To conclude our lookback at 2009, over the next three days I will be looking at what made the headlines on the SC Magazine website.
So today it is January through to the end of April. When people first arrived back in the office they were warned of a ‘spamalanche' by Expert Messaging that would leave the average employee with 450 emails and heavy users with up to 3,000 messages to open, with 70 per cent of the messages spam or unwanted email. Perhaps among them was an HMRC tax rebate scam which was described as ‘prolific' by many security commentators and the former revenue, and gave an early warning on phishing campaigns in 2009.
The first report of Downadup/Conficker (whichever you prefer) came on the 19th January when F-Secure claimed that the total calculation was 8,976,038 infections worldwide and 353,495 unique IP addresses, which it claimed ‘is not getting better, it is getting worse'.
Two days after this, the Heartland incident set a precedent for data loss over the course of the year, when ‘unknown intruders had broken into its systems sometime last year and planted malicious software to steal card data carried on the company's networks'. This led to calls for companies to secure on all fronts and Heartland's founder, chairman and chief executive officer Robert Carr, calling for better information sharing.
Staying with data loss, on the 26th January, the Home Office was described as having a ‘lucky escape' over the PA Consulting incident, where the contractor lost an unencrypted memory stick containing the sensitive personal information of thousands of people in 2008.
The Digital Britain report got its first mention on the 12th February when it was described ‘as a failure that only benefits the music industry' by FAST, sparking a year long parade of criticism. Another area that has seen criticism levelled over the past 12 months has been Facebook's privacy settings, the first changes were reported on the 17th February and a climbdown was reported the following day.
Also in legal news, the first of many stories regarding the extradition of Gary McKinnon appeared on the 26th February, while in product news the software blade architecture was launched on the 25th February and the first two-factor authentication application for the Apple iPhone was introduced the following day.
The first talk of a Conficker ‘activation' began on the 9th March with claims that it a second attack was imminent, this was followed by huge speculation after Arbor Network's Jose Nazario warned that the 1st April ‘attack' should be taken seriously. In the end not a lot happened on the day or on the following days, however by the 9th April Trend Micro detected variant ‘E' that utilises peer to peer file-sharing.
Moving back to March, the BBC botnet experiment led to days of speculation on its legality, while internet inventor Sir Tim Berners-Lee warned against the collection of users' data by commercial organisations, leading to major web organisations opting out of the Phorm system on the 25th March.
Amazon and Google also joined Microsoft in rejecting the open cloud manifesto while Google's Street View was undoubtedly among technology's finest inventions in 2009, not everyone felt the same which led to Privacy International claiming that it violated the Data Protection Act, a view rejected by the Information Commissioner's Office on the 24th April.
There were several compromise incidents at the end of April; former Beatle Sir Paul McCartney had his website hit on the 8th April, the Home Office was hit by a malicious link that led to a Japanese adult site while the Mikeyy cross-site scripting worm hit Twitter.
At the end of April we all headed off RSA San Francisco and the InfoSec exhibition in London, where we announced the winners of the 2009 SC Magazine awards.
So that was the first four months, check back over the next two days for the rest of the year.