Gerry Morley - Director of Cyber Security No Comments

Worldwide disruption of Internet services due to Amazon Web Services Outage

If your favourite website or internet related service wasn’t accessible or working right yesterday it may not have been just you.

Amazon Web Services

Yesterday, Amazon Web Services S3 system which hosts well over a hundred thousand websites experienced a major outage for between 4 and 5 hours yesterday. Many popular websites (Netflix, Instagram, Spotify, Pinterest, Slack, Trello, Buzzfeed, Reddit, IFTTT, Quora, Splitwise and Medium to name a few) use Amazon’s S3 system and users of these popular sites may have experienced slowness in accessing such services.

Unbeknownst to users familiar with Amazon’s online shopping website, Amazon Web Services is a giant provider of the back-end of the Internet. It provides cloud-based storage and web services for companies so they don’t have to build their own server farms, allowing them to rapidly deploy computing power without having to invest in infrastructure.

While not all AWS customers were affected by the outage at one of AWS’s main storage systems, many experienced slowdowns in website reaction times, after a big portion of its S3 system went offline. Amazon wasn’t able to update its own service health dashboard for the first two hours of the outage because the dashboard itself was hosted on AWS.

“We’ve identified the issue as high error rates with S3 in US-EAST-1,” Amazon explains on its services tracking page, adding that the issue “is also impacting applications and services dependent on S3.

The issue appears to have been resolved but these instances are always a great reminder of how much of the internet relies on just a handful of huge companies to keep it up and running and even massive companies like Amazon can have unforeseen issues which cause downtime.  Unfortunately, there will always be “ghosts” in the machine, and just like cyber-attacks, downtime at some stage is inevitable for nearly every business. It’s a case of “when” not “if” it will happen to you. That’s why it’s so important to have a backup, disaster recovery and business continuity plan for your own business so you can be best prepared to continue to maintain operations and service your customers even when issues happen.

Sources: USA Today, Engadget, Verge, BGR

 

 

 

Gerry Morley - Director of Cyber Security No Comments

Hackers offer Apple staff in Cork up to €20,000 for insider information

Hackers are tempting employees of high profile organisations around the world with large sums of money for insider information.

This serves as yet another wake up call for Irish organisations and organisations worldwide of the increasing insider threat and that hackers will stop at nothing to gain sensitive data on companies which they can sell on the dark internet for a mini fortune. Read more

Gerry Morley - Director of Cyber Security No Comments

Yahoo! Hackers caught with their hands in your cookie jar.

Yahoo Hackers prove they don’t need your online passwords as they can forge your browser cookies to access your online data.

Yahoo in December 2016 quietly revealed to its users, in the form of a security update, that their user accounts may have been compromised as recently as last year, after an ongoing cyber security investigation found evidence that hackers managed to create forged cookies to gain access to Yahoo user accounts. Read more

Gerry Morley - Director of Cyber Security No Comments

Websites Can Now Track Online Activity Across Multiple Browsers

New Cross-Browsing Fingerprinting technique can now track online activity across multiple browsers. Coming soon to a browser near you.

Track Online Activity Via Multiple Browsers
You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web “fingerprinting” techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers.

A team of researchers has recently developed a cross-browser fingerprinting technique — the first reliable technique to accurately track users across multiple browsers based on information like extensions, plugins, time zone and whether or not an ad blocker is installed. Read more

Gerry Morley - Director of Cyber Security No Comments

Nasty Ransomware Virus DynA-Crypt Causes Full Blown “GDPR” Data Breach

Ransomware virus DynA-Crypt causes a full blown data breach as it not only encrypts your data, but then steals and uploads it online.

DynA-Crypt Ransomware

What this means?

The EU mandated GDPR (General Data Protection Regulation) which comes into force on 25th May 2018 will penalise companies not prepared for such data breaches resulting in large fines (approx. 4% of turnover or up to 20 Million Euro whichever is greater). To reduce the chances of being fined to the full extent of this new law – companies will need to begin to work on putting in place the necessary data protection processes and procedures to be able detect when a breach happens/happened, identify what if any personally identifiable data was stolen and have a breach response plan that will ensure the breach is properly handled and reported to the Data Protection Commissioner within 72 hours of detecting the breach. Read more