In the second part of our look back at what made the headlines on SC Magazine this year, today we focus on May through to the end of August.
As the world worried about the impact of the H1N1/swine flu virus, the cybercriminal fraternity did not as news of a malicious PDF began to spread, something that spun into a continuing story about remote workers, and the challenges posed when patching.
On the 12th May Twitter users started a trend to reveal their porn names that sent the security industry into an education lockdown, this was followed on the 22nd May with warnings made by Trend Micro about a phishing campaign regarding the microblogging site, particularly with a typo-squatting site at ‘Tvviter' that aimed to catch out unaware users to sign in and allow hackers to steal login details.
Google was forced to apologise on the 15th May when a traffic jam, caused by an error in one of its systems, led it to direct some of its web traffic through Asia, and saw around 14 per cent of its global users experiencing slow services or even interruptions.
The search engine was quick to deny claims that it had experienced a distributed denial-of-service (DDoS) attack, an attack that became more prevalent in July when North Korea was accused of DoS attacks on American and South Korean websites, while Twitter experienced two similar attacks in mid-August.
First reports of the Gumblar botnet emerged on the 19th May from ScanSafe, while T-Mobile, who would have further bad news in November, was forced to play down reports of a hacking with customer details advertised for sale online.
The first news of a US cybersecurity czar was made on the 29th May, with details made on what they will need to do the job. SC asked if the UK would be, or even should be, the next country to appoint a similar high-ranking individual, and plans were loosely announced a couple of weeks later with plans announced by the Prime Minister to launch a national cyber security centre. However any plans that Obama had were quickly dropped after Melissa Hathaway stepped down on the 4th August.
There were two major product announcements in this period, firstly Microsoft revealed plans to roll out its ‘Security Essentials' free anti-virus software while Google announced plans to release an operating system based on its Chrome browser.
News did not get any better for the internet giants as we moved through the summer though. Twitter suffered a hacking by ‘Hacker Croll' when an administrative employee had her personal email account hacked, and Croll was able to gain information which allowed access to the employee's Google Apps account, which contained Docs, Calendars and other Google Apps that Twitter relies on for sharing notes, spreadsheets, ideas, financial details and more within the company.
Hacker Croll later detailed how they had carried out the attack, but not before the industry had spoken out on how this demonstrated a ‘lack of security in cloud computing'. Another web giant to be hit was Facebook, who came under extensive and detailed criticism by the Canadian Privacy Commissioner.
August also not the best month for Microsoft, as it was blocked from selling 2003 and 2007 versions of its Word programme and was ordered to pay over £175 million for ‘wilfully infringing on a patent' by Canadian firm i4i. Microsoft hit back at the ruling two weeks later, claiming that it was ‘not justice'.
August also saw reports coming from conventions in the US, with a Microsoft vulnerability revealed and subsequent patch released at the Black Hat conference, while reports emerged on the 12th August about a malicious ATM at the Riviera Hotel Casino in Las Vegas, where the DefCon conference was taking place.
To conclude, on a middle third with few things to laugh about, Gary McKinnon lost his High Court bid to avoid extradition to the United States.
Check back tomorrow for the last section of the year.