When out-of-date code causes chaos

A report from the US Congress has revealed that credit agency Equifax’s 2017 network breach, which affected 143 million people, was not spotted because of an expired software certificate.

In December 2018, mobile operator O2 blamed a similar issue for causing a network blackout which affected the UK.

But what is a digital certificate and why do they expire?
And will similar administrative errors continue to dog the industry and cause widespread havoc?

What is a digital certificate?
Software in crucial equipment such as web servers will have certificates. Digital certificates are basically small pieces of code created by using sophisticated mathematics that ensure that communication between devices or websites are sent in an encrypted manner, and are therefore secure. They play an essential role in keeping IT infrastructure up and running safely and are issued by certificate authorities, who electronically vouch that the certificates are genuine. When issued, these certificates are given an expiration date of anything between a few months and several years.

Digital certificates are issued for a variety of software that encrypts communications, including those embedded in hardware. In O2’s case it seems that a certificate linked to network equipment installed by Ericsson was the weak link. O2 4G data network restored after day-long outage.

Equifax says almost 400,000 Britons hit in data breach. Equifax’s certificate was linked to crucial software that monitored the network for suspicious traffic, meaning the hackers were not spotted in time.
While some think that the reason they expire is to allow the authorities to keep charging for renewals, there are some valid reasons why they need to be regularly updated – including changing technology, new vulnerabilities to encryption and the ownership of the certificate changing hands.

What went wrong?
In O2’s case, the certificate reached its expiry date, which in turn meant that when different parts of the network attempted to communicate securely, they no longer trusted each other and refused to connect.

The details about what caused O2’s network to fail have not yet been made public but commentators are speculating.

“So, imagine it was a web server certificate that failed. Suddenly it would have tried to make a secure connection with another piece of equipment which would have replied, ‘no, I can’t trust you’ and rejected it,” said Prof Alan Woodward, a computer scientist from University of Surrey.

“Some of this equipment is 10 years old and the programmer may have put in a certificate with a 10-year shelf life, thinking ‘this will last’.”

In the worst-case scenario, someone would have to physically go to the affected equipment, whether it be a web server or a phone mast, to put a new certificate on it.

“I can’t imagine how many bits of equipment needed a manual update,” said Prof Woodward.

In Equifax’s case, the certificate in question was linked to software which monitored the network for suspicious traffic and had expired 19 months ahead of the breach.

“That means that they weren’t monitoring their network for hackers for a long time and I think they will come in for a lot of criticism for that,” said Prof Woodward.

Are there likely to be more failures?
Companies need to set themselves reminders to update digital certificates, say experts. There are billions of certificates in circulation and, with the internet of things flourishing and connecting ever more devices to the web, more are needed each day.

What is needed is a mechanism to make sure they are renewed when necessary, said Tim Callan, a senior fellow at certificate issuer Sectigo.

“As business becomes digital in increasingly complex and ubiquitous ways, all enterprises need to protect themselves from repeating this disastrous outcome. A best practice in so doing is to automate the discovery, monitoring, and renewal of certificates of all types.

“The proliferation of certificates and ever-increasing complexity of IT infrastructure has made it more and more challenging for IT professionals to stay on top of this component of their networks.”

Source: BBC News – Technology – Jane Wakefield

Four Business Continuity Planning Essentials

Data is essential for all types of organisations today, so ensuring access to mission critical applications and data following a disaster is critical. However, business continuity and disaster preparedness are about so much more than that. In other words, you might have important apps up and running somewhere, but that doesn’t matter if your office is underwater and your employees are at home without power. You need to consider the business as a whole in order to satisfy your customers needs following a disaster event.

The first step for many businesses is to conduct a business impact analysis (BIA). Detailed instruction on conducting a BIA is outside the scope of this post, but the point is to:

1) Identify potential events that could negatively impact normal business operations,
2) Calculate the likelihood that each event may occur, and
3) Quantify the impact that the event could have on your business.

For example, if your data centre is near a body of water on low lying land, a flood is a possible event; its likelihood is high (during winter); and your business could be negatively impacted in a big way if downtime is significant. There are a wide variety of threats to any business ranging from natural disasters to security breaches to random accidents—a leaky pipe can have the same impact as a flood if it’s directly above a critical server.

Once you have that stuff sorted, you can move on to crafting specific plans for risk mitigation, disaster response and continuity of operations. In this post, you will learn four distinct but interconnected business continuity planning essentials.

1. Ensure employee well-being
Communication during and following an emergency presents a variety of challenges. So, crafting an employee safety and communication plan that works is absolutely essential. The specifics will vary widely from company to company, but your emergency safety and communication plan must address the following:

i) How the company will ensure employees are safe during a disaster event; and
ii) How it will communicate essential information to employees following the event.

The first part will depend heavily on the nature and location of your business. Safety planning for a large manufacturing facility will obviously be very different than for a small estate agents’ office, for example. Because of this, it’s very difficult to provide specific best practices for this part of your BC/DR plan. However, the key is to match your safety plan to the specific needs of your organisation.

For the second part, you will need to first gather a variety of information and make sure that it is well documented, easily accessible and stored in a number of secure locations. This should include up-to-date employee contact information (email, mobile and home phone numbers, emergency contact information, etc.). It should also include a methodology for contacting employees.

Effective communication
Obviously, email is the easiest way to reach a large group of employees, but if your company’s email server is down, you are out of luck. Some businesses employ redundant Exchange servers or cloud-based services to ensure email access. Of course, if you are without Internet access entirely, you’ll need an alternative.

A call tree, sometimes referred to a phone tree, call list, phone chain or text chain, is another popular method for distributing important information to employees during and following an event. Here’s how it works. A predetermined employee initiates the call chain with a call to the next person on the chain. That employee contacts the next person on the list and the chain continues until everyone on the call tree has been reached. Other companies may automate emergency calls with purpose-built communications software/services.

Regardless of the methods you use to distribute information to your employees, your emergency communications plan should provide enough detail that it can be carried out if the plan’s creator is not available following the event (e.g. due to injury or impassable roads). Your plan should also be flexible enough to accommodate for a variety of potential emergency situations. The response to a fire in your facility during working hours will be very different from communications following the widespread distribution of a defective product, for example. Emergency communications should be brief and as accurate as possible. Depending on the structure of your organisation, you may want to keep managers updated, allowing them to pass on information to direct reports on a “need-to-know” basis. Again, the specifics of your business will dictate the correct approach.

Finally, it is essential to test and update the communications plan periodically. Testing will identify gaps in the plan such as out-of-date employee lists or contact information.

2. Keep customers in the loop
Managing customer relationships is obviously critical to the ongoing success of your business. As such, it is important to craft a plan for distributing information to your customers during and following a disaster event. The scope of your customer communications plan will vary widely depending on the nature of your business.

Obviously, not every glitch in operations will merit reaching out to your customers. However, if an event occurs that is likely to impact them, it is essential to communicate the details of the issue and explain the steps you are taking to mitigate it. This might mean direct communication to your customers, but it could also mean messaging via traditional and social media. Failure to do so can have a negative impact on the reputation of your organisation.

Take the way Toyota responded to reports of self-accelerating vehicles back in 2009-2010 as an example. Instead of acknowledging the issue and assuring customers that the company was investigating the problem, the company opted to cite user error in a classic example of blaming the victim. The problem was eventually pinned on floor mats, gas pedal design and faulty electronics; and although Toyota spent billions to replace accelerator components, their initial response created distrust among customers.

You will also need to handle a wide array of incoming communications following a disruption. Depending on the nature of your business this could mean: support requests, high volumes of email and phone traffic, social media activity from frustrated customers, media interest—the list goes on and on. Your organisation’s ability to respond to customer needs following an event will have a direct impact on reputation.

Protect your rep
So, how do you keep your good reputation intact? It comes down to careful preparation. First, you must be prepared from a personnel standpoint. Carefully planning communications with customers is essential. You will need to be able to respond quickly and clearly explain the steps you are taking to resolve issues.

All customer-facing staffers should be briefed and ready to deliver a clear and consistent message. You may want to consider using script templates, which can be adapted to address various events. Pre-scripted messages can be developed, approved by management and quickly distributed to customers following a disruption.

You also need to ensure access to communication infrastructure (phone, email, Internet access). This might mean redundant phone lines/services, hosted PBX systems, cloud-based email or redundant Exchange servers, etc. Larger businesses may need to invest in a secondary contact centre to manage inbound and outbound communications. There are a number of vendors that offer call centre services, temporary workspaces and even mobile data centres.

Testing or rehearsing all or parts of your customer communications plan should be considered essential as well. Testing is the best way to identify and resolve customer support weaknesses and communication infrastructure issues.

3. Enable IT uptime
To understand the IT piece of disaster recovery and business continuity today, it helps to look at the not-so-distant past. It really wasn’t very long ago that backup meant daily incremental and weekly full backups to tape or a dedicated disk backup target. Duplicate tape copies were created and shipped offsite for disaster recovery—typically to a secondary site maintained by the
business or to a tape vaulting facility (e.g. Iron Mountain). Many businesses continue to use this model today, and depending on your recovery needs it may be perfectly adequate.

However, disaster recovery from offsite tape can be painfully slow. First, you need to retrieve the tapes from an offsite location. Once they are back on premises, you must ingest data to your backup server. At that point, you can restore data and applications to your primary servers. This, of course, means considerable downtime.

