Lulz Sec Strikes Again, Targets Fbi Affiliate

By Author: eccuni
Total Articles: 211
Comment this article

Recently, InfraGard, an affiliate of Federal Bureau of Investigation (FBI) suffered security breach. Intruders were allegedly successful in stealing around 180 passwords of members of the affiliate's Atlanta Chapter. The extracted passwords reportedly include those from the U.S army, cyber security companies and leading communication companies. Lulz Sec, which has been in the news for intruding into the servers of PBS, Sony Pictures and Nintendo, has claimed responsibility for the latest attack. Infrared, is a public-private partnership (PPP) that shares data regarding security threats to physical and Internet infrastructure in the United States (U.S). Information security professionals of the organization have temporarily disabled the website, and are investigating the incident. Ironically, the attack comes just days after U.S government announced that it may consider cyber-attack as an act of war. The group has also claimed that it has extracted the login credentials of personal and work e-mails of Chief Executive Officer (CEO) of Unveillance, a botnet monitoring company.

Regular scrutiny of the websites and IT infrastructure ...
... is crucial to detecting threat vectors and initiating remedial action. Professionals qualified in computer science degree and IT security may help companies in proactive assessment of security scenario, making appropriate changes in the IT policy and strengthening the IT infrastructure.

Cyber-attackers are actively engaged in identifying and exploiting security loopholes. Frequent attacks and leakage of sensitive information not only compromises privacy of the affected individuals, but also make them vulnerable to various types of malicious attacks, identity theft and fraud. Leakage of sensitive military and defense information can also compromise the security of the target country. As such, it is important for security professionals to update themselves on latest developments through online university degree programs and IT security certifications, and make informed security decisions.

Employees continue to be one of the weakest links in the security chain. Attackers take advantage of negligence and lack of security awareness to launch social engineering attacks targeting employees, extract sensitive information and initiate further sophisticated attacks on company networks. Cyber-attackers also leverage the growing use of social media sites for business promotion purposes, professional networking to extract sensitive information and launch targeted attacks such as spear-phishing attacks. As such, it is important for employees to be aware of the latest security threats. Security awareness training programs can enable employees to understand and adopt best practices in online security such as password management, precautions while using social media sites, data security, and incident management practices. Employees may also take advantage of e-tutorials, online degree and e-learning programs to gain understanding of security fundamentals.

Security breach incidents have severe implications such as negative publicity, huge financial expenditure, leakage of business strategy and loss of productive business hours. As such, companies must place high emphasis on IT security. They must periodically review the security practices identify areas of concern. They must also make appropriate changes to security policies and practices in accordance with the latest threats. Proactive approach is crucial to strengthen the defenses of the Internet infrastructure, and avoid exploitation of security breach incidents.