One of the latest massive hack attacks has hit not one, but three major companies in recent weeks. The attack is believed to have come from an Eastern European hacker gang, and was apparently launched to target software vulnerabilities with the goal of stealing company secrets and users’ personal information which could be sold on the black market. The software vulnerabilities were in fact due to a well-known security hole in Oracle’s Java software.
Let’s take a quick look at each attack:
Facebook engineers were the target here. They quickly discovered that hackers had infiltrated one of their mobile developer’s sites and had infected it with malware exploiting a security flaw. This new type of attack is known as a “Waterhole attack’’ – much like a predator lying in wait by a waterhole, you’re not sure what type of prey you’ll get, but you’re pretty sure you’ll get something.
Facebook responded quickly and the site was immediately contained by the Facebook security team and then turned over to Federal Law Enforcement officials.
Apple’s employees were also the target in a similar attack, reportedly launched by the same cybercriminal organization. Apple is saying that they don’t believe any data left the company, meaning users shouldn’t be affected, and that the infected areas were immediately isolated from the network. An update is available for those of you that are Mac users.
So far, it seems that Twitter has been affected the most by the similar hack attack it was the target of. Twitter released a statement saying that hackers are likely to have gained access to “limited user information.” In other words, they’re not sure what the hack attack gang got, but it’s likely that they got their hands on lots of usernames, email addresses and encrypted versions of passwords. You can find out if you have been affected by logging in to your Twitter account; if you’re unable to log in, you were hacked and Twitter has reset your password.
The fact that these companies went public with their hacks, along with many others that were also affected shows just how serious these types of hacks are. The fact that Apple, typically tight-lipped about security, also chose to open up about this attack, means that education and teamwork are what’s needed to thwart issues around internet security.
How can you protect your internet security?
- Change your password regularly and don’t use the same password for any two sites
- Make sure you have a reliable security suite downloaded to protect your device. BullGuard has a great range of security solutions to offer for PCs and mobile devices that will more than meet your needs.
- Block Java when not using it. Check out this blog to find out how and why.
- Stay educated. You can do that by subscribing to the BullGuard blog!