When creating an IT disaster recovery plan, it’s important to understand two concepts: recovery time objective (RTO) and recovery point objective (RPO). RTO is the amount of time that it takes to get a system restored following a failure or disaster event. So given the example above, your RTO might amount to 48 hours or more. RPO is the point in time to which data can be restored following the event. So, if you performed a backup at 6pm each night and a server failed at 5pm the following afternoon, your RPO would be 23 hours and any data created during that span would be lost. For many organisations this was unacceptable.

So, rather than relying on tape for disaster recovery, some organisations replicated data to a secondary site that mirrored their data centre for DR. However, this approach historically required a massive investment in hardware, because it required two sets of identical servers, storage, switches, software etc. Not to mention a secondary data centre facility. Remote replication allows users to fail over operations to a secondary site in the event of a disaster, which improves RTO, but is well out of the reach of most businesses financially.

Recovery-in-place and DRaaS
Advances in virtual server backup and cloud computing changed all of that. Today, users can run applications from image-based backups of virtual machines. This capability is commonly referred to as “recovery-in-place” or “instant recovery.” Recovery-in-place dramatically improves RTO because operations can continue while primary servers are being restored. RPO is reduced as well—snapshot-based, incremental backups at 15 minute intervals are a common practice. Virtual machine images can also be replicated to an alternate site or cloud for disaster recovery.

There are a number of ways to implement this type of system. Many backup software products today have the ability perform these tasks. If your current backup software supports it, you can set it up yourself. If you are relying on an older backup software product or you are starting from scratch, you might opt to outsource these tasks. In this model, an appliance is typically placed on premises for local backup and recovery and data is replicated to the cloud for disaster recovery. Recovery-in-place technology allows you to run applications from the onsite appliance or from the cloud following an outage or disaster. This is commonly referred to as “cloud disaster recovery” or “disaster recovery as a service” (DRaaS). Recovery-in-place dramatically improves RTO because operations can continue while primary servers are restored

Users typically pay a monthly subscription fee based on the amount of data they are storing in the cloud. Some services charge additional fees for the processing power necessary to run applications in the cloud during disaster recovery. Compare that with the facilities, staff and technology expenses associated with setting up a secondary data centre and the value of recovery-in-place and DRaaS is apparent.

Testing IT disaster recovery plans is essential. Historically, this was a difficult and potentially risky process. Today’s technologies and services have greatly eased the testing process. Because of the ease in which virtual servers can be created, users can set up DR test environments without the risk of harming production systems. Some DRaaS providers will even perform DR testing for
their clients.

4. Keep business moving
As noted above, many organisations today have limited tolerance for application downtime. If your employees or customers do not have access to essential applications and data, there will be a direct impact on productivity and revenue. While this sounds obvious, many organisations do not consider the actual costs of downtime for a business. To better understand the cost of downtime, consider the following example…

Let’s say your business has 100 employees and on a typical day average hourly revenue is £1,500. In order to perform daily tasks, staff need access to email, a large database and a variety of file-based data. Let’s say the sum of this data amounts to 2 TB and you perform an on-premises incremental backup at 6pm each day which is also copied to a cloud backup service.

Given these parameters, a full restore from a local backup would take 8 and a half hours and downtime would cost your organisation £34,000 in lost revenue. When you look at restoring 2 TB from a cloud backup following a disaster, the picture gets considerably more bleak. To restore that same 2 TB over the Internet from a cloud service it would take 6 days, 9 hours and 42 minutes and
the cost to your to your business in lost revenue would be £614,800. Obviously, these numbers will vary widely from business to business, but this example clearly illustrates the importance of being able to continue operations while primary servers and storage are being restored.

Continuity of operations
Application downtime is, of course, just one factor that can impact your bottom line. Again, there are a broad spectrum of possible considerations depending on the size and type of your organisation. However, there are a variety of examples that apply to many businesses.

Insurance is an important factor in your recovery effort. For example, let’s say your business has numerous warehouses full of goods awaiting distribution at any given time. The cost to replace goods in the event of a fire or flood could be massive and severely impact your ability to continue operations. So, it is obviously essential to select the proper insurance coverage for your business’ specific needs. Beyond that, it is also critical to document all insurance information including plan numbers/login information, the process for filing claims, etc.

Every business will need to identify employees critical to therecovery process. This might mean executives, department managers and IT staff. Whatever the structure of your business, you will need to define business continuity roles and responsibilities. It is also important to cross-train staffers on essential tasks, in case a critical employee is unavailable following the event.

It is critical to evaluate the facility or facilities in which your business operates. Considerations might include but are not limited to:
• Appropriate fire suppression systems
• Generators capable of powering essential equipment
• Uninterruptible power supply systems for critical servers
• Surge protection systems
• Alarm/intercom systems to alert employees of emergencies

It is important to consider dependencies within and especially outside of your organisation. Let’s say you are in the business of manufacturing medical devices. You might source parts from a variety of vendors—possibly worldwide. Let’s say one such vendor suffers a flood or fire and production comes to a halt. This could limit access to the raw materials you need, directly impacting your ability to continue operations. Your business continuity plan should offer solutions to mitigate these issues—for example, identifying multiple suppliers or stockpiling large numbers of essential parts.

Disaster recovery and business continuity planning should be considered a critical aspect of running a business. However, many organisations disregard it completely. Others have some kind of plan in place, but fail to grasp how time consuming the recovery process can be and the the associated cost of downtime. The good news is that today’s data protection technologies and services have greatly improved the IT piece of the business continuity puzzle. There are a wide array of options in the market today at different price points, which enables you to select a product or service tailored to your specific business needs.

As you may have noticed, testing your plans has come up throughout this post. The importance of testing business continuity/disaster recovery plans can not be understated. Testing is the only way to reveal gaps in your plans and address them proactively—not while you are frantically trying to pull the pieces back together after heavy rains deposited a foot of water in your reception.

iPhone XS, XS Max and XR : Apple Watch gets a major update

Apple on held its annual mobile device pageant at its Steve Jobs Theater in Cupertino to acquaint the fascinated with its latest fondleslabs, phones and wrist wraps.

Despite the secrecy – which failed after developer Steve Troughton-Smith found Apple’s products listed in an XML file on the company’s website – and the ritual surrounding the serial “Special Event,” it all played out pretty much as predicted.

“Today we’re going to take iPhone 10 to the next level,” declared Apple CEO Tim Cook, not long after COO Jeff Williams, gushing about the Apple Watch, said, “We’re taking Apple Watch to the next level.”

Huge handsets
Apple doubled down on its notched iPhone X bet by introducing two follow-on families: The iPhone XS, which has a beefier sibling dubbed the iPhone XS Max, and the iPhone XR, a slightly more modest alternative.

The company has also doubled the number of mobile accounts its iPhones can support, for those who want stereo mobile carrier bills. Thanks to Apple’s implementation of eSIM technology (called Dual Sim), the XS and XR models can accommodate two distinct phone numbers from different carriers on the same device, a capability supported under Google’s Android operating system for a while.

The internet has already taken to calling Apple’s flashy flagship device the “iPhone Excess,” sparing would-be wags the need to call out the device’s one-grand plus pricing.

The spec dump follows:

iPhone XR
Screen: 6.1-inch LCD
Storage: 64GB, 128GB, 256GB, and RAM: 3GB
Rear Camera: Single 12MP (f/1.8, OIS)
Colors: white, black, blue, yellow, coral and (PRODUCT)RED

iPhone XS
Screen: 5.8-inch OLED
Storage: 64GB, 256GB, 512GB, and RAM: 4GB
Rear Camera: Dual 12MP (f/1.8, 1.4µm, OIS/f/2.4, 1.0µm OIS 2X)
Colors: space gray, silver and gold

iPhone XS Max
Screen: 6.5-inch OLED
Storage: 64GB, 256GB, 512GB, and RAM: 4GB
Camera: Dual 12MP (f/1.8, 1.4µm, OIS/f/2.4, 1.0µm OIS 2X)
Colors: space gray, silver and gold

Chips go bionic
The XS and XR lines feature a 7nm Arm-compatible Apple A12 Bionic chip, which is capable of five trillion “operations” per second, rather a tad more than A11’s 600 billion operations per second. Its Neural Engine has been tuned to handle Apple’s Core ML code, which the company claims runs 9x faster than it does on its A11 chip with as little as 1/10 the energy.

The A12’s Fusion architecture includes two performance CPU cores that, Apple says, are 15 per cent faster and 40 per cent less demanding of power. The chip also has four efficiency cores that use 50 per cent less power. And it includes an eight core Neural Engine that’s designed to accelerate machine learning.

The chip also appears to support pointer authentication, a feature Arm introduced to its Armv8.3-A architecture last year to defend software from security bug exploits.

The XS Max is rather substantial, as if it aspired to be an iPad but bailed before the steroids took hold. Its screen is larger than the 6.4-inch Samsung Galaxy Note 9.

Apple’s XS phones boast an IP68 rating for water and dust resistance, so they should be able to survive being dunked to a depth of two meters for 30 minutes. The XR only gets IP67, signifying that it can withstand a one-meter diving expedition for the same period of time.

