Media IT Networks, the next security risk

RapidVPN/ August 29, 2019/ Blog/

Journalists’ organizations don’t have the infrastructure to prevent top-secret information leaked to them from being scooped up by foreign state actors. That’s quite worrying, says the Australian Federal Police (AFP).

According to the AFP’s Deputy Commissioner Operations, Neil Gaughan, they’re aware of top secret (TS) information that probably sits within a couple of media organizations. “The ability of their IT infrastructure to protect that information at the top-secret level doesn’t exist. If we have TS information sitting on an unclassified network within, say, a journalist’s organization, the ability for that to be compromised I think is quite high, and quite worrying indeed.” Gaughan told the Parliamentary Joint Committee on Intelligence and Security (PJCIS).

The Law Council of Australia has called for tighter restrictions on metadata access, including the need for warrants in all cases, not just when the subject is a journalist.

Meanwhile, PJCIS published an article that shed new light on the most common network security threats:

  1. Computer virus – it is one of the most common threats to cybersecurity. The reason why are computer viruses so widespread is that they are often sent as email attachments or downloaded unintentionally from certain websites, and they then spread from one computer to another. Viruses send spam, steal data from your computer or may even delete your hard drive.
  2. Trojan horse – it a malicious bit of attacking horse or software that tricks the users to run it willingly because they hide behind a legitimate program. Usually, the way they spread is by email and it is from someone you know – the email carries an attachment and when you click on it downloads malware to your computer. The same as with viruses, once a Trojan horse finds its way into someone’s computer it steals data, passwords, or hijack the webcam.
  3. Rogue security software – this kind of software often tricks the users to think that their software is not up to date or that they have installed on their computer a virus. They will then ask the users to download an antivirus and once the user does so – the actual malware will be installed.
  4. Adware and spyware:
  5. Adware is a kind of software that follows your browsing habits and collects your data without consent and based on your activities shows you certain advertisements and pop-ups. The presence of adware is noticeable only in the pop-ups and it can affect a person’s internet connection speed or slow down the computer’s processor.
  6. Spyware works similarly to adware but it is installed into a person’s computer without his knowledge. Its keyloggers collect information such as passwords, addresses, maybe even credit card numbers.
  7. DOS and DDOS attack

A DOS attack is performed usually by one machine and its internet connection, and it floods a website with packets and thus makes it impossible for the users to access the content of the website. When a website has too much traffic it is unable to serve its content to visitors.

A DDoS attack, on the other hand, is similar to DOS but is more forceful. It is launched from several computers, and they can be distributed around the entire globe, and this network of compromised computers is called a botnet. Because the attack comes from various computers at the same time it is much more difficult for the victim to locate and defend against it.

  • Computer worm – those pieces of malware programs can replicate quickly and they spread from one computer to another. A worm spreads from an infected computer to another by sending itself to all of the computers contacts.
  • Phishing – this kind of threat obtain a person’s passwords, credit card numbers, usernames, etc. The emails that the victim receives seem to be legitimate but once you click on it you open a malicious link that installs the malware on your computer.
  • SQL Injection attack – those kinds of attacks are made in the form of targeting data-driven applications and exploring security vulnerabilities in the application’s software. This code can obtain or even destroy private data and has quickly become one of the most dangerous privacy issues of data.
  • Rootkit – those software tools enable the remote control or access over a computer and its network. The rootkit comes with the keyloggers, antivirus disablers or passwords stealers. One way of rootkit distribution is by malicious emails, links, files, or even downloading software from not trustworthy websites.
  • Man-in-the-middle attacks – in those attack the attacker is allowed to eavesdrop on the communication between two targets. This conversation in normal settings should be private. Some types of MITM attacks include:
  • DNS spoofing
  • IP spoofing
  • HTTPS spoofing
  • SSL spoofing
  • Wi-Fi hacking

Those are only the most important and the most used internet threats so far, the new ones will most certainly keep emerging. The best thing a journalist or a media company can do is to be protected and prepared.  There is no such system that could be impenetrable by some kind of cybersecurity threat. But the prevention of future attacks is nowadays easier than ever if your up-to-data cyber intelligence data is activated. There probably needs to be a re-connection of the government sector with the media sector and form a stronger alliance in the defense of the freedom of the press.

Source: Parlament of Australia, Zdnet