Connect's hue and cry

Submitted by TemoL on Tue, 02/02/2010 - 11:30am

how and expertise that can be found at what has been proclaimed the country's number one internet service provider.

Connects social page on Facebook seemed to be filled with comments mostly negative about its service and incapability to prevent such inconveniences to occur.

A competitor went as far as to suggest on the ever popular facebook that his company be used by Connect to monitor the site.

Locally there was such a hue and cry over the hacked page that one of the country's local media decided that it was news worthy enough to make the six o'clock news.

Meanwhile no news was generated on Microsoft's announced plans to release a patch to its Internet Explorer Web browser, but the company has yet to detail when the patch will be released.

This was after the code that was used to hack Gmail accounts in China was made publicly available on the Internet with security experts are urging computer users throughout the world to be highly vigilant until a patch can be developed.

The hack involves Internet Explorer 6, the browser that came with the Windows XP operating system that, while outdated, still powers millions of businesses and home computers and is now dangerously compromised.

Last month, the code that was used to hack Gmail accounts in China and led Google to threaten to close shop there was posted to malware-analysis Web site Wepawet. Later on, security site Metasploit had posted a demonstration of just how easily the exploit can be used to gain complete control over a computer.

Metasploit is intended to let security professionals test out security threats.

"Normally these frameworks are designed for the good guys for our assessment. The problem is, it's open source and available to anyone," said Michael Gregg, head of Superior Solutions Inc., a Houston-based cybersecurity consultancy.

"And the scary thing about Metasploit is, anybody can pull this stuff down and anybody can launch it. It's not the skilled hacker working for the government; it's the kid next door."

"This is something that affects businesses in the U.S. and the rest of the world as well as individuals. The Internet knows no borders,” Gregg warned.

Gregg said that years ago, software companies had months to solve a security flaw after it was uncovered. Today, it's hours. Protecting yourself and your business is substantially harder today than it was in years past, too, due both to the accelerated pace of these exploits and also to hackers' reliance on social engineering, where an individual is tricked into providing confidential information.

Meanwhile the isolated incident confined only to the Connect website that had no effect to the provisioning of internet services, emails, hosting or customer databases. There was also no breach to the Connect customer’s username and password.

Connects customers continue to remain the company’s number one priority and despite the many vulnerabilities of the World Wide Web, Connect has done everything and anything necessary to protect its customers.

“Our engineers have managed to re-direct all traffic to our webmail portal while work continues to rectify this morning hijacking. We are also reviewing all web security measures to ensure that any such intrusions are managed more effectively in future” said Swantha Jayesingha, Manager Connect Internet Services.