Subscribe to RSS feeds


Sep4
by Paul Oliveria (Technical Communications)

A couple of days ago, news of a “global security breach” circulated across the computing industry. According to reports, the said breach came in the form of a list of login credentials, which a Swedish consultant had posted online. The said credentials are related to email addresses and server addresses and passwords related to about 100 foreign embasssies, at least two news articles have reported (read more here and here).

The consultant, Dan Egerstad, claims that the list is only part of a much bigger problem — which range from weak passwords to misused applications — and hopes that by posting the information he was able to gather, the concerned parties will immediately take action before the said data can be misused by those with malicious intent.

While Egerstad’s motive for posting such information is commendable — what with malware and hackers targeting government sites and agencies nowadays — its method or avenue of “informing” these vulnerable embassies is somewhat questionable. Who knows how many hackers are now exploiting the details as of this writing? For a lack of better imagery, isn’t his method reminiscent of a spyware keylogger that uploads stolen information on a server?

Granted, Egerstad claims that he’s “probably not the first one grabbing these passwords”, but if he, as he claims, was the first one to publish them, how many more will be able to access it given that some of the said credentials are still available?

This issue has once again brought to the spotlight the fine line that separates security from malicious hacking, and the lack or difficulty of establishing proper channels of communication when disseminating critical information as a security breach. Normally — and Egerstad also admits this — the usual way to do it is to notify the affected organizations personally. But what happens (or what should happen) when the infection is of a global scale? To organizations that potentially has more roadblocks than anyone else, no less?

It’s a circular question that is bound to be a topic of debate among security experts. The only thing certain here is the fact that Egerstad’s motives and methods won’t be questioned in the first place if that “bigger problem” was not a problem at all…



This entry was posted on Tuesday, September 4th, 2007 at 9:50 am and is filed under Security . Responses are closed, but you can trackback from your own site.



Comments are closed.


Trojan Gains Access Through MS Access
NUWAR in labor


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro Inc. All rights reserved. Legal Notice