eWeek's Version of the Top Security Stories of 2009

With the year almost done, eWeek's Brian Prince takes a look back at some of the major stories that shifted the security landscape in 2009. In no particular order, here are the top security stories of 2009:



1. Conficker Countdown: The April 1 doomsday many predicted may not have materialized, but it certainly made good fodder for discussion among mainstream media and tech press outlets alike. Speculation surrounding just what the worm’s update would be set off a flurry of stories and blogs. In the end, the day passed relatively quietly—and even now as the year closes mystery still surrounds Conficker’s origins and purpose. But the mystery has not slowed the number of infections, and according to statistics from the Shadowserver Foundation, China and other Asian countries are now home to the largest number of Conficker-infected PCs.



2. Cyber Security Coordinator: U.S. President Barack Obama finally made good this month on his promise to appoint a cyber coordinator to help develop a cyber-security strategy for the United States. The appointment of Howard Schmidt follows not only the release of a sweeping review of the nation’s cyber-infrastructure but also reports of a number of high-profile security incidents ranging from hackers hitting the country’s electric grid to attacks on government networks.



3. Gonzalez and His Gang Taken Down: Hacker Albert Gonzalez and his crew were tied to some of the biggest breaches in recent memory, including Heartland Payment Systems, Hannaford Bros. and TJX. “The case was a rare win: an actual arrest and conviction in a cybercrime/hacking case,” opined Paul Roberts, an analyst with The 451 Group. “The lesson: Moderately sophisticated criminals, with a bit of determination, can breach even the most sensitive of corporate and financial networks by 'hitting the ball where they ain't,' so to speak.”



4. Social Networking Security and You: There was an increasing awareness of privacy and security issues affecting popular sites such as Facebook, which touched off controversy in recent weeks with changes to its privacy controls. Though intended to improve user security, the changes resulted in a backlash that caused several consumer and privacy advocacy groups to file a complaint with the Federal Trade Commission. Meanwhile, officials in the U.S. military went back and forth trying to decide just how much social networking they were going to allow.



5. Apple iPhone Security Woes: Owners of jailbroken iPhones couldn’t catch a break this year. It started with a Dutch teenager exploiting the fact that many jailbroken iPhones are running OpenSSH with a default root password. In the ensuing weeks, a worm and an attack tool popped up that also took advantage of the situation. To address this, users were advised to change their passwords—and to think carefully before jailbreaking their phone.



6. Hacktivists Stay Busy: There were a number of notable examples of hacktivism in 2009. From the recent attack on Twitter that redirected users to a site by the “Iranian Cyber Army” to a denial-of-service attack in August targeting a pro-Georgian blogger to a series of DDoS attacks against the United States and South Korea, hacktivists took the blame for a growing share of incidents this year.



Continue Reading at eWeek