Hackers typically approach an attack using five common phases. It is important to understand these phases of hacking attacks in order to better defend against them. Here we’ll discuss the five hacker phases to better understand them and how they relate to each other. This information is useful for network administrators, and essential for network security consultants. Read more…
How well President Obama has done in his first 100 days in office is currently a very hot and controversial topic. So-called political experts have come up with a wide spectrum of opinions ranging from judging him to be the best President the US has had in a half century to those that deem him to be little more than a spending-crazed liberal. Although one’s evaluation of the President is likely to be shaped more by political ideology than anything else, certain issues on which Obama should be evaluated have little to do with ideology. Cybersecurity is one of these issues. Read more…
One of our readers wrote in to ask, “My website has forms in it and I want to know how to tell if they can be hacked.” The website is using a standard processing language and a back-end MySQL Database. Multiple forms exist in the website including a newsletter form, a user fedeback form, and a New Membership signup form. Although versed in programming, the reader does not have a background in security programming or network security in general. Realizing that web forms can be a port of entry for hackers, the question of website application security arose and inspired contacting me. Lets discuss web form application security for your network. Read more…
2009 has started out rather badly as far as cybersecurity within the US goes. I’m sure, for example, that you are familiar with the recent news accounts of penetrations into the US electrical grid. Intruders from countries such as Russia and China are believed to be involved in an effort to gain control of the electrical computer infrastructure in the US. Once the intruders gain access to an electrical control system, they install Trojan software that allows back door remote access that can be used to bring down the system and/or subvert its functionality. So far no denial or alteration of service attacks have occurred, but the intruders have used the unauthorized access they have obtained to map the US power infrastructure. The perpetrators have not targeted any particular geographical region in the US, nor have the attackers exclusively focused on any one electrical company. Sadly, operations personnel at power plants have almost without exception failed to notice the attacks; the word that these attacks were occurring instead came from US government intelligence sources. Read more…
With the large number of hackers and the increasing threat from overseas hackers, more and more business are at risk for attack and exploitation. There are many types of hackers and certainly many degrees of intent and purpose. The majority of hackers are usually programmers and network security specialists, who likely have a day job under the guise of the 9-to-5 John Doe. Your business could be vulnerable to attack from internal sources as well as external. The question remaining to present to your programmers and network administrators: “Is anyone here a skilled hacker?” Read more…
