Another day, another high-level security breach. On Feb. 1, Twitter announced that 250,000 users’ passwords had been compromised in a relatively large-scale attack. This followed a momentous week in which The New York Times and The Wall Street Journal both reported long-term breaches to their own systems that The Times claimed originated in China. The attacks, and how they infiltrated these organizations, are fundamentally different. Because of that, they require different methods of awareness and protection.
Just before these events, we learned of security vulnerabilities in Java, which led to the impractical call from some corners to disable the ubiquitous software. But if we start turning off every Web utility when a vulnerability comes to light, most of the Internet would be off limits. Many Twitter breaches happen not because of Java, but because of poorly constructed passwords, account access to potentially malicious third-party applications, or phishing attacks through direct messages.
Have you ever received a direct Twitter message such as “Did you see this pic of you? lol <link>” or “There’s a bad blog going around about you, seen it yet? <link>”? Clicking on these links is a recipe for disaster and the very definition of a phishing attack. The best way to protect your Twitter account is user awareness, so disabling Java won’t help. Once breached, your Twitter credentials could be used in social engineering attacks in an attempt to drop something nastier on your corporate endpoints through company email. From there, the cybercriminals can steal company user names, passwords and, potentially, a whole lot more.
Without a trust-based security solution running on your endpoints and servers, it’s relatively easy for the attackers to weasel their way into your servers and siphon off intellectual property. This is what potentially happened to the Times and Journal. So disabling Java and running antivirus is really a backwards way of thinking. Typically by the time organizations are aware of vulnerabilities in programs such as Java, the problem has already been remediated. But currently, there are other threats (zero-days) running on your systems now, undetectable by antivirus – if this is all you use.
So reevaluating how you secure your systems is essential. Regarding Twitter, be mindful of phishing attacks, avoid untrusted third-party Web apps that connect to your Twitter account, and construct a complicated password that you regularly change. Then consider a trust-based security solution, so only known good applications and other software can execute on your endpoints and servers. Instead of disabling Java, it’s time to enable an effective security posture that will protect you, your organization and all of the important information that drives your business.
Keeping our users secure: http://t.co/sbeefn0V
— Twitter (@twitter) February 1, 2013
Bit9 Security Solutions
- Windows Domain Controller
- Application Control
- Cyber Forensics
- Endpoint Protection
- Advanced Persistent Threat
- Flame Virus