If you read or watch the news at all it would have been difficult to miss hearing about all the hacks, exploits, vulnerabilities, and such lately. You may have even heard about smaller, regional, or issues more specific to your area for that matter that I haven’t heard about.
The following are some of the bigger ones that appeared in national news recently:
OpenSSL Heartbleed – (Extract bits containing sensitive information, passwords, etc.)
Bash Shellshock – (Primarily a Linux server exploit, but may affect Linux, Apple Os, and others.)
Target Stores Breach – (Personal Information stolen credit/debit card related.)
Home Depot Stores Breach – (Personal Information stolen credit/debit card related.)
Apple iCloud Breach – (Clebrity Image theft.)
JP Morgan Chase Breach – (Personal Information stolen.)
Now these are the bigger ones that made national headlines. It’s very possible that there are others that didn’t get as much media attention.
The OpenSSL Heartbleed and Bash Shellshock vulnerability are said to have been present for years. Security researchers only recently found them. From what I understand the Bash issue was present for nearly 20 years. Can you believe that! Twenty years that’s an awful long time.
Part of the problem with free and open source software is that many of them operate with virtually no budget. The team may include just a couple of individuals. Oftentimes they are more of a Me-Myself-and-I operation.
It wouldn’t surprise me one bit if there are many other similar vulnerabilities and exploits that already exist in popular software including what you would find on web servers just waiting to be discovered. It’s just a matter of time really. We put way to much faith and trust in software, servers, web sites, etc. if you ask me.
As for Target, Home Depot, and the more recent JP Morgan Chase stolen information I expect to see and hear about many more of these in the near future. One of the unfortunate things about these in particular are they didn’t exactly let customers know that they might be affected by this for months after it happened, which by then could have been too late.
The Apple iCloud thing I am not as familiar with. From what I gather someone managed to get into various celebrities iCloud accounts and download their pictures. I have read conflicting information about this one. Some blamed Apple for their lack of security measures, while others seem to suggest weak passwords and security questions were to blame.
It has got to the point now that I don’t even want to use a credit/debit card online, in a store, or even an ATM anymore. I used to prefer shopping online at the well-known big name sites, but it’s apparent that they are just as vulnerable if not more than the smaller sites and stores.
One thing is for certain these things aren’t going away any time soon. If anything we will see a lot more of this happening, and probably more frequently too.