The software giant may be showing signs of slowing as the Core Brand Power 100 2007 Study shows the firm slipping from one of the top ten most powerful and recognizable brands the world over. The study shows that in 1996, the company was ranked number one to its current level at 59. This might be why the company is continuously surprising industry leaders with bold moves in the industry. Its current foray into the acquisition of Yahoo, the opening of doors for sharing some of its trade secrets and many more unknown strategic moves which might show they are looking for a boost to its business. The company has lost favor of many companies who have been loyal to its product lines but have now turned to cheaper and free versions offered by open-sourced developers. Open Office, which is similar to Microsoft’s office, is a better and cheaper choice for businesses who are now trying to save all they can due to the current financial crisis.
Many have also opted to use Linux and the many other Unix-based operating systems which cost a lot less that mass volume licensing Windows. Some are even free which is blamed as the main reason for their favorability. These competing operating systems also have fewer requirements with regards to hardware with the most basic stripped versions which can be used as web servers able to run at older machines. Linux is re-compilable, meaning it can be stripped down of all unnecessary components which makes it faster and cheaper to implement. Windows has strict requirements with regards to processor type, the amount memory and hard disk space which it gobbles up in no time. The advent of a Windows-like interface for Linux has also made the cut deeper into the Windows market along with the release of more and more open sourced applications that can do what Windows-based ones do.
Their monopoly on the Operating system market might still be tight but elsewhere, it’s downhill. The many bugs and weaknesses of Microsoft software is also proving to be too costly for businesses and for something they pay so much for to cause so many problems they are starting to think twice before getting more of their products. Though still a player in the IT industry, it may only be time before some other IT giant is born to take its place as the world’s most prolific software vendor/developer.
Financial Institutions – Prime Phishing Targets
Banks and other financial institutions are the most attacked institutions in the world which accounts for millions in losses according to RSA, one of the IT Industry’s leading security firms. The rise has been foreseen and predicted for many years yet banks are simply not taking it too seriously. Phishing involves the leeching of client information from bank networks for use in scams and fraud. This type of attack sits next to identity fraud and credit card fraud as the most expensive financial loss generators for the banking industry. The phishing attacks target mostly US based firms with the UK ranking second. Many countries are following as targets for phishing by hackers who aim to use the information they obtain for personal gains.
The banking industry is considered to be one of the most secure and IT dependent industries in the world but the diversity and sheer number of attacks is taking its toll on their systems prompting them to take notice. Credit Card fraud alone accounts for billions in losses worldwide that is suffered by financial institutions adding to that the newer types of attacks making it an IT Security Managers worst nightmare. In Europe, Germany is hailed to be the financial hub in the region yet it has managed to repel attacks which isn’t the same with it’s other neighboring countries. More strict legislation might be needed to deter criminals who now opt to use computers rather than a gun which is safer and involves less effort.
The Credit card Fraud problem is being addressed by the implementation of PCI DSS which is to secure and prevent hackers from getting card customer information while it is in transit over the network. The attacks now focus on more public domain which is the internet through social networks which is where most phishing attacks usually occur.
Wireless Networks – Still Bugging IT Managers
The advent of cheap wireless technology such as routers for as little as 50 Pounds has made the wireless revolution a true headache to IT managers from all over. Suddenly, the once secure office database and programs is open to all types of vulnerabilities from viruses to hackers getting stuff off the company’s servers selling or using it for profit. Securing the wireless network is proving to be harder than wired ones for the de-centralization of data once contained within corporate firewalls became mobile through WiFi enabled laptops and other digital devices.
Securing the entire WiFi network is out of the question due to the dynamic structure of such networks. Even the internet has been so hard to police that companies nowadays rely on end-point intrusion prevention methods using software and hardware that are pre-loaded with security systems. This would be the best option for the internet is a very dangerous place which no amount of security software can secure. Even with super-computers the task would be difficult due to the millions of computers that are interconnected forming the internet.
For corporate security it is also vital to have proper education for employees regarding the risks of unauthorized WiFi connections from within the company. Security engineers should also be aware of the risks and goals of the measures they are implementing so as to avoid holes in the security net they are putting in place. If possible invest in education seminars regarding real life scenarios which can raise awareness. Also allow employees to voluntarily declare personal devices which they bring into the office. This avoids the unauthorized occasional iPhone from popping up in your network scans. Regularly check for malware which may have gone through the security net which is already in place and keep all security software up to date.
