Westpac, Australia's fourth largest bank, kicked off the second half of 2007 with deathly silence as the company's ATMs, online banking and EFTPOS services were knocked offline.
Initially, it blamed "human error" but a source within Westpac's IT team explained that the bank was the victim of a DDoS attack. Westpac spokesperson David Lording, who in the past boasted about the company's "backup systems on backup systems", eventually admitted there had been an attack.
A couple of months later, criminals sent phishing e-mails claiming that "hardware failures" meant that Westpac customers should "review" their account details. To top things off, Westpac had another failure in early September when a systems failure locked around 200,000 customers out of their accounts.
Westpac wasn't alone in making headlines when it comes to security issues: in October, National Australia Bank also admitted being hit by a massive DDoS attack. In November, the Commonwealth Bank's customers were targeted by a very fussy trojan.
Back to June and OpenOffice -- the ugly sister of Microsoft's Office productivity suite -- was targeted by BadBunny -- a worm capable of infecting Windows, Mac and Linux systems.
The cross-platform application was exploited again in September -- this time because of a TIFF-based buffer overflow issue.
Java, which also runs on numerous platforms, was the subject of a massive security alert in July when engineers from Google discovered a vulnerability in the Sun Java Runtime Environment, which the search giant said threatened the security of all platforms, browsers and even mobile devices.
Sun sent out patches for the hole a few days later but the company's updating schedule was criticised at the time by security firm eEye for "putting millions at risk".
Around the same time, BlackBerry maker RIM seemed worryingly unmoved that a spyware application called FlexiSpy was able to monitor e-mails, text messages and even record voice conversations and send them to a third party.
The same software can also keep tabs on anyone using a Symbian-based phone. Later in the year, Finnish firm F-Secure had a go at software developer Retina-X Studios for releasing a dodgy mobile phone spying application -- which was full of bugs!
With all these trojans and hackers around, you would think that users were making it easy for criminals -- but then social networking exploded, which most likely had identity thieves dancing for joy.
Before Facebook, LinkedIn and MySpace, ID thieves had to work hard in order to discover personal information about individuals. According to AusCERT's general manager Graham Ingram, people's addiction to social networks have become a real danger.
MessageLabs' co-founder Mark Sunner agreed. In a video interview, he said that these sites are "a goldmine of data for the bad guy community". Apart from encouraging everyone to volunteer their private information, Facebook users got more than a poke when the site's banner adverts started threatening Internet Explorer.
If it isn't enough that dodgy Eastern European criminals are trying to plant malware on our computers, this year we discovered that our governments -- or specifically the American and German governments -- have created "official" malware and tried to force security companies turn a blind eye.
One of the biggest security jokes of the year was the Howard government's ultimately stupid idea to spend AU$189 million on making the Internet safer for children by providing all families with a free porn filter.
Before the ink had even dried on the NetAlert cheque, 16-year-old Tom Wood had managed to bypass the filter. So what did the government do to punish this young cracker? He was hired to fix the system. By doing so he also helped the government reduce the national skills shortage -- by one. "It seems to be working just the way we planned," said Helen Coonan, who has a little more time on her hands after Labor won the election in November.
Speaking of the election, another hot topic was the dreaded national ID card. I mean the Australia card. Err. No, I mean the Access Card. I think.
Whatever you want to call it, it was a stupid, unpopular idea and is hopefully dead and buried. Unfortunately, this may not be the case.
2007 was the year that politicians finally realised that this new interweb tubes thingy was not just a fad and it may even help them get a few more votes. Unfortunately for ex-Prime Minister John Howard, his Web site was vulnerable to cross-site scripting vulnerabilities, which was (ab)used to made it seem that the PM wanted to "suck your blood".
Computer enthusiast Brett Soric said he was just having a bit of fun and luckily for him, the AFP agreed and let him off the hook.
As the year drew to a close, Apple's Steve Jobs admitted that the company had kept its iPhone platform closed to third party applications because of security concerns. This is rather ironic as it was the hunger for such applications that caused so many iPhone owners to have their phones hacked on purpose.
One of the last stories before the Christmas break pretty much summed up 2007 for Apple: it seems that this year there were 234 highly critical vulnerabilities in Mac OS X or, more than 10 times the number discovered in Windows XP and Vista combined.
Was 2007 the year that Mac security died? The editor of ZDNet Australia has already covered his MacBook's iSight camera with electrical tape -- just in case.
Can you make any of these things better ?
can you even program. before you start insulting anything you should know how to better them. maybe you should work for MS or Adobe. i guess your to highly paid for them. get a life and stop talking ****