Websites of Independent Military Publication Suffers Cyber-attack
Recently, various websites of Gannett Government Media Corporation suffered cyber-attacks resulting in disruption of access to users and compromise of user data.
The publication is likely to have military personnel as members. Cyber-attackers having access to extracted information may initiate sophisticated cyber-attacks to collect more privileged information form military and defense personnel. In the recent times, cyber-attackers have used spear phishing attacks involving misuse the collected information to masquerade as supervisors, subordinates or peers to defraud targeted individuals into sharing disclosed information. Late last year, several government officials including cyber security specialists received Christmas greeting card, which seemingly appeared to come from White House domain. The card was a malware aimed at stealing confidential data. More recently, Google reported attempts to compromise e-mail accounts of U.S government officials by misusing the forwarding feature in Gmail. The purpose again was to access sensitive information that attackers may use to launch more sophisticated attacks. Google alleged that a nation state was behind the attack. Sophisticated attacks make it inevitable for cyber security professionals to constantly upgrade their skills by undertaking security certifications and online university degree programs.
Affected members must immediately change their passwords on the affected websites and other online sites, wherein the same login credentials are used. Use of strong and unique passwords is the basic but often ignored aspect of cyber security. Attackers having access to login credentials of one user account, may attempt to gain access to other online accounts of the affected user through brute force attacks.
Security awareness training programs, e-flyers and e-tutorials may help Internet users in keeping themselves updated of security threats and precautionary measures. Employees may take advantage of the online degree programs to improve cyber security awareness and gain insights on information security practices.
Cyber-attackers may exploit SQL injection vulnerabilities to gain access to associated databases of websites and steal, alter or damage sensitive information stored on them. Attackers may also exploit cross-site scripting and other websites. As such, regular scrutiny of websites is crucial to detect and mitigate vulnerabilities before their exploitation by attackers. Professionals qualified in masters of security science, secured programming, and penetration testing may enable organizations in making proper threat assessment and initiating corrective action.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
Tag Words: security breach, military publication, data breach, computer forensics, spear phishing, unauthorized access, classified information