Stories by Brian Honan

ICANN Website Security Breached

The Internet Corporation for Assigned Names and Numbers (ICANN) has issued a warning to those who registered with its public website that their profile accounts were accessed by an "unauthorized person". ICANN states that the usernames, email addresses, and encrypted passwords to people's profile accounts have been compromised in the last week. Profile accounts on the ICANN website can contain "user preferences for the website, public bios, interests, newsletter subscriptions, etc"

Brian Honan | 07 Aug | Read more

DDoS Attacks Take Down RBS, Ulster Bank, and Natwest Online Systems

The Royal Bank of Scotland group of banks suffered nearly a <a href="">fifty minute outage</a> to their on-line banking systems today as a result of a Distributed Denial of Service Attack. The banks affected included, Royal Bank of Scotland (RBS), NatWest, and Ulster Bank. A spokesperson from NatWest said in a statement "The issues that some customers experienced accessing on-line banking this morning was due to a surge in internet traffic deliberately directed at the website. At no time was there any risk to customers. Customers experienced issues for around 50 minutes and this has now been resolved."

Brian Honan | 04 Aug | Read more

European Central Bank Hacked

The European Central Bank (the ECB) announced on Thursday the 24th of July that its website was the victim of a cyber-attack resulting in the security of the site being compromised. The attack resulted in a breach of the security for a database serving its public website. The database is used for individuals to register for conferences, events, and visits hosted by the organisation. The ECB stated that while most of the database was encrypted, some of the database held contact details such as email addresses, phone numbers, and addresses in unencrypted format. The ECB believes that approximately 20,000 people who had registered with the bank's website are affected by the breach.

Brian Honan | 01 Aug | Read more

They Fought the Law, The Law Won

Reading the headlines relating to cyber-security you would not be blamed for thinking we are in a losing battle against relentless foes. The breaches at OPM, Ashley Madison, Target, Sony, and many others highlight criminals are consistently looking for ways to breach our defences. It is understandable then why many CISOs may look nervously at their networks wondering if they will be the next victim, or worse, are they already a victim without knowing it.

Brian Honan | 27 Jul | Read more

Hackers Ground Polish LOT Airline Flights

The Polish national airline, LOT, announced on Sunday that they cancelled 10 flights as a result of the airline's ground computer systems at Warsaw's Okecie airport being subject to attack by hackers. The airline's ground computer systems are used to manage the flight plans for the airline. LOT stated that no ongoing flights or other airport computer systems were affected and that flights already in the air or scheduled to land at Warsaw were not at risk.

Brian Honan | 22 Jun | Read more

US Secretary of State lays out 5 principles for international cybersecurity

On Monday the United States Secretary of State, John Kerry, gave a wide ranging speech on cybersecurity and international cooperation at the Korea University in South Korea. The speech touched on many aspects of how the Internet has enriched the lives of many across the world. During his speech Mr. Kerry gave examples of children in refugee camps using the Internet for education, of fisherman in Mozambique being able to manage their fish stock thanks to the Internet, and how a doctors in Cameroon are able to remotely diagnose cardiac issues over the web. Mr. Kerry also highlighted how the Internet supported movements such as the Arab Spring , and has enabled freedom of expression and freedom of speech for those living in oppressed regimes.

Brian Honan | 20 May | Read more

Once, Twice, Three times a Malady

The Irish author Oscar Wilde famously said "to lose one parent may be regarded as a misfortune, to lose both looks like carelessness". I wonder what Oscar Wilde would think of the English celebrity chef Jamie Oliver for having his website compromised not just once, or trice, but for the third time since December of last year? The latest compromise, which was discovered by Malwarebytes, enabled criminals to redirect unsuspecting visitors to the chef's website to links which download the password stealing Fiesta EK exploit kit.

Brian Honan | 18 May | Read more

French TV station's systems severely damaged in cyber attack

The French TV station TV5Monde suffered a major cyber-attack on the evening of the 8th of April resulting in all of its eleven channels being taken off air for three hours. At 10:00 p.m. Paris time the eleven channels for TV5Monde, which reach over 260 million people worldwide, went blank. At the same time the station's Facebook page was hijacked and its website defaced.

Brian Honan | 10 Apr | Read more

British Airways Frequent Flyer Program Grounded

British Airways recently acknowledged that they suffered a security breach impacting their frequent flyer program. This is yet another security breach to impacted loyalty program systems. Earlier this year both American Airlines and United Airlines suffered security breaches where user accounts were compromised by criminals using stolen account credentials.

Brian Honan | 01 Apr | Read more

British Tribunal Rules Mass Internet Surveillance by GCHQ Was Unlawful

Earlier Friday the Investigatory Powers Tribunal (IPT) in the UK ruled that the UK's Government Communications Headquarters' (GCHQ) access to information intercepted online by the US National Security Agency (NSA) was unlawful up until December 2014. The Investigatory Powers Tribunal was established in October 2000 under the Regulation of Investigatory Powers Act 2000 ('RIPA') to enable UK citizens to reveal cases where they believed their human rights have been violated by illegal UK government surveillance. On foot of allegations by former NSA contractor Edward Snowden that GCHQ had agreements in place with the NSA which enabled GCHQ to have access to the data gathered and held by the NSA on UK citizens, a number of civil liberties groups such as Privacy International and Liberty brought a case to the IPT.

Brian Honan | 07 Feb | Read more