The XS camera includes a feature called Smart HDR, which takes a series of exposures with any snapshot to deliver optimal exposure. The device’s Portrait mode now includes depth control, allowing image depth of field to be adjusted after capture.

All three iPhones run on iOS 12, coming September 17. Cook also let on that macOS Mojave is coming September 24th.

One off the wrist
The Apple Watch received an update, one that should be well received thanks to meaningful new capabilities.

“Apple Watch is really redefining what a watch can do for you,” said Cook.

The Apple Watch Series 4 comes in 40mm and 44mm and features a larger display screen, a louder speaker, and a mic that has been moved away from the speaker for less phone call echo. Battery life is said to be about 18 hours or 6 hours of constant usage with GPS tracking turned on.

It’s based on Apple’s S4 chip, which the company claims is 2x faster than its predecessor and capable of sampling motion eight times faster.

This accelerated data capture capability allows support for fall detection, something that will make Series 4 watches particularly useful for elders or anyone else who’d benefit from health-oriented oversight. Apple’s wrist thing will even make an automatic emergency services call if a wearer who falls remains motionless for one minute.

Williams said Apple studied falling with thousands of people to get its Watch falling algorithm right. We hope they’re okay.

“The new Watch Series 4 is a big step forward for moving further into connected health, and with the newly announced hardware improvements, Apple is well positioned to continue dominating smartwatch sales,” said Vincent Thielke, a research analyst with Canalys, in an email to The Register, suggesting the health capabilities will expand the device’s appeal.

“These [health-oriented] features will be particularly relevant and useful for older consumers, although the push may come from their adult children rather than from the senior demographic themselves.”

Further enhancing its utility as a health device, the Series 4 includes an electrode in its dial – which Apple rather grandly calls the Digital Crown – making it capable of electrocardiogram measurement with Apple’s new heart-monitoring ECG app.

“This is the first ECG product offered over the counter to consumers,” Williams claimed. US medical drug watchdog the FDA warns people not to replace their doctor with the gizmo.

The Series 4 will also notify wearers if their heart rate is too low or if atrial fibrillation is detected.

Ivor Benjamin, president of American Heart Association, was invited on stage and called the device’s ability to capture real-time heart data “game-changing.”

That’s a significant improvement from “next level.”

Source: Thomas Claburn

Cyber-attack! Would your firm handle it better than this?

What’s it like being the victim of a live cyber-attack? What should you do to protect your company from further damage? And should you pay that ransom demand? Technology of Business eavesdropped on a “war games” exercise hosted by cyber security firm Forcepoint that was based on lots of real-life experiences.

IT staff at fictional High Street optician Blink Wink’s head office have been suckered by a phishing email. Someone clicked on a link to a spoof website because they thought the email looked legitimate. It wasn’t. That was two months ago. Today, the proverbial hits the fan…

Tuesday 08:30
Tony Lewis, Blink Wink’s IT administrator, starts his day clearing out the company’s public email inbox of the usual junk and spam. One message stands out. His stomach lurches.
“I have more where this came from. We will be in touch shortly with our demands,” the text says below someone’s name, credit card details and email address.
Tony hopes it’s a hoax, but can’t take the risk. He swallows hard and calls the firm’s security officer, Doug Hughes. Doug isn’t impressed as he’s on holiday in New York where it’s 3:30am.
“This better be good,” he growls. Tony forwards the suspect email.
“Have we validated the credit card number?” Doug asks, tension evident in his voice now. “Is it one of our customers?”
“I don’t know yet,” admits Tony.

“Well, when did we get this?” Doug snaps.
“Um… well… it seems we got it yesterday just after I’d left work, so I didn’t notice it until this morning.”
“So we’re at least 12 hours into this?”
“Um, yeah,” Tony mumbles sheepishly.

Tuesday 13:30
“We’ve got a second email,” Tony tells Doug. “It’s a ransom demand for £15,000 in the Litecoin crypto-currency. We have to pay by 22:00 BST or they’ll delete all our customer records.”
“What?” shouts Doug. “I thought they only had one?”
“Um, no. They claim to have them all.”
In a sweat, Doug calls Blink Wink’s legal counsel Grace Bolton for advice. She has to dial in several times as her headset is malfunctioning. Her voice keeps cutting out during the conversation.
“This is obviously a potential breach,” she says. “So do not respond to that message. I’ll need to review existing legislation so we know where we stand.”
“What about the police?” asks Doug, his romantic city break now thoroughly ruined. “And the Information Commissioner? What about GDPR, who do we notify?”

Tuesday 15:30
Things are spiralling out of control for Blink Wink. The hackers have posted a tranche of customer names and credit card numbers on Pastebin, a public website for sharing text and source code.
Doug has now confirmed that the data is genuine.
“Shouldn’t we shut down the website?” asks Tony. “Then we’ll limit the risk.”
Grace butts in. “Before we do that, who do we need to tell first? What’s our data breach policy?”
“I thought that came from legal,” says Doug.
“Aren’t you the data protection officer?” Grace asks Tony.
“Nope, not me…”

“God, is it me?” asks Doug despairingly. “Anyway, if we pull the website that’ll just draw attention to ourselves won’t it? Not sure that’s the right thing to do.”
“Me neither,” says Grace.
Blink Wink’s head of public relations, Sandra Ellis, has been looped in to the conversation.
“This isn’t looking good,” she says rather obviously. “We’ve failed to protect our customers’ private data. We could get really hammered for this.”
She points out that the firm has a “buy one get one free” contact lens promotion running at the moment.
“We’re driving people to the website right now. Are their details being stolen too?”
“Very possibly,” says Doug. “We’ve got to shut down the site – or parts of it anyway. And then we’ve got to decide whether to pay the ransom.”

Tuesday 17:00
Sandra Ellis has drafted a public statement but doesn’t propose releasing it to the media until people start asking questions.
“We’ll just say we are experiencing an incident and do it reactively,” she says.
“Not an incident – a breach,” Doug advises.
“No, don’t use the word ‘breach’ – not yet anyway,” chips in Grace, thinking of the legal ramifications. Tony bursts in on the conference call.
“We’ve found some malware! We saw an email come in that went to quarantine so we checked it out and it had an attachment. That could be it.”
“You didn’t click on it did you?” asks Doug, his day going from bad to worse.
“Um… I just thought it would speed things up…”
Doug swears and dips out of the call to get his security staff to check for any more damage.
Grace turns the conversation to informing the Information Commissioner’s Office.
“We can phone or report it online,” she tells them. “But we need to say what we did to mitigate the problem.”
“Well, we were meant to get the latest threat detection software last year, but the guy who was looking into that left and wasn’t replaced,” says Tony. “It kinda didn’t happen.”
“Well don’t tell the ICO that,” Grace barks. “If we can’t show we had adequate controls in place we could be in trouble. And the cyber-insurance people might not pay out either.”
Later, Doug confirms that the latest phishing email was a red herring, but informs the team: “They did find a phishing email sent two months ago that linked to a log-in page made to look like the one for our cloud provider. That’s how they got in.
“We’ve got to handle things better from now on,” Doug concludes. “This will happen again, and it’s only going to get worse.”

So what should Blink Wink have done?
Richard Ford, chief scientist at Forcepoint, says: “Reacting late has put Blink Wink on the back foot. You need to move quickly in these situations otherwise the attackers dictate the pace.
“A poor knowledge of data breach laws has made the company vulnerable. They clearly didn’t have a breach policy in place nor did they know who was responsible for each role or what they should be doing.”
Richard says the firm should have:
– prepared a data breach plan with step-by-step actions to take
– rehearsed this plan with staff
– designated who is responsible for what during a breach
– regularly circulated and updated the plan so senior staff were familiar with it
– notified third-parties and suppliers
– gathered evidence for the Information Commissioner to show how it has handled the issue
– called its cyber-insurance provider for advice and help
– prepared a statement for customers demonstrating how it would help deal with any damage
– refused to pay the ransom – there’s no guarantee they’d get their data back.

And if your firm is the victim of a data breach, cyber expert Troy Hunt says it should:
– identify where the demand/ransomware came from
– contain infected devices (get them offline)
– assess how many machines have been affected
– restore lost data from back-ups
– tell customers if their data has been compromised
– plan to make sure this doesn’t happen again.


Source: Mark Ward – Technology correspondent, BBC News
Images: Tom Humberstone and Getty Images

Timeline of computer security hacker history

The timeline of computer security hacker history covers important and noteworthy events in the history of security hacking and cracking.

1903 : Magician and inventor Nevil Maskelyne disrupts John Ambrose Fleming’s public demonstration of Guglielmo Marconi’s purportedly secure wireless telegraphy technology, sending insulting Morse code messages through the auditorium’s projector.

1932 : Polish cryptologists Marian Rejewski, Henryk Zygalski and Jerzy Różycki broke the Enigma machine code.
1939 : Alan Turing, Gordon Welchman and Harold Keen worked together to develop the Bombe (on the basis of Rejewski’s works on Bomba). The Enigma machine’s use of a reliably small key space makes it vulnerable to brute force.

1943 : René Carmille, comptroller general of the Vichy French Army, hacked the punched card system used by the Nazis to locate Jews.
1949 : The theory that underlies computer viruses was first made public in 1949, when computer pioneer John von Neumann presented a paper titled “Theory and Organization of Complicated Automata.” In the paper von Neumann speculated that computer programs could reproduce themselves.

