Technology Futurist :: Hackers Continue to Create Havoc

Ronald Gruia

Besides authoring this blog, Ronald is a Senior Strategic Analyst with Frost & Sullivan. Comments are open and unmoderated, although obscene or abusive remarks may be deleted. Opinions expressed by Ronald are his own and do not necessarily reflect the views of his employer.

Recent Photos

IBM Blade Center Demo @ Supercomm

Wrigley RF Foul Pole

Toronto Weather

Recent Comments

Re: CRTC VoIP Decision: The Day After

Re: MTBF Ratings and a Tale of a Lost Hard Drive

Re: The Kyoto Accord: Some Food for Thought

This Month

Month Archive

March 2005
February 2005
January 2005
December 2004
November 2004

Year Archive

2006
2005
2004

Technology Futurist Listings:

Main Page

Previous:	Sun and IBM Add Fuel to Open Source
Next:	Bellster - Calls for Nothing and the Chicks for Free?

Hackers Continue to Create Havoc

by Ronald on Mon 24 Jan 2005 08:29 PM EST | Permanent Link | Cosmos

Is it just me or is the amount of hack headlines increasing? I keep reading about the threats of "evil twin" hotspots (actually, a quick search on Google News produced 135 results) and how it can allow hackers can clone an AP that behaves as part of an integral WLAN. As more attacks become known, it seems like some hackers enjoy the extra notoriety, leaving their "signatures" on the sites knowing that their hacks will be publicized later.

Here are a few recent ones:

- T-Mobile: hackers penetrated their systems and read e-mails from an agent from the US Secret Service, among other company customers (400 total, including sensitive information such as their social security numbers.

- Gmail: sometimes, people discover vulnerabilities by accident, such as on this instance, when a Unix community group found a way to retrieve username and password information from Gmail users.

- Harvard University: some hacks do not even need to be sophisticated due to really lax security practices. In this case, confidential drug purchase histories of Harvard students could be obtained by anyone knowing their student ID numbers.

This reminds me of my days at Nortel, where I once worked on the Symposium Contact Center product. All user manuals, training, etc. highlighted the fact that the default password to the product needed to be changed by the system administrator. Then, I remember seeing an article that appeared on 2600, one of the most widely read hacker magazines. I was amazed to discover the amount of system administrators who just never bother to follow those instructions (this was not Nortel's fault, of course, but pure carelessness by the sysops). Of course, this poor practice could potentially expose their systems to hackers.

Posted to:

Main Page

Tech Talk