CITI has implemented enhanced procedures to prevent a recurrence of this type of event," Citigroup spokesman, said in an emailed statement to Reuters. "For the security of these customers, we are not disclosing further details," the statement added. Hacking groups have really become a big headache not only for governments but also for corporate giants as well as media organizations. In December 2010, groups like Anonymous attacked the websites of Master Card and Paypal in retaliation of their decision to freeze the account of WikiLeaks. Sony's PlayStation Network was hacked in April and put offline due to a "compromise of personal information as a result of an illegal intrusion". At the time of the intrusion, the network consisted of "approximately 130 servers, 50 software programs and 77 million registered accounts. The attack is expected to cost Sony more than $170 million. The lack of cyber security has emboldened serious institutional cyber criminals to hack companies like Google and Lockheed Martin. In Google's case, the cyber attackers were able to gain access to personal information on Chinese political dissidents and presumably feed that information to the Chinese government. Lockheed Martin, one of the biggest defense contractors, detected a significant and tenacious attack on its information systems network on May 21. However, the company said no customer, program or employee personal data has been compromised. The websites of Public Broadcasting Service (PBS) has been hacked and hackers have also posted a hoax story claiming that rapper Tupac Shakur was still alive and living in New Zealand. Such hack attacks show the pervasive lack of preparedness against cyber attacks, so much so that a loosely-organized group of enthusiasts can deface and embarrass the largest corporations and media organizations in the world.

There were no indications Wednesday that the latest round of attacks would prompt any change in Google's operations in China. Nor was there evidence of Chinese government involvement, although some analysts speculated Chinese officials could be indirectly involved.
"We have more than 500 employees and hundreds of partners in China and we plan to continue to work there," Google said in a written statement provided to this newspaper. Google said the latest attacks, which gained access to an undisclosed number of accounts before they were detected, intended to spy on the private email conversations of U.S. and foreign government officials, political dissidents, journalists and others. The phishing campaign is being investigated by the FBI and other federal agencies.
"We are working with Google and other U.S. government agencies to review this matter further to identify the origin of this campaign and to see what information may have been compromised," the FBI said in a written statement released Wednesday. Neither Google nor an FBI spokeswoman would comment on which senior U.S. officials were targeted. Some of the same targets of last year's Gmail attacks may have been targeted again. Tenzin Seldon, a Stanford student and Tibetan activist, said she noticed that someone improperly commandeered her email account in March and managed to send messages under her name to other Tibetan leaders.
This particular attack used a method called "spear phishing," in which the attacker uses small bits of real information to trick someone into sharing access to their email account. In this case, government officials received a message in their personal Gmail account that appeared to come from the address of a close associate or collaborating government agency, according to an analysis cited by Google as one way it discovered the latest Chinese attacks.
The messages were crafted to appear as though they had an attachment with links such as "View Download" and a name of the supposed attachment. However, the bogus link led to a fake Gmail login page, which the cybercriminals used to obtain passwords. Google "did their own extensive investigation," said Mila Parkour, who wrote the malicious software analysis cited by Google. "The attack started probably a year before if not longer." Google said in a posting to its official blog Wednesday afternoon that it had detected and disrupted "this campaign to take users' passwords and monitor their emails," and had already "notified victims and secured their accounts," as well as alerting authorities. "The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords" to gain access to Gmail accounts, the company said in its post. Google said it was not accusing the Chinese government: "We can't say for sure who is responsible," a Google spokesman said. Last year's cyber attacks broke into Google's computer security infrastructure and resulted in the theft of the company's intellectual property, allowing the attackers to gain access to the Gmail accounts of Chinese activists in the U.S. and other countries.
According to an investigation by The New York Times, the attacks originated in several schools in Jinan province. That intrusion helped precipitate Google's decision that it would no longer comply with the Chinese government's rules that it censor politically sensitive results from its Internet search results. It moved its search service to Hong Kong. Chinese government officials have vehemently denied involvement in earlier attacks. Security experts who specialize in protection against cyber attacks that originate in other countries said that even though the latest attacks targeted political activists, it may be impossible to ever prove whether the Chinese government played any role in the latest attacks. In some cases, said Larry Ponemon of the Ponemon Institute, a Michigan-based computer security consulting company, the governments of China and other nations may shelter cybercriminals in exchange for the information they steal from U.S. networks or individual accounts. While many phishing campaigns target large groups in hopes of finding a few victims, these attacks targeted specific high-value targets.
"It could be a dark alliance where the syndicate is allowed to operate, reminiscent of the (historical) privateers that became pirates," Ponemon said. "China is pretty bold. They are actually educating people to be really good hackers, to be really good cybercriminals." Typically, Ponemon said, people may be slightly less guarded about their personal email accounts. "They are going after people of consequence whose information might be valuable. That's the scary part. " Parkour also believes it is likely the Chinese government was involved.
The same people "are after sensitive corporate, military and government data," she said in an email message. "They might be foreign government sponsored directly, on payroll, or indirectly, selling what they find to willing buyers."
Google on Wednesday urged its users to take safety precautions such as using its two-step verification feature for Gmail, and to use a password that they would not use for any other account but Gmail.

Facebook with around 12 million users in India has played host to a string of malicious attacks: The last minutes of Osama Bin Laden, What are you doing in this video?, You know who just got a new iPad2 for no cost, etc. These are just a few of the recent malicious campaigns that hit the Facebook walls. According to security experts, the reason for targeting Facebook is the burgeoning number of users, users age and their profile. Most spams or links have attractive headlines that make the user curious. Since Facebook does not provide a system to view the visitors of your profile, when an application appears on the Facebook wall its natural that you might click, says Vinoo Thomas, technical product manager, McAfee Labs. Apart from this, according to a report from Trend Micro, there was another attack on Facebook which claims to have the ability to verify the security of users accounts. It said, by clicking the link users can avoid Facebook spam. However, in reality, accessing the site is just another ploy to instigate the very same threat that the user wants to prevent. Most social networking sites have two basic application types: Social plug-ins that allow the integration of basic features onto any websites and canvas applications that interact with the profile and can send updated messages or open new pages. Another reason cited for increased attacks on Facebook is there easy access. Some of these applications can access public information, profile information, access posts in the newsfeed, access photos and videos, access data any time. Also, an application can request off-line access privileges from a user. If they are granted, the application can access the user information at any time, regardless of whether the user is actually interacting with the application or even logged into the social networking sites, Abhijit Limaye, Director, security response, Symantec said. Twitter is another social media platform that is becoming the tool for cyber criminals. Every tweet in Twitter is restricted to 148 characters and this is becoming an advantage for criminals. Twitter is becoming a mass-medium for information circulation and most posts in Twitter uses shortened Uniform Resource Locator (URLs). Cyber criminals use this embedded URL as an easy tool, they follow you and learn your interests and post attacks with similar topics and a shortened link of malicious content. These links can make your computer a botnet. Security experts recommend not to use unknown applications or URLs which can compromise your security. It is always better to take precautions than falling prey for somebody. Recently, leveraging on global events, criminals are making more attacks on the recent events and it is expected to grow. Experts says users has to be cautious as they become more curious for gathering information, as criminals are defining various ploys to steal information.