Computer hackers have taken to stealing data the easy way — by eavesdropping on phone and e-mail conversations to find the keys to seemingly impregnable networks, security experts say.<\/p>\n","protected":false},"excerpt":{"rendered":"
The danger of attacks with insider information was illustrated earlier this month with the arrest of a California man accused of breaking into mobile phone network T-Mobile USA’s database and reading e-mails and files of the U.S. Secret Service, and by the exploits of a hacker who breached a hospital’s database and changed mammogram results.<\/p>\n
The nature of threats to network security has changed as sophisticated hackers learned to tap into sensitive information flowing through telecommunications’ servers, especially those that provide wireless and Internet access.<\/p>\n
Security experts at Intrusic captured 4,466 passwords and 103 master passwords allowing global access to corporate databases while monitoring one Internet service provider for a 24-hour period, Intrusic President Jonathan Bingham said.<\/p>\n
“Telecoms and cable companies are pretty high on the list simply because of their huge customer bases,” Koetzle said. “If they can crack T-Mobile’s database they can get user names and passwords for (millions of) subscribers at all once.” In a statement, T-Mobile, a Deutsche Telekom AG unit, said it “quickly put in safeguards to prevent further access and began an investigation” after a hacker broke into its internal computer systems in 2003 and accessed data on 400 customers.<\/p>\n
The key to cutting down on damage from inevitable insider attacks is to constantly monitor data flow and train employees to guard passwords and access to computers, he said. Stan Quintana, director of managed security services at AT&T Corp added that among the “best practices” AT&T advocates is that its customers periodically hack into their own networks.<\/p>\n
http:\/\/www.usatoday.com\/tech\/news\/computersecurity\/2005-01-24-hackers-listening-in_x.htm<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-614","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/614","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=614"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/614\/revisions"}],"predecessor-version":[{"id":3101,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/614\/revisions\/3101"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=614"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}