1955 : At MIT, “hack” first came to mean fussing with machines. The minutes of an April, 1955, meeting of the Tech Model Railroad Club state that “Mr. Eccles requests that anyone working or hacking on the electrical system turn the power off to avoid fuse blowing.”
1957 : Joe “Joybubbles” Engressia, a blind seven-year-old boy with perfect pitch, discovered that whistling the fourth E above middle C (a frequency of 2600 Hz) would interfere with AT&T’s automated telephone systems, thereby inadvertently opening the door for phreaking.

Various phreaking boxes (devices used by phone phreaks to perform various functions normally reserved for operators and other telephone company employees. ) are used to interact with automated telephone systems.
1963 : The first ever reference to malicious hacking is ‘telephone hackers’ in MIT’s student newspaper, The Tech of hackers tying up the lines with Harvard, configuring the PDP-1 to make free calls, war dialling and accumulating large phone bills.
1965 : William D. Mathews from MIT found a vulnerability in a CTSS running on an IBM 7094. The standard text editor on the system was designed to be used by one user at a time, working in one directory, and so created a temporary file with a constant name for all instantiations of the editor. The flaw was discovered when two system programmers were editing at the same time and the temporary files for the message-of-the day and the password file became swapped, causing the contents of the system CTSS password file to display to any user logging into the system.
1967 : The first known incidence of network penetration hacking took place when members of a computer club at a suburban Chicago area high school were provided access to IBM’s APL network. In the Fall of 1967, IBM (through Science Research Associates) approached Evanston Township High School with the offer of four 2741 Selectric teletypewriter based terminals with dial-up modem connectivity to an experimental computer system which implemented an early version of the APL programming language. The APL network system was structured in Workspaces which were assigned to various clients using the system. Working independently, the students quickly learned the language and the system. They were free to explore the system, often using existing code available in public Workspaces as models for their own creations. Eventually, curiosity drove the students to explore the system’s wider context. This first informal network penetration effort was later acknowledged as helping harden the security of one of the first publicly accessible networks: “Science Research Associates undertook to write a full APL system for the IBM 1500. They modeled their system after APL/360, which had by that time been developed and seen substantial use inside of IBM, using code borrowed from MAT/1500 where possible. It is interesting to note that in their documentation they acknowledge their gratitude to “a number of high school students for their compulsion to bomb the system.” 30 This was an early example of a kind of sportive, but very effective, debugging that was often repeated in the evolution of APL systems.”

1971 : John T. Draper (later nicknamed Captain Crunch), his friend Joe Engressia, and blue box phone phreaking hit the news with an Esquire Magazine feature story.
1979 : Kevin Mitnick breaks into his first major computer system, the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software.

1980 : The FBI investigates a breach of security at National CSS. The New York Times, reporting on the incident in 1981, describes hackers as “technical experts; skilled, often young, computer programmers, who almost whimsically probe the defences of a computer system, searching out the limits and the possibilities of the machine. Despite their seemingly subversive role, hackers are a recognized asset in the computer industry, often highly prized” . The newspaper describes white hat activities as part of a “mischievous but perversely positive ‘hacker’ tradition”. When a National CSS employee revealed the existence of his password cracker, which he had used on customer accounts, the company chastised him not for writing the software but for not disclosing it sooner. The letter of reprimand stated that “The Company realizes the benefit to NCSS and in fact encourages the efforts of employees to identify security weaknesses to the VP, the directory, and other sensitive software in files”.
1981 : Chaos Computer Club forms in Germany. Ian Murphy aka Captain Zap, was the first cracker to be tried and convicted as a felon. Murphy broke into AT&T’s computers in 1981 and changed the internal clocks that metered billing rates. People were getting late-night discount rates when they called at midday. Of course, the bargain-seekers who waited until midnight to call long distance were hit with high bills.
1983 : The 414s break into 60 computer systems at institutions ranging from the Los Alamos National Laboratory to Manhattan’s Memorial Sloan-Kettering Cancer Center. The incident appeared as the cover story of Newsweek with the title “Beware: Hackers at play”. As a result, the U.S. House of Representatives held hearings on computer security and passed several laws.
The group KILOBAUD is formed in February, kicking off a series of other hacker groups which form soon after. The movie WarGames introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia of hackers and their supposed abilities to bring the world to a screeching halt by launching nuclear ICBMs. The U.S. House of Representatives begins hearings on computer security hacking. In his Turing Award lecture, Ken Thompson mentions “hacking” and describes a security exploit that he calls a “Trojan horse”.
1984 : Someone calling himself Lex Luthor founds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting “the best of the best”—until one of the most talented members called Phiber Optik feuded with Legion of Doomer Erik Bloodaxe and got ‘tossed out of the clubhouse’. Phiber’s friends formed a rival group, the Masters of Deception.
The Comprehensive Crime Control Act gives the Secret Service jurisdiction over computer fraud. Cult of the Dead Cow forms in Lubbock, Texas, and begins publishing its ezine. The hacker magazine 2600 begins regular publication, right when TAP was putting out its final issue. The editor of 2600, “Emmanuel Goldstein” (whose real name is Eric Corley), takes his handle from the leader of the resistance in George Orwell’s 1984. The publication provides tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores. The Chaos Communication Congress, the annual European hacker conference organised by the Chaos Computer Club, is held in Hamburg, Germany.  William Gibson’s groundbreaking science fiction novel Neuromancer, about “Case”, a futuristic computer hacker, is published. Considered the first major cyberpunk novel, it brought into hacker jargon such terms as “cyberspace”, “the matrix”, “simstim”, and “ICE”.
1985 : KILOBAUD is re-organized into The P.H.I.R.M., and begins sysopping hundreds of BBSs throughout the United States, Canada, and Europe. The online ‘zine Phrack is established. The Hacker’s Handbook is published in the UK. The FBI, Secret Service, Middlesex County NJ Prosecutor’s Office and various local law enforcement agencies execute seven search warrants concurrently across New Jersey on July 12, 1985, seizing equipment from BBS operators and users alike for “complicity in computer theft”, under a newly passed, and yet untested criminal statute. This is famously known as the Private Sector Bust, or the 2600 BBS Seizure, and implicated the Private Sector BBS sysop, Store Manager (also a BBS sysop), Beowulf, Red Barchetta, The Vampire, the NJ Hack Shack BBS sysop, and the Treasure Chest BBS sysop.
1986 : After more and more break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles. Robert Schifreen and Stephen Gold are convicted of accessing the Telecom Gold account belonging to the Duke of Edinburgh under the Forgery and Counterfeiting Act 1981 in the United Kingdom, the first conviction for illegally accessing a computer system. On appeal, the conviction is overturned as hacking is not within the legal definition of forgery.  Arrest of a hacker who calls himself The Mentor. He published a now-famous treatise shortly after his arrest that came to be known as the Hacker’s Manifesto in the e-zine Phrack. This still serves as the most famous piece of hacker literature and is frequently used to illustrate the mindset of hackers. Astronomer Clifford Stoll plays a pivotal role in tracking down hacker Markus Hess, events later covered in Stoll’s 1990 book The Cuckoo’s Egg.
1987 : The Christmas Tree EXEC “worm” causes major disruption to the VNET, BITNET and EARN networks.
1988 : The Morris Worm. Graduate student Robert T. Morris, Jr. of Cornell University launches a worm on the government’s ARPAnet (precursor to the Internet). The worm spreads to 6,000 networked computers, clogging government and university systems. Robert Morris is dismissed from Cornell, sentenced to three years probation, and fined $10,000. First National Bank of Chicago is the victim of $70-million computer theft. The Computer Emergency Response Team (CERT) is created by DARPA to address network security. The Father Christmas (computer worm) spreads over DECnet networks.
1989 : Jude Milhon (aka St Jude) and R. U. Sirius launch Mondo 2000, a major ’90s tech-lifestyle magazine, in Berkeley, California. The politically motivated WANK worm spreads over DECnet.  Dutch magazine Hack-Tic begins. The Cuckoo’s Egg by Clifford Stoll is published. The detection of AIDS (Trojan horse) is the first instance of a ransomware detection.

