

The websites of The New York Times, The Washington Post and The Wall Street Journal were also infiltrated by unknown hackers apparently targeting those papers’ media coverage of China.

Although Facebook claimed that no user data was compromised, the incident could raise privacy concerns about the vulnerability of personal data stored within the social network.

Advertisements

In 2013 Cyber Conflicts become the norm: Symantec predicts

Symantec released its 5 most important security threat expectations of the  year 2013. Symantec claims that these predictions are based on their expertise, “understanding of threat evolution” as well as “experience in previous cybersecurity trends”.  Symantec Corporation is an American global computer security software corporation headquartered in Mountain View, California.

The threat expectations for 2013 and beyond go like this – 

Cyber conflict becomes the norm among nations, organizations, and individuals. Espionage can be successful and easily deniable. Nation States, organizations and groups of individuals use cyber tactics to gain advantage over their opponents. The conflict is moving more and more on cyber assets from physical.




 
Ransomware is the new scareware: With online payment methods becoming omnipotent and omnipresent, criminals find it easy to extract money at anytime from anywhere!! Get ready for more professional ransom screens and methods. FBI keeps cautioning the users as more cases are already being reported.According to Kevin Haley, Director of Security Response at Symantec, during 2013, there’ll be increasing utilization of commercial ransom screens, exploitation of targets’ sentiments, along with utilization of techniques, which will make recovery more difficult following system compromise.


Madware adds to the insanity: Mobile adware or “madware” is a nuisance that disrupts the user experience and can potentially expose location details, contact information and device identifiers to cybercriminals.The past experience sees rapid growth in this menace, an increase of 210% in 9 months in 2012!! Free mobile apps are going to contribute more aggressive and potentially malicious approach.


Monetization of social networks introduces new dangers – the growing social spending trend also provides cybercriminals with new ways to lay the groundwork for attack. Symantec anticipates an increase in malware attacks that steal payment credentials in social networks and trick users into providing payment details, and other personal and potentially valuable information, to fake social networks.


As users shift to mobile and cloud, so will attackers – Symantec claims that mobile platforms and cloud services will be likely targets for attacks and breaches in 2013. The rapid rise of Android malware in 2012 confirms this. It is predicted that in 2013, mobile technology will continue to advance and thereby create new opportunities for cybercriminals.

 

Wrong use of devices in corporate networks that utilize clouds will witness growing danger of personalized assaults and breaches into the devices’ data, the security firm explains.

The threats could be more alrming to India. Identity fraud is turning out be as a major concern in India with the growing number of Internet, social media and internet users through mobile phone devices.

A recent Symantec report stated, of the total 137 million Internet users in India, 42 million have fallen prey to the cyber fraud in one way or the other. The financial loss per cyber crime victim is around Rs 10,000 for 2012, as per Semantec.

While this list is more on expected lines considering the cyber crime trends being witnessed in the recent past. The key to the threat management lies in end-user education in protecting the online privacy, a more disciplined online behaviour and much better understanding of their smart phone.

In a lighter vein: 

On January 17, 2012, Symantec admitted to their network getting hacked. A hacker known as “Yama Tough” obtained Symantec’s source code by hacking an Indian Government server. Yama Tough has released parts of the source code, and has threatened to release more.