A demonstration hosted by Deloitte highlighted how simple it is for a company Intranet and cellular phones to be hacked.
Nithan Naidoo, consultant: security services group at Deloitte, conducted the demonstration. By causing a run-time error or buffer overrun error to occur at the login screen, valuable data about the application is displayed, such as that it is based on an SQL database.
Using code relating to the application (in this case SQL) at the login screen allows the hacker to log on to the system, giving him access to company information. "Developers don`t code with security in mind," Naidoo said.
He also demonstrated how Bluetooth-enabled cellphones can be hacked. Naidoo expressed concern about the number of shopping centres employing Bluetooth marketing and encouraging shoppers to turn their Bluetooth feature on.
"Once your phone is accessed, not only can your data be stolen, but the hacker can use your number for impersonation attacks," he explained.
Chris Budnik, director of security services at Deloitte, explained that information today is almost entirely processed, stored or transmitted by electronic means and this makes access to it easier than ever before.
Budnik suggests that personal responsibility must be taken to educate oneself and to read manuals and understand the features of the devices we use.
"Don`t get caught up in the 'feature trap`," he warned. "If you don`t need it, don`t buy it, use it or switch it on."
Related story:
Mobile driving security threats
Share
