Finland – Prolific Hacker Arrested & Sentenced

Julius Kivimaki, a 17-year-old from Finland, has been found guilty of 50.700 “instances of aggravated computer break-ins”, which affected Harvard University, MIT and a host of companies. Given a two-year suspended prison sentence, his PC was confiscated and he was ordered to handover €6.588 worth of property obtained through his crimes.

Exploited vulnerabilities in software program

When he carried out his crimes throughout 2012 and 2013, Kivimaki exploited vulnerabilities in software called ColdFusion to hijack emails, block traffic to websites and steal credit card details.
He was able to install backdoors into tens of thousands of computers, which allowed him to retrieve information stored on them, adding malware to 1.400 servers. This led him to create a botnet, which he used to carry out denial-of-service (DoS) attacks on news websites like ZDNet and the chat tool Canternet.
Kivimaki was also accused of helping to steal seven gigabytes of data from the Massachusetts Institute of Technology, costing them $213.000 (€192.718).
He also used this method to access accounts belonging to MongoHQ, a Californian website database provider, which allowed him to search billing and payment card information belonging to its clients and subsequently steal credit card information.
To think that a teenager, 15 and 16 at the time, could so thoroughly compromise so many companies is worrying.

Are your systems child proof ?

This is not the first time young hackers (ethical and criminal) have been in the news. Seven-year-old Betsy Davies managed to hack a laptop via an open Wi-Fi network in just over ten minutes, having learned how to set up a rogue access point and eavesdrop on traffic in an online tutorial.
Marcus Dempsey, the ethical hacker who oversaw the demonstration, said: “The results of this experiment are worrying but not entirely surprising. I know just how easily a layman can gain access to a stranger’s device, and in an age where children are often more tech-literate than adults, hacking can literally be child’s play”.

Strengthen your cyber security practices

Businesses throughout Europe are being actively encouraged to strengthen their cyber security now and not wait until the GDPR is in place.
“Hackers won’t wait,” says founder and executive chairman of IT Governance Alan Calder. “If they see a vulnerability in your organisation, they will act on it. Businesses across Europe need to get their systems up to date with the most comprehensive information security management system standard in the world – ISO 27001.
“Implemented by thousands of businesses worldwide, the requirements found in this standard provide a holistic approach to information security, covering people, processes and technology.”
Organisations that have an ISO 27001-compliant information security management system (ISMS) will also have a solid framework for supporting adherence to the GDPR when it does come into effect.

ISO 27001 solutions

European organisations can now implement the Standard and achieve ISO 27001 certification for as little as €530 with our ISO 27001 packaged solutions, full of standards, books, toolkits, software, training and online consultancy.

IT Governanance: http://bit.ly/1IqQBdM

 

 

« Public-Private Partnerships in the Cyber Domain
Hacking Team's Malware Uses a UEFI Rootkit »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Exclusive Networks

Exclusive Networks

Exclusive Networks accelerate market entry and growth for innovative cybersecurity, networking and infrastructure technologies.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

Deep Identity

Deep Identity

Deep Identity is a boutique system integrator, with expertise in tailored identity governance & administration (IGA) and identity access management (IAM) solutions.

Verimuchme

Verimuchme

Verimuchme is a digital wallet and exchange platform to secure, verify and re-use personal information.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Clavister

Clavister

Clavister is a network security vendor delivering a full range of network security solutions for both physical and virtualized environments.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

iON United

iON United

iON United is a full-service IT security solutions provider and one of the most trusted names in cybersecurity in Canada.

CliftonLarsonAllen (CLA)

CliftonLarsonAllen (CLA)

CLA exists to create opportunities for our clients through industry-focused advisory, outsourcing, audit, tax, and consulting services.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Federal Bureau of Investigation (FBI)

Federal Bureau of Investigation (FBI)

The mission of the FBI is to protect and defend against intelligence threats, uphold and enforce criminal laws, and provide criminal justice services.

We Hack Purple

We Hack Purple

We Hack Purple is a Canadian company dedicated to helping anyone and everyone create secure software.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.