European Space Agency Suffers Security Breach, Confidential Information Disclosed 

by iClass - Tuesday, April 19, 2011
In the recent times, data breach incidents have become a common occurrence. In yet another data breach incident, an attacker successfully intruded into some of the FTP servers of the European Space Agency (ESA). The attacker was successful in extracting sensitive information and has allegedly published around 200 usernames and passwords on his blog site. The attacker has revealed information related to main server, root, database, admin, editor and FTP accounts. Some of the usernames, e-mail addresses and passwords are easily readable on the blog page of the attacker. The attacker has not revealed the method used to breach security and gain unauthorized access to the affected databases.

The affected FTP servers are used by researchers affiliated to partner organizations for exchanging information. Information security professionals are investigating the incident and the affected FTP servers have been taken offline. The attacker has identified himself as TinKode. TinKode was in the news for intruding into the website of British Royal Navy, He was also behind attacks on some of National Aeronautical Space Administration's (NASA) websites, the U.S Army, Reuters and Kaspersky Portugal among others. The attack took place on the anniversary of Apollo 13 crew's safe return to earth following a failed moon mission. TinKode revealed details of 13 FTP accounts to match the number of the mission. TinKode has also provided a brief description of ESA on his blog site.

Leakage of user credentials may provide attacker with access to privileged user accounts, which may contain strategic information. Revelation of such sensitive information may pose threat to national security. Attackers may also modify and delete information contained in the databases. Websites must be regularly tested for vulnerabilities and security lapses. Professionals qualified in IT degree programs, secured programming and penetration testing may help organizations in timely detection and mitigation of security weaknesses.

Attackers constantly scan and exploit vulnerabilities through sophisticated techniques. Websites are susceptible to SQL injection, cross-site scripting and distributed denial-of-service (DDoS) attacks. IT professionals must keep themselves abreast of latest developments in website security, modus operandi of attackers and threat prevention mechanisms through training sessions and online IT degree programs.

Users must avoid common passwords on multiple websites as attackers having access to password for one account may easily gain access to other accounts of the user. Passwords must be unique and must not contain personally identifiable information. Online IT courses, e-tutorials and adherence to security alerts may help users in understanding security threats and safe online computing practices.

Contact Press
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.


0    submitted by iClass -
Read More Press Releases

PDP Pays Protestors against Buhari

What Causes an Underbite?

Ziqitza Healthcare Ltd aims to revitalise their on the go medical services

All Kids Braces Medical Card is now Available in Evanston through iDentity Orthodontics

'Home seekers looking to home loan interest rate cuts from RBI in Feb’: Niranjan Hiranandani

Hiranandani Group’s new foray into Dream Project of PMO Narendra Modi with commercial establishmens in GIFT City, Gandhinagar, and Gujarat

Isle of Man court stays order against Hiranandani

Thane the ideal ‘luxe living’ residential destination: Niranjan Hiranandani

Clipping Creations India Offer Multiple Service in Photo Editing

Practitioner seeks state funds to widen study of naprapathy to treat vets’ PTSD

Get press releases by email