When I started drafting this blog post a while back, the title was “I Have Been Pwned Twice Already”. That number has since risen to five, and I’m assuming it will continue to rise as old breaches come to light and some long forgotten accounts get popped. So far, no immediate harm has been caused to me from these breaches, and I’ll contribute that silver lining to the reactive and since then proactive steps I’ve taken to ensure that’s the case now and in the future. This is how also you can harden your online presence against these (inevitable) breaches.
Following in the footsteps of two great guides, “10 Commandments for a Safer Internet” and “0x0A Hack Commandments”, I was inspired to give something back to the community. For the average Joe, operational security – or OPSEC for short – is basically just about risk management through identifying specific pieces of information requiring protection, and employing measures to protect them. Sounds intimidating? Don’t worry, because you’re already doing it.
Yesterday was the international Safer Internet Day, and also the day that second annual Microsoft Computing Safety Index’s results were published. Research was done globally on a massive scale; over 10,000 PC, smartphone and tablet users in 20 countries and regions were surveyed. The results? Outright troubling.
Holidays have been even more exciting than usual here in Finland, but not in a good way. Apparently cyber criminals aren’t aware of the concept of Christmas peace, and multiple cyber attacks have taken place against some major Finnish websites and servers. During 20.-21.12., several Finnish Joomla-servers had been DDoS-attacked and infected with Brobot-malware. Then between 25.-27.12., at least the websites of Helsingin Sanomat, Iltasanomat, Iltalehti, MTV3, Nelonen and Yle were also under DDoS-attacks. For Finns, I highly recommend following CERT-FI in Twitter – they’re The National Computer Security Incident Response Team of Finland, and give all the official information about cyber attacks, and useful security tips too.