Here's laughing at you ... a Malaysian website under attack. Photo: AFP
Late last month, the US media group PBS ran a strange story on its website. ''Prominent rapper Tupac has been found alive and well in a small resort in New Zealand,'' it reported. ''The small town - unnamed due to security risks - allegedly housed Tupac and Biggie Smalls [another rapper] for several years.''
For two reasons, this was a surprising piece of journalism. First, Tupac died in 1996. Second, the piece wasn't written by PBS. It had been planted on their site by a group called Lulz Security, a loose collective of anonymous hackers who wanted revenge for a recent PBS program that criticised WikiLeaks.
''Greetings, Internets,'' Lulz wrote on their own website. ''We just finished watching WikiSecrets and were less than impressed. We decided to sail our Lulz Boat over to the PBS servers for further … perusing.'' Above the message the tagline: ''Set sail for fail!''
A message from Lulz Security.
The extraordinary episode was by no means isolated. In March, hackers stole a database of email addresses from the marketing group Epsilon in what one commentator called the largest email address heist in history. Then the computer security firm RSA had their servers breached in an attack that may have led to the hacking of defence giant Lockheed Martin, an RSA client. In April, persons unknown cracked Sony's PlayStation network and stole 77 million users' data. And in the past month, the IMF, Citibank, the Spanish police, Google, the Turkish and Malaysian governments, the US Senate and (earlier this week) the CIA have all been hacked.
In simple terms, there are three kinds of attack taking place. Hacktivism is the most prominent: raids by amateur groups such as Lulz (who took down sites belonging to the CIA, the Senate and the Spanish police) or Anonymous (PayPal, PlayStation, MasterCard and Visa), for fun - ''for the lulz'' - or, increasingly, as an act of political protest. There is the criminal kind: professionals hunting for credit card details or email address directories. Finally, there's state-sponsored espionage, or even cyber-warfare. ''Google, RSA, Lockheed Martin, IMF - the strong suspicion is all those were state-sponsored, or state-approved,'' Dave Clemente, a cyber security expert at Chatham House, the international affairs experts, said..
Sign up for CIO Asia eNewsletters.
Veeam Availability Platform Designs for Ransomware Resiliency Series
The threat of ransomware is real and should be top of mind for CIOs as well as technology administrators of all types. In this brief, Veeam® will share some key tips to add ransomware resiliency to provide the best levels of Availability for critical applications and data.
The Future of Retail in a Digital World
Retailers may face cyber attacks like any other industry, but steps can be taken to guard against cyber crime.
VMware Virtual SAN risk avoidance and Availability
Veeam Backup & Replication provides full support for VMware vSAN, enabling faster backups through smart logic that reduces network traffic and enables backup and restore for the storage policy associated with the VM.
Transforming Data protection with Integrations for Microsoft Azure and Microsoft Office 365
Veeam for the Microsoft Cloud provides a consolidated solution for virtual, physical and cloud-based workloads with integrations for Microsoft Azure and Office 365.
Financial firms can stay relevant by focusing on digitization, security and data quality
How can financial institutions be faster, smarter and more responsive? Find out how they can avoid the risk of becoming irrelevant with insights into digitization strategies, beefing up on data security and ensuring data quality.