1990 : Operation Sundevil introduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the Legion of Doom, conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of Steve Jackson Games are also raided, and the role-playing sourcebook GURPS Cyberpunk is confiscated, possibly because the government fears it is a “handbook for computer crime”. Legal battles arise that prompt the formation of the Electronic Frontier Foundation, including the trial of Knight Lightning. Australian federal police tracking Realm members Phoenix, Electron and Nom are the first in the world to use a remote data intercept to gain evidence for a computer crime prosecution. The Computer Misuse Act 1990 is passed in the United Kingdom, criminalising any unauthorised access to computer systems.
1992 : Release of the movie Sneakers, in which security experts are blackmailed into stealing a universal decoder for encryption systems. One of the first ISPs MindVox opens to the public.  Bulgarian virus writer Dark Avenger wrote 1260, the first known use of polymorphic code, used to circumvent the type of pattern recognition used by antivirus software, and nowadays also intrusion detection systems. Publication of a hacking instruction manual for penetrating TRW credit reporting agency by Infinite Possibilities Society (IPS) gets Dr. Ripco, the sysop of Ripco BBS mentioned in the IPS manual, arrested by the United States Secret Service.
1993 : The first DEF CON hacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering was so popular it became an annual event.
AOL gives its users access to Usenet, precipitating Eternal September.
1994 : Summer: Russian crackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his work laptop after hours to transfer the funds to accounts in Finland and Israel. Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money. Hackers adapt to emergence of the World Wide Web quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker web sites. AOHell is released, a freeware application that allows a burgeoning community of unskilled script kiddies to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte email bombs and their chat rooms disrupted with spam messages.
1994 : Winter: After experiencing an IP spoofing attack by Kevin Mitnick, computer security expert Tsutomu Shimomura started to receive prank calls that popularized the phrase “My kung fu is stronger than yours”.
1995 : The movies The Net and Hackers are released. February 22: The FBI raids the “Phone Masters”.
1996 : Hackers alter Web sites of the United States Department of Justice (August), the CIA (October), and the U.S. Air Force (December). Canadian hacker group, Brotherhood, breaks into the Canadian Broadcasting Corporation. The U.S. General Accounting Office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report. The MP3 format gains popularity in the hacker world. Many hackers begin setting up sharing sites via FTP, Hotline, IRC and Usenet.  Cryptovirology is born with the invention of the cryptoviral extortion protocol that would later form the basis of modern ransomware.
1997 : A 15-year-old Croatian youth penetrates computers at a U.S. Air Force base in Guam. June: Eligible Receiver 97 tests the American government’s readiness against cyberattacks. December: Information Security publishes first issue. First high-profile attacks on Microsoft’s Windows NT operating system. In response to the popularity of sharing MP3 music files online, the Recording Industry Association of America begins cracking down on file sharing.
1998 : January: Yahoo! notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted by hackers claiming a “logic bomb” will go off if computer hacker Kevin Mitnick is not released from prison. February: The Internet Software Consortium proposes the use of DNSSEC (domain-name system security extensions) to secure DNS servers. May: The seven members of the hacker think tank known as L0pht testify in front of the US congressional Government Affairs committee on “Weak Computer Security in Government”. June: Information Security publishes its first annual Industry Survey, finding that nearly three-quarters of organizations suffered a security incident in the previous year. September: Electronic Disturbance Theater, an online political performance-art group, attacks the websites of The Pentagon, Mexican president Ernesto Zedillo, and the Frankfurt Stock Exchange, calling it conceptual art and claiming it to be a protest against the suppression of the Zapatista Army of National Liberation in southern Mexico. EDT uses the FloodNet software to bombard its opponents with access requests. October: “U.S. Attorney General Janet Reno announces National Infrastructure Protection Center.”
1999 – Software security goes mainstream In the wake of Microsoft’s Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.  U.S. President Bill Clinton announces a $1.46 billion initiative to improve government computer security. The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same. January 7: The “Legion of the Underground” (LoU) declares “war” against the governments of Iraq and the People’s Republic of China. An international coalition of hackers (including Cult of the Dead Cow, 2600’s staff, Phrack’s staff, L0pht, and the Chaos Computer Club) issued a joint statement condemning the LoU’s declaration of war. The LoU responded by withdrawing its declaration. March: The Melissa worm is released and quickly becomes the most costly malware outbreak to date. July: Cult of the Dead Cow releases Back Orifice 2000 at DEF CON. August: Kevin Mitnick, sentenced to 5 years, of which over 4 years had already been spent pre-trial including 8 months solitary confinement. September: Level Seven Crew hacks the U.S. Embassy in China’s website and places racist, anti-government slogans on embassy site in regards to 1998 U.S. embassy bombings. September 16: The United States Department of Justice sentences the “Phone Masters”. October: American Express introduces the “Blue” smart card, the industry’s first chip-based credit card in the US. November 17: A hacker interviewed by Hilly Rose during the radio show Coast to Coast AM (then hosted by Art Bell) exposes a plot by al-Qaeda to derail Amtrak trains. This results in all trains being forcibly stopped over Y2K as a safety measure.

2000 : May: The ILOVEYOU worm, also known as VBS/Loveletter and Love Bug worm, is a computer worm written in VBScript. It infected millions of computers worldwide within a few hours of its release. It is considered to be one of the most damaging worms ever. It originated in the Philippines; made by an AMA Computer College student for his thesis. September: Computer hacker Jonathan James became the first juvenile to serve jail time for hacking.
2001 : Microsoft becomes the prominent victim of a new type of hack that attacks the domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft’s websites are corrupted. February: A Dutch cracker releases the Anna Kournikova virus, initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russian tennis star. April: FBI agents trick two Russian crackers into coming to the U.S. and revealing how they were hacking U.S. banks. July: Russian programmer Dmitry Sklyarov is arrested at the annual Def Con hacker convention. He was the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA). August: Code Red worm, infects tens of thousands of machines. The National Cyber Security Alliance (NCSA) is established in response to the September 11 attacks on the World Trade Center.
2002 : January: Bill Gates decrees that Microsoft will secure its products and services, and kicks off a massive internal training and quality control campaign. May: Klez.H, a variant of the worm discovered in November 2001, becomes the biggest malware outbreak in terms of machines infected, but causes little monetary damage. June: The Bush administration files a bill to create the Department of Homeland Security, which, among other things, will be responsible for protecting the nation’s critical IT infrastructure. August: Researcher Chris Paget publishes a paper describing “shatter attacks”, detailing how Windows’ unauthenticated messaging system can be used to take over a machine. The paper raises questions about how securable Windows could ever be. It is however largely derided as irrelevant as the vulnerabilities it described are caused by vulnerable applications (placing windows on the desktop with inappropriate privileges) rather than an inherent flaw within the Operating System. October: The International Information Systems Security Certification Consortium – (ISC)² – confers its 10,000th CISSP certification.
2003 : The hacktivist group Anonymous was formed. March: Cult of the Dead Cow and Hacktivismo are given permission by the United States Department of Commerce to export software utilizing strong encryption.
2004 : March: NZ Government (National Party) website defaced by hacktivist group BlackMask. July: North Korea claims to have trained 500 hackers who successfully crack South Korean, Japanese, and their allies’ computer systems. October: National Cyber Security Awareness Month was launched by the National Cyber Security Alliance and U.S. Department of Homeland Security.
2005 : April 2: Rafael Núñez (aka RaFa), a notorious member of the hacking group World of Hell, is arrested following his arrival at Miami International Airport for breaking into the Defense Information Systems Agency computer system on June 2001. September 13: Cameron Lacroix is sentenced to 11 months for gaining access to T-Mobile’s network and exploiting Paris Hilton’s Sidekick.
November 3: Jeanson James Ancheta, whom prosecutors say was a member of the “Botmaster Underground”, a group of script kiddies mostly noted for their excessive use of bot attacks and propagating vast amounts of spam, was taken into custody after being lured to FBI offices in Los Angeles.
2006 : January: One of the few worms to take after the old form of malware, destruction of data rather than the accumulation of zombie networks to launch attacks from, is discovered. It had various names, including Kama Sutra (used by most media reports), Black Worm, Mywife, Blackmal, Nyxem version D, Kapser, KillAV, Grew and CME-24. The worm would spread through e-mail client address books, and would search for documents and fill them with garbage, instead of deleting them to confuse the user. It would also hit a web page counter when it took control, allowing the programmer who created it as well as the world to track the progress of the worm. It would replace documents with random garbage on the third of every month. It was hyped by the media but actually affected relatively few computers, and was not a real threat for most users. May: Jeanson James Ancheta receives a 57-month prison sentence, and is ordered to pay damages amounting to $15,000.00 to the Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS attacks and hacking. Ancheta also had to forfeit his gains to the government, which include $60,000 in cash, a BMW, and computer equipment. May: The largest defacement in Web History as of that time is performed by the Turkish hacker iSKORPiTX who successfully hacked 21,549 websites in one shot. July: Robert Moore and Edwin Pena featured on America’s Most Wanted with Kevin Mitnick presenting their case commit the first VoIP crime ever seen in the USA. Robert Moore served 2 years in federal prison with a $152,000.00 restitution while Edwin Pena was sentenced to 10 years and a $1 million restitution. September: Viodentia releases FairUse4WM tool which would remove DRM information off Windows Media Audio (WMA) files downloaded from music services such as Yahoo! Unlimited, Napster, Rhapsody Music and Urge.
2007 : May 17: Estonia recovers from massive denial-of-service attack. June 13: FBI Operation Bot Roast finds over 1 million botnet victims. June 21: A spear phishing incident at the Office of the Secretary of Defence steals sensitive U.S. defence information, leading to significant changes in identity and message-source verification at OSD. August 11: United Nations website hacked by Turkish Hacker Kerem125.
2008 : January 17: Project Chanology; Anonymous attacks Scientology website servers around the world. Private documents are stolen from Scientology computers and distributed over the Internet. March 7: Around 20 Chinese hackers claim to have gained access to the world’s most sensitive sites, including The Pentagon. They operated from an apartment on a Chinese Island. March 14: Trend Micro website successfully hacked by Turkish hacker Janizary (aka Utku).
2009 : April 4: Conficker worm infiltrated millions of PCs worldwide including many government-level top-security computer networks.

