Secure coding a vital part of keeping information out of the wrong hands. Whether that information be personal, business, or an application. The information within without secure coding is in grave danger and at risk to malicious actors to steal, and do whatever they please.
Through out these teachings I have learned and become more aware of ensuring top security not only for myself but for others.
“The explosion of companies deploying wireless networks insecurely is creating vulnerabilities, as they think it’s limited to the office – then they have Johnny Hacker in the parking lot with an 802.11 antenna using the network to send threatening emails to the president!”
-Kevin Mitnick– Hacker and Security Consultant
Whats the worst that can happen?
- In 2000, a malicious email was going around effecting what is estimated to be around 10% of the internet at the time with the “ILOVEYOU” virus. This virus was able to self replicate once a user clicked on the “text” file although it was a hidden executable program, it would then send the same email to every contact in the mailing list. This email cause The Pentagon, Ford Motors, Military bases, and other large companies we forced to shutdown their mailing servers due to the overflow of emails once someone opened them. Once on a computer the virus would do 3 things. One replicate itself by emailing to the entire contact list, two replace MP3 and JPG files with itself, then it would erase windows passwords and send them to the host server in the Philippians. This could have been avoided with a simple email filter which is usually a default feature today.
- Buffer Overflow attacks have always been a dangerous attack which can usually be avoided with some simple code. Buffer Overflow attacks inject and “overflow” a computer with files overwriting old ones causing file loss and sometimes complete computer failure. Avoiding this type of attack by validating code and inserting code that would limit the amount of entries. The first of its kind was from the Morris Worm which spread quickly.
- January 2021, a site called DAILYQUIZ used by approximately 8.3 million users had their passwords, emails, and IP addresses all publicly posted after being hacked. All the passwords happened to be in plaintext with no protection, nor the other information being encrypted in anyway. Bad actors sold the information. This could lead to further attacks with the information out publicly.
What can you do?
Some simple things you can do to ensure that your own information is protected is 2 factor authentication, don’t click on suspicious links, and change your password frequently.
If you are curious if your email and possibly information has been exposed you can check on Haveibeenpwned.com. This can show if your email has been leaked from a data breach possibly if you’re email shows at risk you should consider changing password as soon as possible.
Conclusions
Overall, it is apparent that secure coding and systems are needed more than ever. Its nearly everyday we see a friend or family member get hacked on Facebook and send out messages with a mysterious link. Or obtaining emails that you normally don’t get. Sometimes its out of your hands and the company’s you trust are not protecting your information correctly. Secure coding can ensure that this information is protected better but, its never 100%. With technology changing everyday, the challenges to keep information secure is daily as well.
References
www.cnn.com – Love Virus Computer Security
www.Itsecuritynews.com –DAILYQUIZ Breach