Cyber-intrusion at Distribute.IT, one of the Australian and International domain name registrar has put at risk thousands of Australian websites. The website of the company was defaced and indicates that an attacker, who identifies himself as ‘Evil’, carried out the attack. The attacker was previously involved in a security breach incident of University of Sydney website. The company is investigating the incident, and is yet to determine the actual loss of data. The attack has reportedly affected the web, telephonic and e-mail communications of the company. Security professionals are trying to restore the website. Several websites have reportedly complained of downtime as a result of the security incident.
The Australian registrar has databases containing the domain name of various companies, and domain name system (DNS) server details. The company has started updating customers on the progress in the investigations, a week after the security incident. Unauthorized access to such information may allow attackers to redirect visitors of legitimate websites to malicious sites. Visit to malicious websites may result in download of malware without user’s knowledge. Attackers may also attempt to extract financial information such as credit card details through malicious websites. Websites hosted by the company are more vulnerable to attacks. Attackers may gain unauthorized access to databases containing confidential information associated with such websites.
Regular security evaluation is crucial to safeguard computer systems, networks and websites. Inadequately protected network, power and communication cables, undefined access privileges, lack of restriction on access to printers and external devices create opportunities for offenders to perpetrate crime. Unauthorized access to critical devices may cause theft, damage and leakage of sensitive data, which may have negative financial and business implications. Security professionals of the company must periodically upgrade or replace outdated devices in accordance with improvements in technology. Old and obsolete equipment’s may have confidential information. Organizations must have appropriate procedures to degauss data, and destruct obsolete equipment’s. Hiring experienced professionals qualified in IT degree programs, and network administration, may help in devising appropriate hardware testing and quality assessment procedures.
Organizations must have appropriate incident management and response procedures in place to deal with security incidents. They must define and establish access controls to secure access to systems containing sensitive information. Regular huddle sessions, mandatory e-learning and online IT degree programs may help in creating cyber security awareness among employees. Proactive action is crucial to strengthen the defenses against cyber threats. Organizations may use Mock tests to test the preparedness of IT professionals in the event of security incidents.
Professionals may leverage online IT courses and security certification programs to enhance their technical capabilities in dealing with sophisticated attacks.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: [email protected]
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