2010 : January 12: Operation Aurora Google publicly reveals that it has been on the receiving end of a “highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google”. June: Stuxnet The Stuxnet worm is found by VirusBlokAda. Stuxnet was unusual in that while it spread via Windows computers, its payload targeted just one specific model and type of SCADA systems. It slowly became clear that it was a cyber attack on Iran’s nuclear facilities – with most experts believing that Israel was behind it – perhaps with US help. December 3: The first Malware Conference, MALCON took place in India. Founded by Rajshekhar Murthy, malware coders are invited to showcase their skills at this annual event supported by the Government of India. An advanced malware for Symbian OS is released by hacker A0drul3z.
2011 : The hacker group Lulz Security is formed. April 9: Bank of America website got hacked by a Turkish hacker named JeOPaRDY. An estimated 85,000 credit card numbers and accounts were reported to have been stolen due to the hack. Bank officials say no personal customer bank information is available on that web-page. Investigations are being conducted by the FBI to trace down the incriminated hacker. April 17: An “external intrusion” sends the PlayStation Network offline, and compromises personally identifying information (possibly including credit card details) of its 77 million accounts, in what is claimed to be one of the five largest data breaches ever. Computer hacker sl1nk releases information of his penetration in the servers of the Department of Defense (DoD), Pentagon, NASA, NSA, US Military, Department of the Navy, Space and Naval Warfare System Command and other UK/US government websites. September: Bangladeshi hacker TiGER-M@TE made a world record in defacement history by hacking 700,000 websites in a single shot. October 16: The YouTube channel of Sesame Street was hacked, streaming pornographic content for about 22 minutes.  November 1: The main phone and Internet networks of the Palestinian territories sustained a hacker attack from multiple locations worldwide. November 7: The forums for Valve’s Steam service were hacked. Redirects for a hacking website, Fkn0wned, appeared on the Steam users’ forums, offering “hacking tutorials and tools, porn, free giveaways and much more.” December 14: Five members of the Norwegian hacker group Noria was arrested, allegedly suspected for hacking into the email account of the militant extremist Anders Behring Breivik (who perpetrated the 2011 attacks in the country).
2012 : A Saudi hacker, 0XOMAR, published over 400,000 credit cards online, and threatened Israel to release 1 million credit cards in the future. In response to that incident, an Israeli hacker published over 200 Saudi’s credit cards online. January 7: “Team Appunity”, a group of Norwegian hackers, got arrested for breaking into and publishing the user database of Norway’s largest prostitution website. February 3: Marriott was hacked by a New Age ideologist, Attila Nemeth who was resisting against the New World Order where he said that corporations are allegedly controlling the world. As a response Marriott reported him to the United States Secret Service. February 8: Foxconn is hacked by a hacker group, “Swagg Security”, releasing a massive amount of data including email and server logins, and even more alarming – bank account credentials of large companies like Apple and Microsoft. Swagg Security stages the attack just as a Foxconn protest ignites against terrible working conditions in southern China. May 24: WHMCS is hacked by UGNazi, they claim that the reason for this is because of the illegal sites that are using their software.  May 31: MyBB is hacked by newly founded hacker group, UGNazi, the website was defaced for about a day, they claim their reasoning for this was because they were upset that the forum board Hackforums.net uses their software. June 5: The social networking website LinkedIn has been hacked and the passwords for nearly 6.5 million user accounts are stolen by cybercriminals. As a result, a United States grand jury indicted Nikulin and three unnamed co-conspirators on charges of aggravated identity theft and computer intrusion. August 15: The most valuable company in the world Saudi Aramco is crippled by a cyber warfare attack for months by malware called Shamoon. Considered the biggest hack in history in terms of cost and destructiveness . Carried out by an Iranian attacker group called Cutting Sword of Justice. Iranian hackers retaliated against Stuxnet by releasing Shamoon. The malware destroyed over 35,000 Saudi Aramco computers, affecting business operations for months. December 17: Computer hacker sl1nk announced that he has hacked a total of 9 countries’ SCADA systems. The proof includes 6 countries: France, Norway, Russia, Spain, Sweden and the United States.
2013 : The social networking website Tumblr is attacked by hackers. Consequently, 65,469,298 unique emails and passwords were leaked from Tumblr. The data breach’s legitimacy is confirmed by computer security researcher Troy Hunt.
2014 : February 7: The bitcoin exchange Mt.Gox filed for bankruptcy after $460 million was apparently stolen by hackers due to “weaknesses in [their] system” and another $27.4 million went missing from its bank accounts. October: The White House computer system was hacked. It was said that the FBI, the Secret Service, and other U.S. intelligence agencies categorised the attacks “among the most sophisticated attacks ever launched against U.S. government systems.”  November 24: In response to the release of the film The Interview, the servers of Sony Pictures are hacked by a hacker group calling itself “Guardian of Peace”. November 28: The website of the Philippine telecommunications company Globe Telecom was hacked in response to the poor internet service they are distributing.
2015 : June: the records of 21.5 million people, including social security numbers, dates of birth, addresses, fingerprints, and security-clearance-related information, are stolen from the United States Office of Personnel Management. Most of the victims are employees of the United States government and unsuccessful applicants to it. The Wall Street Journal and the Washington Post report that government sources believe the hacker is the government of China. July: The servers of extramaritial affairs website Ashley Madison were breached.
2016 : February: The 2016 Bangladesh Bank heist attempted to take US$951 million from Bangladesh Bank, and succeeded in getting $101 million – although some of this was later recovered. July 22: WikiLeaks published the documents from the 2016 Democratic National Committee email leak. July 29: a group suspected coming from China launched hacker attacks on the website of Vietnam Airlines.  September: Hacker Ardit Ferizi is sentenced to 20 years in prison after being arrested for hacking U.S. servers and passing the leaked information to members of ISIL terrorist group back in 2015. October: The 2016 Dyn cyberattack is being conducted with a botnet consisting of IOTs infected with Mirai by the hacktivist groups SpainSquad, Anonymous, and New World Hackers, reportedly in retaliation for Ecuador’s rescinding Internet access to WikiLeaks founder Julian Assange at their embassy in London, where he has been granted asylum.
2017 : February: The Cloudbleed bug was discovered by Google Project Zero team. April: A hacker group calling itself “The Dark Overlord” posted unreleased episodes of Orange Is the New Black TV series online after they failed to extort online entertainment company Netflix. May: WannaCry ransomware attack started on Friday, 12 May 2017, and has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries. May: 25,000 digital photos and ID scans relating to patients of the Grozio Chirurgija cosmetic surgery clinic in Lithuania were obtained and published without consent by an unknown group demanding ransoms. Thousands of clients from more than 60 countries were affected. The breach turned attention to weaknesses in Lithuania’s information security. June: 2017 Petya cyberattack. May–July 2017: The Equifax breach. September 2017: Deloitte breach.
2018 : May: A speculative execution exploit named Speculative Store Bypass (sometimes referred to as “Variant 4”) is disclosed by researchers. June: Lazy FP State Restore, a speculative execution exploit affecting Intel Core CPUs, is announced by Intel.

Why does my phone get hot and how to cool down your phone.

So far, this has been a summer to remember, with the UK experiencing its longest heatwave in five years. Across the country, thousands are flocking to beaches, parks and pools to make the most of the hot weather, with temperatures reaching highs of 32 degrees in some parts. But while the heat is great for barbeques, picnics (and spotting novelty tan lines), it does come with its drawbacks. For example, you may have noticed your phone overheating. If that happens, you need to know how to cool down your phone, and how to stop your phone from getting hot in the first place. With that in mind, here’s our advice for a happy summer with your mobile.

Why does my phone get hot?

First of all, it’s normal for phones to generate some heat. The battery, the screen’s backlight, the GPS chip and the processor all generate heat as they work – but really, any part of the phone that uses power can get hot. You may notice that your mobile heats up when you perform tasks, such as charging, streaming audio and video content, running apps in the background, holding long phone conversations, downloading apps, and using your phone as a GPS system. Put simply: usage demands power, and power generates heat.

Normally, your phone will cool down when you stop these activities. But in summer, when the temperature is higher, there is a chance that this heat could be retained. Unsurprisingly, this is not good for your phone, as sometimes, the hotter your processor gets, the slower it will run. Not to worry, though – there are some steps you can take to help prevent overheating.

