Hackers attacks: human factors is vital in providing security

Regardless of how efficient, stable and reliable are security means, human beings habits are the main source of problems, as Ghana Business News mentions in its post, Hackers target companies on Twitter. Modern hackers are very selective in a way they choose their targets: the higher in rank is a person, the more important data can be obtained through compromising their accounts.
 
As the post states, hackers are getting more creative in targeting certain companies and Twitter has recently discovered the consequences of such an attack. About a month ago, an administrative employee at Twitter was targeted and her personal e-mail was hacked, according to a blog post today by Twitter co-founder Biz Stone. The hacker used information in the e-mail account to access this employee’s Google Apps account, which contained a wide variety of Twitter documents from ideas to financial details. Today TechCrunch said it had received 310 confidential Twitter documents in a zip file from the hacker who calls himself Hacker Croll.
 
In the last few years, security experts have seen an increase in the amount of highly-targeted attacks. Unlike, say, massive spam campaigns designed to get employees to divulge personal information like bank accounts, these types of attacks involve hackers targeting anywhere from one to five employees within a company. The motive is to steal confidential information that the hacker will use to make a profit, says Patrik Runald, chief security advisor at F-Secure, a security firm. The types of organizations frequently targeted in these attacks are defense contractors, governments and non-profits with ties to Tibet, he says.
 
After the Twitter incident first became public, some speculated about the quality of Google’s security but Biz Stone absolved Google Apps in his blog post. “This attack had nothing to do with any vulnerability in Google Apps which we continue to use,” he wrote. Instead, he wrote, the incident underscored the need for choosing strong passwords.
 
The simplest and most obvious set of truth - passwords may not be too trivial; one shouldn't use the same passwords for different services; one should divulge the login credentials to untrusted parties - those are not addressed with proper attitude.
 
It is well known that the more secure is system, the less comfortable it becomes. E.g., if all the critical actions such as password, contact email etc change are monitored and the password strength and history are stored to prevent re-using them, the system becomes quite vulnerable on the other side: anyone with access to the database of used credentials can become aware of the pattern people use to generate safer passwords. Also, if system urges its users to change the password frequently, it becomes very unfirndly and uncomfortable. However, in case of officials having access to very confidential and important data, these measures should be considered appropriate, since data leak can cost too dearly.
 

This article was brought to you by the developers of IPHost Network Monitor, network and server monitoring software.