In the final part of our look back at what made the headlines on SC Magazine this year, today we focus on September to the present day.
We started September with the website for the Apache Software Foundation being taken offline after being compromised by an SSH key, while on the 4th reports appeared about Ealing council facing a bill for half a million pounds after its compromised systems failed to work for several weeks.
Five days later, Rodney Joffe, senior vice president and senior technologist of Neustar, who is also a director of the Conficker Working Group, claimed that this was a Conficker attack, this was not the last we heard of the notorious worm either, as Oxford Brookes University was hit later in the month. Joffe claimed that this was a sign that things would only get worse.
On the 18th September we reported on plans by the Conservatives to change the authority of the Information Commissioner's Office while October saw the annual RSA exhibition where I talked with rogue trader Nick Leeson, while the journalist fraternity joked about the debacle that was National Identity Fraud Prevention Week, which was eventually revealed to be a marketing campaign by a paper shredder company.
However maybe a shredder may have come in handy after we were encouraged by F-Secure to write down passwords to help us remember them, certainly scandalous but the benefit of having secure but complex passwords was highlighted following the publication of more than 10,000 passwords for webmail accounts.
A report by PandaLabs revealed at the end of September that almost a quarter of UK small businesses do not have any security software, and 98 per cent spent less than £1,000 per annum on security solutions. The solution arrived the following day with the introduction of Microsoft's Security Essentials free anti-virus software. This is certainly not the first free download or hosted anti-virus, but a major launch when you consider the vendor.
Microsoft was back in the headlines, although it was barely out of them during 2009, on the 22nd October with the launch of Windows 7 in what was arguably the last major launch of the year.
The Digital Britain report had its largest developments in this period, at the beginning of September several musicians spoke out against UK government proposals to kick file-sharers off the internet. These plans were confirmed at the end of October in a speech by Lord Mandelson, where he explained that the proposal was to offer a ‘three strikes and you are out' strategy.
The first criticism of this was by TalkTalk, who claimed that the plan was based on file sharers being ‘guilty until proven innocent' and constituted an infringement of human rights. Further, we reported that more than 17,000 had signed a petition against the proposed law on the 24th November.
One of the major criticisms came from the fact that cut off file-sharers could use somebody else's WiFi to get back on to the internet, an investigation by TalkTalk found that most houses in a suburban street were unsecured on their connection, while an investigation by the BBC Watchdog programme revealed the insecurity of public WiFi.
The end of October and beginning of November brought some major domain stories, with the Guardian Jobs site hit by a rumoured SQL Injection, while customers of T-Mobile found that a rogue employee had been selling their details on to third parties.
Twitter won the dubious ‘honour' of being the last reported compromise when users were redirected to a page promoting the Iranian Cyber Army. Although they were not left with the worst reputation, that ‘honour' went to Facebook, who decided to change its privacy settings once again, to almost universal criticism from its members.
In malware, we were left to decide whether the Space Invaders game created as an art project was a Mac Trojan, as proclaimed by Symantec. Creator Zach Gage spoke to SC about this and admitted that it was ‘potentially dangerous software', and said that he was ‘cool' with it being described as malware.
November also saw the first worms for the Apple iPhone. Admittedly they only affected ‘jailbroken' models, but while the appearance of Rick Astley was considered a joke, genuine worms followed in the next few days that created anything but laughs. The Astley worm creator Ashley Towns got a job in what was generally perceived to be a PR stunt.
So moving to the end of December, a last reported data loss was given to the Ministry of Defence, who lost a laptop with the encryption key with it, while Adobe's vulnerability in Acrobat and Reader will be patched in mid-January.
For the last big story of the year (probably), Howard Schmidt was appointed by President Obama as the cybersecurity coordinator, leaving us with a positive message for the end of 2009.
So that concludes our look back at what made the headlines in 2009, and I hope that we can exceed this next year so in 12 months time we look back with a bit more of a positive view.