How to cool down your phone

  1. Keep your phone well ventilated. Most mobile phones will try to dissipate heat through body panels, which means they need plenty of space to do so. Try not to carry your phone in your pocket – your body heat is the last thing your phone’s body needs on a hot day.
  2. Keep your phone out of direct sunlight. Just like humans, phones can overheat in the sun, too. If you’re outside enjoying the great outdoors, make sure your phone is kept in the shade. Exposure to high temperatures mean that the device cannot cool itself, which can really impact the battery. Your phone will charge slower, and prolonged exposure to heat is likely to decrease battery life altogether.
  3. Keep your phone away from other gadgets and devices. It’s not just phones that get hot when they work – tablets, laptops and other devices have the same problem. Try not to keep all of your tech together in the same bag, drawer or space. You don’t want your phone picking up all that excess heat when it’s trying to manage its own.
  4. Update your apps. Apps refreshing and updating in the background means that your phone is using power (and thus, generating heat). Set aside some time to ensure all your apps are updated and in good working order. This way, you can limit the amount of background work your phone is doing.
  5. Remove any apps which noticeably use power. If you’ve noticed your phone heating up a lot after installing a certain app, try removing it. It could be that a particular application is using significantly more power than you’d like and putting some strain on your device. Similarly, having a clean out of apps you don’t use can help with the background power issue.
  6. Turn down your backlight. Keeping your screen brightness high can use more battery and generate heat. Try turning your backlight down and setting a shorter timeout on your screen. Bonus: your battery may last longer, too.
  7. Remove your phone case. If you’re phone is feeling toasty, try taking off the case for a little while. Just as taking off a jacket can help humans cool down, taking off the phone’s extra layer can help heat dissipate. Just try not to drop it (and if you prefer the added protection of a case, remember to pop it back on when your device has cooled down again).
  8. Keep your car cool when using GPS navigation. Cars can be like ovens on hot summer days. If you’re off on a long drive, and are relying on your phone’s GPS to get you there, try and keep the vehicle as cool as possible. Crank the windows, blast the AC: your phone (and probably your passengers) will thank you.
  9. Check for battery damage. If you’re noticing a persistent heat issue, you could double check the battery to make sure there’s not a problem. Before you do, close all your apps and programs and turn off your network connections. If there is a fault, you could try replacing the battery.
  10. Let your phone rest. And finally, the common line that keeps cropping up here is that power means heat. If you’re all caught up on social media, you’ve made your phone calls for the day, and there’s nothing too urgent in the WhatsApp group, you could consider giving your phone a little rest to recover. After all, we all need a break in summer, right?


Source: Tesco Hub

Internet data and history…

It’s mine – you can’t have it.

If you want to use it for something, then you have to negotiate with me. I have to agree, I have to understand what I’m getting in return.

I myself feel that it is very important that my ISP supplies internet to my house like the water company supplies water to my house. It supplies connectivity with no strings attached. My ISP doesn’t control which websites I go to, it doesn’t monitor which websites I go to.

Source:  Sir Tim Berners-Lee, 2008


The Greatest Computer Hacks

Vandalism, Theft, and Cleverness on a Large Scale

Hacking is about manipulating and bypassing systems to force them to do the unintended. While most hackers are benign hobbyists, some hackers inflict terrible widespread damage and cause financial and emotional injury. Victimized companies lose millions in repair and restitution costs; victimized individuals can lose their jobs, their bank accounts, and even their relationships.

Ashley Madison Hack 2015: 37 Million Users
The hacker group Impact Team broke into the Avid Life Media servers and copied the personal data of 37 million Ashley Madison users. The hackers then incrementally released this information to the world through various websites. The effect on people’s personal reputations rippled across the world, including claims that user suicides followed after the hack.
This hack is memorable not only because of the sheer publicity of the aftermath, but because the hackers also earned some fame as vigilantes crusading against infidelity and lies.

The Conficker Worm 2008: Still Infecting a Million Computers a Year
While this resilient malware program has not wreaked irrecoverable damage, this program refuses to die; it actively hides and then copies itself to other machines. Even more frightening: This worm continues to open backdoors for future hacker takeovers of the infected machines.
The Conficker worm program (also known as the Downadup worm) replicates itself across computers, where it lies in secret to either convert your machine into a zombie bot for spamming or to read your credit-card numbers and your passwords through keylogging then and transmit those details to the programmers.
Conficker/Downadup is a smart computer program. It defensively deactivates your antivirus software to protect itself.
Conficker is noteworthy because of its resilience and reach; it still travels around the Internet eight years after its discovery.

Stuxnet Worm 2010: Iran’s Nuclear Program Blocked
A worm program that was less than 1 MB in size was released into Iran’s nuclear refinement plants. Once there, it secretly took over the Siemens SCADA control systems. This sneaky worm commanded more than 5,000 of Iran’s 8,800 uranium centrifuges to spin out of control, then suddenly stop and then resume, while simultaneously reporting that all is well. This chaotic manipulating went on for 17 months, ruining thousands of uranium samples in secret and causing the staff and scientists to doubt their own work. All the while, no one knew that they were being deceived and simultaneously vandalized.
This devious and silent attack wreaked far more damage than simply destroying the refining centrifuges themselves; the worm led thousands of specialists down the wrong path for a year and a half and wasted thousands of hours of work and millions of dollars in uranium resources.
The worm was named Stuxnet, after a keyword found in the code’s internal comments.
This hack is memorable because of both optics and deceit. It attacked the nuclear program of a country that has been in conflict with the USA and Israel and other world powers and it also deceived the entire Iranian nuclear staff for a year and a half as it performed its deeds in secret.

Home Depot Hack 2014: Over 50 Million Credit Cards
By exploiting a password from one of its stores’ vendors, the hackers of Home Depot achieved the largest retail credit card breach in human history. Through careful tinkering of the Microsoft operating system, these hackers managed to penetrate the servers before Microsoft could patch the vulnerability.
After they entered the first Home Depot store near Miami, the hackers worked their way throughout the continent. They secretly observed the payment transactions on more than 7,000 of the Home Depot self-serve checkout registers. They skimmed credit card numbers as customers paid for their Home Depot purchases.
This hack is noteworthy because it was launched against a large corporation and millions of its trusting customers.

Spamhaus 2013: The Largest DDOS Attack in History
A distributed denial of service attack is a data flood. By using dozens of hijacked computers that repeat signals at a high rate and volume, hackers will flood and overload computer systems on the Internet.
In March of 2013, this particular DDOS attack was large enough that it slowed the entire Internet across the planet and completely shut down parts of it for hours at a time.
The perpetrators used hundreds of domain-name servers to reflect signals repeatedly, amplifying the flood effect and sending up to 300 gigabits per second of flood data to each server on the network.
The target at the centre of the attack was Spamhaus, a non-profit professional protection service that tracks and blacklists spammers and hackers on behalf of Web users. The Spamhaus servers, along with dozens of other Internet exchange servers, were flooded in this attack.
This DDOS hack is noteworthy because of the sheer scale of its brute force repetition: It overloaded the Internet’s servers with a volume of data that had never been seen before.

eBay Hack 2014: 145 Million Users Breached
Some people say this is the worst breach of public trust in online retail. Others say that it was not nearly as harsh as mass theft because only personal data was breached, not financial information.
Whichever way you choose to measure this unpleasant incident, millions of online shoppers have had their password-protected data compromised. This hack is particularly memorable because it was public and because eBay was painted as weak on security because of the company’s slow and lacklustre public response.

JPMorgan Chase Hack 2014: 83 Million Accounts
In the middle of 2014, alleged Russian hackers broke into the largest bank in the United States and breached 7 million small-business accounts and 76 million personal accounts. The hackers infiltrated the 90 server computers of JPMorgan Chase and viewed personal information on the account holders.
Interestingly enough, no money was looted from these account holders. JPMorgan Chase will not share all the results of their internal investigation. What they will say is that the hackers stole contact information like names, addresses, email addresses and phone numbers. They claimed that there is no evidence of Social Security, account number, or password breach.
This hack is noteworthy because it struck at where people store their money, raising questions about the security of the U.S. banking system.

The Melissa Virus 1999: 20 Percent of the World’s Computers Infected
A New Jersey man released this Microsoft macro virus into the Web, where it penetrated Windows computers. The Melissa virus masqueraded as a Microsoft Word file attachment with an email note alleging an “‘Important Message from [Person X].” After the user clicked the attachment, Melissa activated itself and commanded the machine’s Microsoft Office to send a copy of the virus as a mass mailout to the first 50 people in that user’s address book.
The virus itself did not vandalize files or steal any passwords or information; rather, its objective was to flood email servers with pandemic mailouts.
Indeed, Melissa successfully shut down some companies for days at a time as the network technicians rushed to clean their systems and purge the pesky virus.
This virus/hack is noteworthy because it preyed on people’s gullibility and the then-current weakness of antivirus scanners on corporate networks. It also gave Microsoft Office a black eye as a vulnerable system.

LinkedIn 2016: 164 Million Accounts
In a slow-motion breach that took four years to reveal, the social networking giant admits that 117 million of its users had their passwords and logins stolen in 2012, to later have that information sold on the digital black market in 2016.
The reason this is a significant hack is because of how long it took for the company to understand how badly they had been hacked. Four years is a long time to realize you’ve been robbed.

Anthem Health Care Hack 2015: 78 Million Users
The second-largest health insurer in the United States had its databases compromised through a covert attack that spanned weeks. Anthem refuses to disclose details of the penetration but the company claims that no medical information was stolen, only contact information and Social Security numbers.
No harm has been yet identified for any of the compromised users. Experts predict that the information will one day be sold through online black markets.
As a response, Anthem provided free credit monitoring for its members. Anthem is also considering encrypting all its data.
The Anthem hack is memorable because of its optics: Another monolithic corporation fell victim to a few clever computer programmers.

Sony PlayStation Network Hack 2011: 77 Million Users
April 2011: Intruders from the Lulzsec hacker collective cracked open the Sony database at their PlayStation Network, revealing the contact information, logins, and passwords of 77 million players. Sony claims that no credit card information was breached.
Sony took down its service for several days to patch holes and upgrade their defences.
There has been no report that the stolen information has been sold or used to harm anyone yet. Experts speculate that the weakness was exploited through a SQL injection attack.​
The PSN hack is memorable because it affected gamers, a culture of people who are computer-savvy fans of technology.

