Thursday, July 3, 2008

Have you being Hacked before?

Have you being hacked before? Of course I don't meant to be you, it can be your personal computer or web site.

There are a lot of hacking cases happened lately, among the hottest one were Prime Minister office (during fuel price hike on early of June), and Malaysia Today (being hacked on yesterday). Even though the hackers only tried to make fun of them, it was sufficient to make the web site interrupted and inaccessible.

Anyway, since I'm working in IT field for 7 years, I did experience a few hacking cases before. Among all the cases, one of them impressed me the most.

I once worked with a telco company in few years back. I was one of the IT administrators who managed uses and access list of the servers. If there is new IT staff coming in, I'm require to add them into the user database in the server which they need to access.

There are too many hacking tools available to download from the Internet nowadays.

One day a new admin came in and I was requested to add his user account into the web proxy servers. Basically proxy server is to serve the client (PC) requests by forwarding request to other server. So the web proxy is to focus on web (http) traffic only, like what we browse normally.

The new admin will needs to change his password immediately after receive the newly assigned password. Unfortunately he didn't bother about it and omit the corporate password policy. After a week, the nightmare came to us. Yes, the web proxy servers are being hacked during the midnight! The hacker, called himself as Mr.Z, was hacked into the proxy servers and utilizing the protocols to redirect all the web traffics to a web page describing his dissatisfaction on the network security in this country.

Google hacking was very happening among hackers since few years back.

After thorough examination, we realized Mr.Z was using a particular user account to break into the proxy servers via another server in the same network. Due to one of the network administrators culprit, Mr.Z managed to find one of the servers are open to access, by just guessing the password. This server was opened by network admin to do testing overnight. Mr.Z also installed rootkits and left backdoor in some of the servers.

In computer term, backdoor is a hidden method to bypass authentication systems

Due to the culprit and lack of responsibility from the administrators, the telco company paid the price of being hacked. We reported police for this incident, and the proxy servers are terminated and brought back to IT security department for further examination.

After the incident, the management also spent more than a Million to implement a series of security policy and prevention, such as host-based Intrusion Prevention System (IPS), SecurID token, enforcing change of password every 2 weeks, tighten access list to limited IP address etc.

Hackers are hacking for money instead of own interests nowadays.

Awareness and prevention on hacking are always important for every online users, and require among IT professionals and security analysts. Perhaps EC-Council Academy able to play a significant role to educate us more via workshops.

2 workshops are offering by EC-Countil Academy this month.

International Council of Electronic Commerce Consultants (EC-Council) is a member supported professional organization by supporting and enhancing individuals and organizations who doing e-Business solutions. It is organizing Complimentary Workshop on Cybersecurity this month, date to be confirmed. Further detail can be found here. So you can try register now if you are interested. Be quick as it is only limit to 25 seats per workshop.

Other than that, can we try to hack some hatred bloggers web sites? Don't play play man!

No comments:

Copyright 2009 Ekimkee. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan