Looking Back At Computer Security In 2005
by Mirko Zorz - Wednesday, 21 December 2005.
Bruce Schneier comments on this situation: "Every credit card company is terrified that people will reduce their credit card usage. They're worried that all of this press about stolen personal data, as well as actual identity theft and other types of credit card fraud, will scare shoppers off the Internet. They're worried about how their brands are perceived by the public. And they don't want some idiot company ruining their reputations by exposing 40 million cardholders to the risk of fraud."

Howard Schmidt said: "I think that anytime a breach of security of any size, especially one that contains consumer private information causes executives to ask "Can this happen to us and if so how do we fix it" With the compliance issues taking a bigger role in corporate governance world wide I would expect this to continue to be a board room discussion which will increase security."

And just in time for the holidays, Guidance Software (a self-proclaimed leader in incident response and computer forensics) suffered a breach that will probably get a lot of people fired. The incident during which some 3,800 customer credit card numbers have been stolen, occurred on November 25th but wasn't discovered until December 7th. Did Guidance Software contact their customers immediately? No. In the age where even children use mobile phones, IM and e-mail, they chose to send out notices of the breaches via regular mail. Why? They claim people change e-mail addresses too frequently while the location of the offices stays the same. I guess they think these companies also change their phone numbers all the time. Even if they do, shouldn't they keep an up-to-date database with contact information?

To make things even worse, the company stored customer records in databases that were not encrypted and if that wasn't bad enough they also kept the three digit Card Value Verification (CVV) numbers despite the guidelines by MasterCard and Visa that prohibit the storage of the CVV numbers after a transaction and require the databases to be encrypted. The company says they didn't know these numbers were stored for a longer period of time. I don't know if this makes things better or worse.

Rootkits go mainstream

On October 31st Mark Russinovich posted an entry on his blog entitled "Sony, Rootkits and Digital Rights Management Gone Too Far" that sparked a media frenzy. Russinovich discovered that Sony was using a rootkit as a method of control for some of their CDs. Sony got under much fire as both privacy advocates and the users were raging against such vile control actions and started boycotting certain Sony titles, bad reviews were starting to show up on shopping sites and Amazon.com contacted their customers and offered them a complete refund if they returned the "infected" CDs. At least now the public is much more aware of certain problems.

F-Secure made an interesting t-shirt that shows just how much Sony is "concerned" about their customers.

Assorted malware

Not surprisingly this year had thousands of pages filled with reports of various types of malware wrecking havoc. So, are things getting any better or just worse when it comes to virus outbreaks? "It seems better. In 2003 we had tons of large outbreaks. In 2004 we saw some. This year only a handful." says Mikko H. Hyppönen. "However, the transformation from hobbyist virus writers to professionals also means more targeted attacks. These stay under the radar and don't become front page news - the criminals don't want to end up on the front page. We're seeing less outbreaks - so the situation seems to be getting better. It's actually getting worse." he adds.

The most talked about virus of 2005 is certainly Sober which caused a lot of problems and disrupted e-mail traffic for both MSN and Hotmail. F-Secure cracked the code and learned how Sober activates. More than 20 variants of the virus have been found since October.

Other "popular" viruses in 2005 were Zafi.D and several variants of Zotob. When it comes to numbers, Hyppönen says the situation seems better: "All of these cases were smaller than cases like the Mydoom/Bagle/Netsky war or the Sasser outbreak from 2004."


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th