(Ping! Zine Web Tech Magazine) – The recent cyber attacks of two popular sites, Snapchat and Skype, can be seen as a valuable lesson to companies.
According to a report from PCWorld, senior security engineer for Security Innovation, Zak Dehlwai, stated that Snapchat’s recent exploits were due to errors in its use of key management and cryptography in which third-party code audits were not used.
”Companies should also ensure that their back end APIs (application programming interfaces) are secure by undergoing third-party security audits and following strict coding guidelines.”
Generally, back end applications are overlooked because developers believe it is not as vulnerable to attacks as the front end is.
Regarding the credential theft of Skype’s Twitter account, Wolfgang Kandek, chief technology officer for Qualys, offered some advice to companies, “Having two-factor authentication in place might have prevented the hackers from accessing the accounts on computers not recognized by the sites.”
“Security breaches are inevitable for most organizations, so the strongest defense is to follow best practices and security standards relevant to the business,” stated Larry Slobodzian, senior solutions engineer for LockPath.
On Tuesday, 4.6 million Snapchat users names and phone numbers were posted online revealing the vulnerability issues within the popular photo-sharing app.
The Syrian Electronic Army hacked into Skype’s Twitter, Facebook, and blog account and posted a message to users warning them of Microsoft’s email services in which is used to “spy” on its customers.