Linux Australia, the open source and free software user
group announced that attendees’ personal information of two conferences was
leaked, which may have included first and last name, postal and email
addresses, phone numbers and hashed passwords. Joshua Hesketh, president of
Linux Australia, strongly advised those who registered for the group’s Linux
conference over the last three years and for Pycon Australia in 2013 and 2014
should change the registration password. Michael Robinson, program director,
cyber forensics at Baltimore’s Stevenson University, who have read the
investigation analysis report of this investigation provided some suggestions
for event organizers on better protecting their attendees’ information
Be cautious about risky links
In this case, hackers unauthorizedly accessed to one of
their servers through a malware. Robinson said that it’s more likely that an
end user (may be anyone including a conference planner, registration assistant,
systems administrator or accountant without a defensive computer) who had
already connected to the network was duped to open an innocent link either from
the Internet or an email and hence he unintendedly released the malware which
laterally grant hackers an access to the server with all attendees’ data. What
make Linux Australia vulnerable was that the attendees’ data from all
conferences were all stored on one central server. If the server was
compromised, all attendees from all of their conferences would be affected for
several years.
Problem still exists even the server is taken offline
So far there isn’t a clear and effective improvement
initiative for these type of attacks. In the report of Linux Australia, they
decommissioned the hacked server, strengthened the security on the new one and
installed several monitoring tools. Besides, in the future they will archive
the conferences websites six months after a conference concludes and keep them
on a separate server while delete them from the event management software.
However, as far as Robinson is concerned, all that may be not enough. He
explained that when a system get infected, the help desk will come along and
make that one server offline. Nevertheless, if the hacker bypassed through the
network, even the server is taken offline doesn’t solve the problem, since the
hacker is still in the network and he can jump to another server and also hack
that one.
Attackers target at conferences
Nowadays events like international conferences and seminars have
been treated as attackers’ new target. As event professionals we should be
aware of how hackers may ruin the whole conferences. Wireless jammers can
interrupt the network on site and related equipment. Hackers can download
registrant information from personalized registration kiosk onto USB. Take it
as an example they only need to spend $150 to buy a routers which can “steal”
data from users’ devices. An IMSI-catcher can intercept cell phone data and
“spy” on conference-goers. What’s worse, they use fake website to intercept
registrant information which including their credit card numbers. And most
importantly, social hacktivists always have the skill to “destroy evidence” to
deny what they did.
Some simple remedies
Event organizers normally are not professional to solve the
hacker problems but some of the organizers choose to work with professional
experts in order to build a safeguard system for protecting their attendees’
personal accounts and passwords, meanwhile optimize the event process. What’s
more, there are other measures that organizers can instruct IT to isolate and
encrypt the registrant database and training end users to avoid clicking on
links of any kind unless they are absolutely sure of the source because “End
users are the biggest threat to network security.” Information security is a
very serious issue for every event since it links with the organizer’s reputation.
Hackers may cause attendees’ confidence loss and a potential drop in future
attendance. So it is a must, it is the lifeblood.
Recommendations
Concerning to the security of database system, we suggest
that database system should include physical integrity protection of government
information, which makes sure it can against the destruction such as fire,
flood, power suck etc. Also, we suggest to optimize the modification function
of the information system. Since sometimes one part which is modified always easily
affects other parts. Third, we should make sure the accuracy of each element.
What's more, in terms of the user friendly, availability is crucial since it
refers to allowing user visit the database and authorizing them to access the
data. In addition, we suggest to optimize user authentication, to ensure that
every user can be identified properly when they visit the data, by using some
new technologies to block illegal users and protect information security. Last
but not least, keep tracking who has visited the database would also be a
necessary practice to optimize the database security.
Sources:
[1]http://www.eventtechbrief.com/page.cfm/action=library/libID=3/libEntryID=72/listID=1
[2]http://www.csoonline.com/article/2906653/data-breach/linux-australia-breached-personal-details-leaked.html
No comments:
Post a Comment