Each week we bring you three of the top stories in the cyberverse–stories which amuse us, get us talking around the water cooler, or otherwise provide a few lessons about cyber security in a digital age. But this week we are experiencing a serious case of déjà vu.
Well, it was probably George Santayana who said, “Those who cannot remember the past are condemned to repeat it.” Which has alternately been said, “doomed to repeat it.” Whichever way you want to state it, a breach of security is a lesson to learn from…and learning from the mistakes of others is so much less painful. So here are three of this week’s top stories…may you not repeat them!
Hacked via LinkedIn
Remember when DropBox got hacked because of a user profile (and password) crossover with LinkedIn? Well, this week we’ve got another story about a hack via LinkedIn. This time, someone fell for a phishing scam over at Vevo. We’re not faulting anyone for falling for such a scheme. Those things are getting harder and harder to spot. But still, preventative measures could have stopped the hacking group OurMine from leaking more than 3 terabytes of internal data from Vevo.
OurMine likes to “test security,” such as when they hacked Mark Zuckerberg or spoof-hacked WikiLeaks. This time they reportedly leaked the documents after notifying Vevo of the hack and then being rebuffed. Then, when Vevo requested that they take down the sensitive files, they ultimately did.
When the Cleaner Leaves a Mess
The next case of déjà vu comes from an app with a backdoor. Stories like this have gotten press before–hundreds of apps have had this kind of breach in security. At one point, devices were even sending messages back to China!
Still, we were a little surprised to learn about a CCleaner security breach. The Avast-owned trusted Windows security application has been downloaded 2 billion times. Well, apparently, more than 2 million of those had a secret backdoor, installed by hackers, that would allow the app to remotely execute a cyber attack.
Avast has made an update available, with a patch. There are still a couple of problems:
- The patch sounds a little sketchy–it involved taking down a “rogue server” and reportedly safeguarding against possible others. That remains to be seen.
- The security flaw may or may not have already been executed–Avast has made statements that the flaw was not yet exploited, but such claims have not yet had independent verification.
In our third case of déjà vu today, some D-Link routers have a security flaw. Cyber security is only as strong as its weakest link, and unfortunately, that weak point has been wireless routers before. Several D-Link routers from the DIR-800 series have had a security alert issued. D-Link issued the security advisory, including procedures to follow to protect against the weakness.
We’ll just take this opportunity to remind everyone about default factory passwords–change them! It’s absolutely vital, as a protection against devices joining a botnet army, to not use default passwords. As for devices that don’t even allow you to change the password, don’t buy them. More and more manufacturers are realizing the importance of protecting the IoT (internet of things), but any internet-capable device needs to be secured with a unique password and regular updates, at a bare minimum.
Whether organizations are “condemned” or “doomed,” let’s learn from history and be neither–not repeat it. Each cyber security breach, each attempt, even, can be a lesson for the observant. Learn from the mistakes of others, without the bumps and bruises. Until next week’s lesson, enjoy the headlines (but stay out of them).