Payment processor Mastercard is the latest victim of a security breach. How can organisations defend themselves?
Following attacks against Sony, Nintendo and Sega, Mastercard is the latest website to go down reportedly as a result of a coordinated cyber assault on June 28.
Mastercard has since got back online but the reason for the loss of service is the subject of much speculation. Wikileaks reported that "hacktivists" had taken down the site. However Mastercard said the "cause was not a hack", as reported on the pcworld website.
The BBC reported that Mastercard was the victim of “distributed denial-of-service attacks” and that hacktivists claimed the Wikileaks war would continue long into the future.
Mastercard was also attacked last year by the hacker group “Anonymous” following the company’s decision not to process donations to the Wikileaks whistleblowing website, after it published leaked diplomatic cables.
In order to improve their online secuirty major companies are now hiring hackers to improve their cyber defences. The hacker who was sued by Sony for undermining its PlayStation’s security (and famously hacking the Iphone) has reportedly been employed by Facebook (according to CRN).
Which institutions are most at risk from cyber attacks?
“One particularly alluring target for hackers is educational institutions” said law firm Cozen O’Connor in a recent statement. In 2007 educational institutions accounted for 25% of all reported data breaches and this figure increased to 33% in 2008. For Cozen O’Conner’s full report on universities click here.
Universities often have decentralised network systems, which increases their exposure to cyber assaults. In 2008 2.1m medical records were stolen at the University of Miami with the credit card details of 47,000 users also compromised.
Universities are not the only ones at risk. Any company that has a complex computer system that can be accessed by a large number of people is potentially exposed. See the factfile below for advice on how to avoid cyber attacks from Savannah IT Solutions.
How to protect your company against cyber risk
1.Keep your anti-virus software up-to-date.
2.Make sure computers are immediately locked when not in use.
3.Keep your PC operating systems up-to-date.
4.Make sure employees use effective passwords and that the same password isn't used for a variety of programmes.
5.Run firewalls on all computers.
6.Turn off computers when they are not in use.
7.Turn off Cable/DSL connection when not in use (this keeps stops 'bots' from accessing the network.)
8.Avoid any free programme downloads.
9.Monitor your cableDSL connection for attacks and report suspicious connections to your ISP.
10.On your local network block 'bad' IP ranges and domains using a local firewall or network routing filter.