MTV Networks Employee Information Exposed to WEB
Viacom, the company that owns MTV has confirmed the fact that there was indeed a leakage of information from their system that has resulted in personal information such as Social Security numbers, Birth dates and other employment related data. They confirmed the fact that the said information was taken from an employee workstation which may have been infected by malware that sent the said information to the outside without the management knowing about it. These types of problems are now becoming more common as people go on the web and as this case shows, the workstation in question was said to have entered a social networking site through which may have been the path the malware took. The said information was contained in password protected files and the company has said that it has launched an internal investigation as to why the employee in question may have been able to access the said site from the office workstation.
Information leakage such as this case is now so common that they happen even without anybody knowing about it. Even with installed security and intrusion prevention systems, programs that piggy-back onto legal programs have found and exploited ways to circumvent them exposing themselves to protection systems as legitimate programs. Social networks have been targeted as with the problems with Goggle’s Orkut, Myspace and the many other social networking sites which have fallen to hackers who use them as launch/propagation platforms to unload their payloads of Trojans, key-loggers and many other forms malicious code.
The Web transforming into the social network may be the best thing that has happened to many but it remains to be a thorn in IT Security People from all over. Many have fallen victim to such instances that have resulted in credit card fraud and full-blown identity theft cases which are a real-world issue everybody has take notice of. The threat is real and we must all make it a point to do our best. Install the proper intrusion prevention systems and establish systems usage security protocol which will minimize exposure to such threats which are sure to invade more of our daily lives as we go on living a second life in the internet of today, the Social net.
GMail Password Malware Found By User
As if we haven’t gotten enough warning about free stuff of the web, here’s a classic case of such malware found by an unsuspecting programmer who just happened to casually do a de-compilation of a popular utility used on Google Mail that allows archiving of all your email. As the story goes, A programmer was on the hunt for a way to back-up his email from GMail which he submitted a request to CodingHorror.com for such a utility from fellow programmers. He was referred to a commercial program called G-Archiver which was distributed by an American firm Mate Media. As all freeware usually do (which is not as much as their advertising says) it disappoints him quite to the extent that he decides to reverse engineer(in the fashion of true hacking) the said utility only to find the email address and passowrd of the program’s creator within the code that raised red flags as to the reason behind the said suspicious details. As it turns out, the said program was sending private data with respect to the users who have downloaded and used the said utility to archive their Gmail accounts.
The program contained the said information (email address and password) of the programmer so the said utility can send information to him without the users knowing about it from any platform and location it may have been used.
Most of the sites which offered the program for download have removed them from their software offerings and the authors at ZDnet Asia where this was first reported have not been able to get a reply from the firm which distributes the said utility as to an explanation to the said event. This is a classic case of complacency wherein people rely on big names for their needs sometimes even sacrificing common sense in the process as sad as it may seem. The reluctance of the developers to reply to the said allegations. The programmer took the email address and the pasword using it to log-on to Gmail where he finds 1,777 email from all the people who have used the software including their passowrds and other vital information. So, be wary of free and sometimes harmless stuff, they are the ones who can do most harm.
Biometric Scanning to become standard for EU Visitors
The European Commission is planning to implement biometrics screening and automated security checks for all visitors who wish to enter all the current member countries. This is a move to bolster internal security which has been quite troublesome in the past years with problems like terrorism and identity theft on the rise. The plan calls for mandatory scanning of a person for biometrics information which is compared to a database of known criminals and fugitives from around the world. This would bolster or even curb the growth of illegal immigrants who have overstaying status in that corner of the world. Though much of the plan is under wraps, it would surely include pioneering technology such as the facial recognition system used in the football match series that allows a person’s face to be scanned and compared to an online database of known hooligans which allows denial of entry to stadiums and even the host country to prevent violence. Hooliganism has risen in the past years with several violent clashes between police and rioters who have turned unruly during the games.
Several games had to be moved or postponed indefinitely due to fears of rising violence on and off the courts between rowdy fans and security forces.
The introduction of a scanning camera that has the ability to reveal what’s under your clothes but not enough to reveal the skin (which is to address privacy invasion issues of the past) is sure to play a vital part in the said security plan. The information of travelers would be scanned and entered into the biometric database upon visa application which is then again checked during entry into the country of destination. The system is initially for testing with suspicious travelers who may have something to hide, such as fake passports and other identity theft cases which if successful would be implemented full-scale to address the need for increased security.
All the above measures are to address the increasing cases of identity theft, cross-country crimes, illegal immigration and other related matters. Most of the countries who are voting for the said security measures are the ones who share borders with the exception of some like the UK which is separated from mainland Europe and some other countries that form the EU who are under deliberation if they would avail or support such a measure.