PC Tools releases list of the top 5 internet blunders of 2008

2008 was a busy year for internet criminals, and a lot of internet users found their inboxes filling up with fake emails from news web sites and charities.

PC Tools, a leading security software company that has been working with us during our Security Sins campaign, has compiled a list of the Top 5 Internet Blunders of 2008, and has included the types of internet security threats that are likely to make the 2009 Blunders list.

“As online threats evolve and become increasingly sophisticated and dangerous, security software vendors must apply increasingly advanced techniques to provide consumers comprehensive protection” said Michael Greene, VP of Product Strategy. “PC Tools’ security products offer behavioural-based technology, which has the ability to provide protection against both known and unknown online threats”.

By going over the biggest security headlines of the past year, PC Tools has selected the following news stories as their Top 5 Internet Blunders of 2008:

5. Hackers breach Epilepsy Website

Where: Landover, Maryland
When: March 22, 2008
Callous cyber criminals breached the Epilepsy Foundation’s website, with those behind the cyber break-in posting hundreds of links to pages with flashing images. Those who suffer from photosensitive epilepsy are vulnerable to visually-stimulated seizures, and the videos and images triggered near-seizure reactions in some visitors.

4. NASA Announces Laptops Infected by Malware

Where: International Space Station, Space
When: August 27, 2008
NASA made public the knowledge that laptops aboard the International Space Station carried malware commonly used to steal passwords from online gamers. The laptops were originally infected in July, and reports released by NASA show this was not the first internet security risk to be found on board. No damage was done to NASA’s command centre, as the infected laptops were not connected to that network.

3. “Black Hole” Experiment Hacked

Where: Geneva, Switzerland
When: September 13, 2008
Portions of the computer network used by CERN’s Large Hadron Collider (LHC) were allegedly hacked by a group named the "Greek Security Team.” The Greek Security Team allegedly posted messages to the facilities’ website mocking the network’s security procedures. (CERN, European Organization for Nuclear Research is using the LHC to study the science behind gravity, dark matter and dark energy, and the possibility of extra dimensions in our Universe, among other hypotheses).

2. High-profile Hacking targets celebrities

Where: Murfreesboro, Tennessee
When: July 12, 2008
A 19-year-old hacker allegedly breached teen pop star Miley Cyrus’ Gmail account, posting her racy personal photos online and offering interviews to show off his break-in expertise. To date, no criminal charges have been filed.

Where: Knoxville, Tennessee
When: September 17, 2008
A 20-year-old hacker allegedly used Yahoo’s password recovery tool to gain access to Vice Presidential nominee Sarah Palin’s personal email account, posting screen shots of emails, her contact list, and family photos publicly. The U.S. Attorney’s office is currently investigating the offence.

1. Internet Infrastructure Flaw Discovered

Where: Seattle, Washington
When: August 7, 2008
A security consultant and researcher of IOActive discovered a major flaw in the internet’s core infrastructure, which allowed hackers to re-route users to fraudulent websites, as well as intercept emails that could potentially hold personal information. The vulnerability was found in a network of servers called Domain Name System (DNS). Microsoft, Cisco Systems, and others were forced to issue software patches.

Looking towards the kinds of threats we will be likely to experience in 2009, PC Tools has predicted that those suffering from the economic downturn of the Credit Crunch will be targeted most of all by internet scams. PC Tools also expects to see Clickjacking (a technique in which cyber criminals “hijack” a users online ID by means of collecting innocent data) play a more prominent role in the coming year, while socially engineered threats and malware will continue to be a significant risk throughout the year.