Global Payments 2012 Hack: 110 Million Credit Cards
Global Payments is one of the several companies that handle credit card transactions for lenders and vendors. Global Payments specializes in small-business vendors. In 2012, their systems were breached by hackers and information on people’s credit cards was stolen. Some of those users have since experienced fraudulent transactions.
The signature-based system of credit cards in the United States is dated, and this breach could have easily been reduced if credit card lenders would invest in using the newer chip cards that are used in Canada and the UK. Since the attack, the United States has migrated to a chip-and-pin or chip-and-sign approach for processing point-of-sale card transactions, although migration has been largely voluntary by retailers.
This hack is noteworthy because it struck at the daily routine of paying for goods at the store, shaking the confidence of credit card users around the world.

So What Can You Do to Prevent Getting Hacked?
Hacking is a real risk that all of us must live with, and you will never be 100-percent hacker-proof.
You can reduce your risk, though, by making yourself harder to hack than other people and by mitigating your risk by following basic best-practice security standards:
1. Check to see if you’ve been hacked and outed at this free database.
2. Make the extra effort to design strong passwords as we suggest in this tutorial.
3. Use a different password for each of your accounts; this practice will substantially reduce how much of your life a hacker can access.
4. Consider adding two-factor authentication to your Gmail and other primary online accounts.
5. Consider subscribing to a VPN service to encrypt all of your online traffic.


Source: lifewire.com

60 Must-Know Cybersecurity Statistics for 2018

Cybersecurity issues are becoming a day-to-day struggle for businesses. Trends show a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.

Additionally, recent research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data lass.

We’ve compiled 60 cybersecurity statistics to give you a better idea of the current state of overall security, and paint a picture of how potentially dire leaving your company unsecure can be.

Data Breaches by the Numbers
The increasing amount of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity, as well.
In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time.
In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers.
In 2017, 412 million user accounts were stolen from Friendfinder’s sites.
In 2017, 147.9 million consumers were affected by the Equifax Breach.
According to 2017 statistics, there are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27 percent per year.
Thirty-one percent of organizations have experienced cyber attacks on operational technology infrastructure.
100,000 groups in at least 150 countries and more than 400,000 machines were infected by the Wannacry virus in 2017, at a total cost of around $4 billion.
Attacks involving cryptojacking increased by 8,500 percent in 2017.
In 2017, 5.4 billion attacks by the WannaCry virus were blocked.
There are around 24,000 malicious mobile apps blocked every day.
In 2017, the average number of breached records by country was 24,089. The nation with the most breaches annually was India with over 33k files; the US had 28.5k.
In 2018, Under Armor reported that its “My Fitness Pal” was hacked, affecting 150 million users.
Between January 1, 2005 and April 18, 2018 there have been 8,854 recorded breaches.

Cybersecurity Costs
Average expenditures on cybercrime are increasing dramatically, and costs associated with these crimes can be crippling to companies who have not made cybersecurity part of their regular budget.
In 2017, cyber crime costs accelerated with organizations spending nearly 23 percent more than 2016 — on average about $11.7 million.
The average cost of a malware attack on a company is $2.4 million.
The average cost in time of a malware attack is 50 days.
From 2016 to 2017 there was an 22.7 percentage increase in cybersecurity costs.
The average global cost of cyber crime increased by over 27 percent in 2017.
The most expensive component of a cyber attack is information loss, which represents 43 percent of costs.
Ransomware damage costs exceed $5 billion in 2017, 15 times the cost in 2015.
The Equifax breach cost the company over $4 billion in total.
The average cost per lost or stolen records per individual is $141 — but that cost varies per country. Breaches are most expensive in the United States ($225) and Canada ($190).
In companies with over 50k compromised records, the average cost of a data breach is $6.3 million.
Including turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill the cost of lost business globally was highest for U.S. companies at $4.13 million per company.
Damage related to cybercrime is projected to hit $6 trillion annually by 2021.

Cybersecurity Facts and Figures
It’s crucial to have a grasp on the general landscape of metrics surrounding cybersecurity issues, including what the most common types of attacks are and where they come from.
Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2 percent of all ransomware attacks.
Trojan horse virus Ramnit largely affected the financial sector in 2017, accounting for 53 percent of attacks.
Most malicious domains, about 60 percent, are associated with spam campaigns.
Seventy-four percent of companies have over 1,000 stale sensitive files.
Malware and web-based attacks are the two most costly attack types — companies spent an average of US $2.4 million in defense.
The financial services industry takes in the highest cost from cyber crime at an average of $18.3m per company surveyed.
Microsoft Office formats such as Word, PowerPoint and Excel make up the most prevalent group of malicious file extensions at 38 percent of the total.
About 20 percent of malicious domains are very new and used around 1 week after they are registered.
Over 20 percent of cyber attacks in 2017 came from China, 11 percent from the US and 6 percent from the Russian Federation.
The app categories with most cybersecurity issues are lifestyle apps, which account for 27 percent of malicious apps. Music and audio apps account for 20 percent.
The information that apps most often leak are phone numbers (63 percent) and device location (37 percent).
In 2017, spear-phishing emails were the most widely used infection vector, employed by 71 percent of those groups that staged cyber attacks.
Between 2015 and 2017, the U.S. was the country most affected by targeted cyber attacks with 303 known large-scale attacks.
In 2017, overall malware variants were up by 88 percent.
Among the top 10 malware detections were Heur.AdvML.C 23,335,068 27.5 2 Heur.AdvML.B 10,408,782 12.3 3 and JS.Downloader 2,645,965 3.1
By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion.

Cybersecurity Risks
With new threats emerging every day, the risks of not securing files is more dangerous than ever, especially for companies.
21 percent of all files are not protected in any way.
41 percent of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected.
70 percent of organizations say that they believe their security risk increased significantly in 2017.
69 percent of organizations don’t believe the threats they’re seeing can be blocked by their anti-virus software.
Nearly half of the security risk that organizations face stems from having multiple security vendors and products.
7 out of 10 organizations say their security risk increased significantly in 2017.
65 percent of companies have over 500 users who never are never prompted to change their passwords.
Ransomware attacks are growing more than 350 percent annually.
IoT attacks were up 600 percent in 2017.
The industry with the highest number of attacks by ransomware is the healthcare industry. Attacks will quadruple by 2020.
61 percent of breach victims in 2017 were businesses with under 1,000 employees.
Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time.
Variants of mobile malware increased by 54 percent in 2017.
Today, 1 in 13 web requests lead to malware (Up 3 percent from 2016).
2017 represented an 80 percent increase in new malware on Mac computers.
In 2017 there was a 13 percent overall increase in reported system vulnerabilities.
2017 brought a 29 percent Increase in industrial control system–related vulnerabilities.
By 2020, we expect IT analysts covering cybersecurity will be predicting five-year spending forecasts (to 2025) at well over $1 trillion.
The United States and the Middle East spend the most on post-data breach response. Costs in the U.S. were $1.56 million and $1.43 million in the Middle East.

There’s no question that the situation with cybercrime is dire. Luckily, by assessing your business’s cybersecurity risk, making with company-wide changes and improving overall security behavior, it’s possible to protect your business from most data breaches.


Source: varonis.com

Domain names …. the worst seen by us

Here’s the 43 most notorious we found (we actually had 50 – but our mothers read this blog):

penisland.net – Pen Island
sydneytherapist.com – Sydney Therapist
mammotherection.com – Construction Company
kidsexchange.net – Kids Exchange
bigalsonline.com – Big Als Online
webone.com.au – Web One
choosespain.com – Choose Spain
bendover.com – Ben Dover
bitefartcafe.rs – Bitef Art Cafe
partnerstalking.com.au – Partners Talking
whorepresents.com – Who Represents
expertsexchange.com – Experts Exchange
nobraces.com.au – No Braces
wintersexpress.com – Winters Express
gotahoe.com – Go Tahoe
therapistfinder.com – Therapist Finder
powergenitalia.com – Power Gen Italia
molestationnursery.com – Mole Station Nursery
ipanywhere.com – Internet Protocol Anywhere
speedofart.com – Speed of Art
dicksonweb.com – Dickson Web
viagrafix.com – Via Grafix (renamed to Learn2)
nycanal.com – New York Canal Region
mofo.com – Morrison & Foerster, LLC
michaeljacksonsthisisitmoviemerchandise.com – really?
dicksonweb.com – Dickson’s Temperature Instruments
teacherstalk.com – Teachers Talk
auctionshit.com – Auctions Hit
butthatsnotall.co.nz – But That’s Not All
childrenswear.co.uk – Childrens Wear
ihavegas.com – IHA Vegas Holiday Rentals
machome.com – Mac Home
oddsextractor.com – Odds Extractor
alterscrap.com – Alter Scrap
ladrape.co.uk – La Drape
llanfairpwllgwyngyllgogerychwyrndrobwyll-llantysiliogogogoch.com – an actual Welsh town
gooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com – a spinoff of the famous search engine
1hourscrap.com – Rapid scrapbook making
swissbit.ch – Germany-based Swissbit
3.141592653589793238462643383279502884197169399375105820974944592.com – Pi
pedo.org – An actual dentist organization