The big news of the past week has been the large scale security breach of popular email service Hotmail. Last Thursday, more than 10 000 usernames and passwords were posted by an anonymous user on pastebin.com (Hacker leaks thousands of Passwords, Says Site).

What the incident shows is not so much the vulnerability of Hotmail’s servers, however, but how very security un-conscious its users are.

According to this article ‘Hotmail phish exposes most common passwords“:

“The most common single password in the sample of 10,000 purloined Live ID login credentials posted as a text file to developer site PasteBin.com was “123456”, something only marginally more secure than the traditional favourite “password”.”

Nearly half (42 per cent) of the passwords used only lowercase letters, 19 per cent were purely numeric and only six per cent mixed up alpha-numeric and other characters, according to a separate analysisof the data by web application security firm Acunetix.”

In an online world where cyber crime and phishing scams are so prevalent, it is hard to believe that people are still so laissez faire about their online security. I would argue that people still greatly underestimate the dangers posed by online crime.

According to the article “ID Theft has hit 20% of Aussies”

“A fifth of Australians have fallen victim to online identity related crime as criminals use low-tech means like snatching mail to commit the fraud, a report has found.

More than 1.5 million Australians had credit cards illegally copied in the past year, and 1.2 million had bank accounts illegally accessed, the Veda Advantage Identity Crimes Report, conducted by Galaxy Research, showed.”

Research shows it’s Generation X that are the most lax about their security. Perhaps Baby-Boomers are more suspicious online, or use online services such as online banking less frequently because the internet still holds a foreign quality to them. Generation Y are constantly being warned about the dangers of the online world and are more internet savvy – I think you would find Generation Y could detect a phishing scam within moments of looking at an email, while someone a little older might see the name of the corporation they trusted and think nothing of it.

According to the article:

“I think (the 25 to 49 age group) are more casual. I think its some ‘it won’t happen to me’ thinking,” Kirk said. “But if they ask their family and friends, they’ll find out that family and friends have had their identity stolen. It’s massive.”

If phishing is now the great new security threat of the 21st century, more time and money needs to be spent educating people on how they can combat these dangers in their online use. And the starting point needs to be a good, solid password for your important accounts – 123456 just doesn’t cut it.

Advertisements

Recent hacking attempts on websites Facebook and Twitter made headlines worldwide, when hackers launched a massive coordinated attack overwhelming servers with communications requests.

Turns out the whole thing boiled down to a petty dispute between some computer geeks in Abkhazia, caught up in the current conflict between Georgia and Russia.

In order to prevent one user posting some provocative tweets, they took with them at least a few hours of precious posting time from internet addicts all over the world.

This kind of incident shows not only the vulnerability of these websites to the most elementary of attacks but also the vulnerability of the posting public.

No doubt these websites have the resources and revenue to develop defence systems that will one-day outsmart the most astute of hackers and computer geeks.

In the meantime however, it appears the public has so widely come to rely on tri-hourly blogging, twittering and status-updating that an equivalent attack in six months time could have disastrous effects. Widespread withdrawal systems. Panic Attacks. Friendships ruined, families torn apart.

Maybe not to that extreme. But in all seriousness, this families business was seriously affected by the ‘blackout’:

Lev Ekster

Lev Ekster and His Cupcakes

Credit: The New York Times/Suzanne DeChillo

For Lev Ekster, who runs a mobile cupcake truck called CupCake stop in New York, Thursday’s twitter hiccup meant no tweets to customers and fans on  the truck’s locations and the day’s flavors.”

Their conclusion? Not to put all your eggs in one basket:

“As soon as I saw the twitter outage, I went  on to our Facebook fan page,” said Ekster.

(Story courtesy of the Jakarta Post).