10 major events of 2012 in the field of security

Meanwhile malware and permanent threats to the increased complexity (APT) are used not only by the states, but also criminal syndicates.

Let's remember 10 main events of 2012 in the field of security.

10. American banks and two-factor authentication

In the field of Internet banking and cybersecurity Europe for a decade outstripped banks in the United States. The systems of two-factor authentication are widely applied in banks of the EU, but only begin to appear in the USA where banks, obviously, fluctuate, comparing technology cost to the possible amount of losses. But simple means of protecting, such as user names and passwords, become too vulnerable, and some banks realized need to implement, in particular, program or physical tokens for smartphones of employees and disposable variable number codes.

9. Leakages of a source text of a hypervisor of VMware ESX Server

At the end of April, 2012 the VMware company recognized that one file of a source text of a hypervisor of ESX was published on the Internet. As a result there was a possibility of zero day attack. There were concerns that also other files can be published. In November there was a leakage of a source text, from the hacker by the name of "Stun" this time again. Details of both incidents are not disclosed that complicates risk level assessment. However it is considered that potential problems are fixed thanks to release of program updating.

8. Mac computers under a sight

The phrase "is not necessary to me protection; I have Mac!" in 2012 consigned to the past when vulnerability of Java became the infection reason more than half a million Mac computers the malware Flashback. Hackers even changed the mechanism of distribution of the wrecker, having replaced the false Adobe Flash installation program with so false program updating. Elimination of a weak spot required several "patches". At the same time the belief in invulnerability of the Apple platform broke. As usual happens, from the infected machines different personal data were stolen.

7. Microsoft destroys the zombie network

Having for the first time addressed the law RIKO, in March, 2012 the Microsoft company using the legal executives acting on the basis of the federal order destroyed several zombies networks used for distribution of malware. Affirms that malefactors stole more than 100 mln. dollars from financial institutions and other companies. About 13 million computers and 800 domains were involved in the criminal scheme, managed C servers in the Pawnshop (State of Illinois) and Scranton (State of Pennsylvania). Through illegal zombies networks malware of the Zeus family, including a kind of SpyEye and Ice-IX extended. Similar operations were performed and is later in 2012.

6. The Chinese espionage against Nortel

The Nortel Networks Ltd. company, in the past to telecommunication giant, not for the first time should have tough times. It seems that spywares of the Chinese hackers deeply got into the company, at least, ten years ago. According to the messages which appeared in February, 2012, hackers had access "to everything", including technical documentation, reports on researches, business plans and e-mail of employees. The attack began with theft of seven passwords of the high-ranking heads, one of which was a general manager of Nortel. Allegedly, several employees demonstrated that the company did not make any attempts to eliminate leak until information was available for sale.

5. Symantec gets rid of Salem

While the main attention of specialists in IT security was riveted on Black Hat action in Las Vegas, the Symantec company dismissed the general manager Enrique Salem, the veteran of the company. He held a position of the general manager within three years. But income dropped almost by 10 percent, and the board preferred the chairman Steve Bennet who will hold both positions. Bennet became the board member of Symantec in February, 2010 and the chairman in 2011. Next quarter indicators of the company improved a little, but changes in the management continued with leaving of William Robbins, the executive vice president for sales in the world market.

4. The attack of DDoS against banks

In 2012 the distributed attacks with failure in service (DDoS) against banks and other financial institutions significantly became frequent. In the first quarter 2012 almost 80-fold increase in harmful traffic in comparison with the fourth quarter 2011 was mentioned, and the attacks continue. Hackers begin to use shorter, intensive data streams; the general activity of the attacks grows, their arsenal extends. By the end of the year attacks became more sophisticated: the attention of personnel distracts obviously false attack, and at this time on other section of network there is another, well disguised attack.

3. Special attention to the cyberlegislation

In 2012 the government paid close attention to protection of critical infrastructure of the country against cyber attacks. On August 2 Lieberman-Collins's law did not pass because of party disagreements, but discussion did not stop and for certain will continue in 2013. The purpose of the law was to stimulate investments into research and development, it is better to protect critical infrastructure, to define cooperation conditions between the private and state organizations and to assign to the U.S. Department of Homeland Security the leadership in efforts of the state in the field of cyber security.

The law was actively opposed by republicans, chamber of commerce of the USA and the supporters of personal privacy claiming that the legislation gives to the government too large powers. Supporters of the law claim that it is necessary for protection of critical infrastructure and computer networks of the country.

2. Emergence of the malware Flame

May, 2012 was mentioned by emergence of the new malware which became widely known in community of specialists. The program known under different names, including "Flame", "Viper" and "Skywiper" was for the first time detected in the Middle East and was used against Iran. Among its opportunities there is a theft of information, capability to define more than 100 products of security and to find network resources and functionality for reading screenshots and record of voice negotiations. For contact with managing servers the SSH and HTTPS protocols with reliable enciphering are used.

1. The attack of Stuxnet came from the USA

At the beginning of June information on communication between "worm" by Stuxnet and presidential administration of both George W. Bush, and Barack Obama was published in the New York Times newspaper. Thus, it is possible to draw a conclusion on participation of the USA to a cyber war against Iran. It is reported that Stuxnet was used for the attack against the Iranian centrifuges involved in the program of nuclear weapons which did not manage to be stopped using economic sanctions. Many consider that cyber attack can be considered as replacement of the normal military operation which even more would destabilize a situation in the Middle East. Possibly, for the first time the United States performed such operation against the foreign government.

Source: CRN/of the USA