Cyber-attacks are infamous events which are witnessed by the world every now and then. We as the users can only take care of a few things to conceal us from hackers but some actions are beyond our reach. Therefore, we rely on people who develop the technology or device that we are using. However, these continuous attacks seem to tell us to rely on nothing but ourselves.
How big an attack will shake the foundation of these tech giants to look and work towards being one step ahead of cybercriminals?
Who Is In the Spotlight This Time?
Microsoft and then Nintendo servers were under attack. A security researcher, Zammis Clark, who goes by the name Raylee or Slipstream, is a 24-year-old, has been found guilty for trespassing and stealing sensitive information from Microsoft as well as Nintendo networks. He pleaded guilty for these offenses this Thursday at London Crown Court.
Wondering How He Did It?
This hacker got access of Microsoft server using internal username and password on 24th January 2017. He uploaded web shell to get access to the server remotely for three weeks a minimum. During that time, he uploaded several shells, which gave him further access to search using Microsoft’s network, download data, and upload files. After this intrusion, 43,000 files were stolen. The files stolen have confidential copies of pre-release versions of Windows and utilized to give an early beta code to developers working on Windows.
The hacker focused unique build numbers to get information on pre-release versions of Windows. He not only stole information from the Microsoft servers but also shared access using Internet Relay Chat, which allowed others to get hands-on confidential information. This all came to an end when Clark uploaded malware on Microsoft network and got arrested in June 2017.
Let’s imagine, had there been no malware introduced to the server, this could have been continued forever, right under Microsoft’s nose. Thankfully, no user data was stolen, what if it would have been stolen?
Well, this was not it! He got bail and was also not restricted to use computers; therefore, he used the opportunity to hack Nintendo’s servers in March 2018. This time, he used VPNs to get access to the company’s very confidential game development servers. He stole at least 2,365 usernames and passwords until Nintendo woke from sleep and got to know what has happened in May 2018.
These are not the only cases, this hacker is indulged in. What doesn’t make sense is when he was caught for the first time, why he was blacklisted and kept in the scrutiny? Isn’t it the basic thing to do?
Undoubtedly, this hacker has been punished for his crimes. Maybe this could teach a few of them a lesson. However, my question is from all the tech and IT giants, why they give these fickle minded people space to act in the first place? Should you not be the one on whom we as a user could rely?
If you can’t keep your servers safe, then how would you be able to handle user data that you collect.
We plead to all the IT giants to enhance internet security and close all the loopholes which could open a window for a breach.