Alte Landstrasse 27
85521 Ottobrunn, de
+44 (20) 7183-2833
Finjan says controlled access Web portals now prime target of cybercriminals
"As we identified back in May of last year (http://preview.tinyurl.com/ykml7ef) - when our researchers discovered a Crimeserver containing more than 1.4 gigs of data on individual and business credentials - data that can be assembled for user in identity theft kits has been right up there on cybercriminals shopping lists for some time," said Yuval Ben Itzhak, Finjan's chief technology officer.
"Although top Web sites have been - and continue to be - targeted by cybercriminals, those sites that store identity information will continue to a primary target, especially now that criminal hackers are being affected by the economic situation we all find ourselves in," he added.
And with the holiday season now starting in earnest, he went on to say, IT managers will be under immense pressure to maintain the status quo on their security, so it is important that managers make full use of the automated technology at their fingertips to help stop hacker incursions into their site data.
Securing Web applications using web application firewalls and securing the backend database using database security tools, he explained, are a logical course of preparing to defend those IT resources that contain personal and business data.
But, he went on to say, security vendors have reported on additional attack vectors such as the theft of administrator FTP server credentials, which are then later used by cybercriminals to penetrate even more highly secure Web sites.
"Usually, cybercriminals are using this type of stolen data to create fake identities, as well as generating spam plus phishing attacks, as well as many other scams," he said.
"Auctioning stolen identity information is another technique that our researchers have spotted. It's also worth noting that Guardian portal is not alone in being attacked by cybercriminals, as other US job sites have also been hit using this hacker methodology," he added.
For more on the Guardian Web site attack: http://preview.tinyurl.com/yfsttak
For more on Finjan: http://www.finjan.com
Finjan MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.
The use of information published here for personal information and editorial processing is generally free of charge. Please clarify any copyright issues with the stated publisher before further use. In the event of publication, please send a specimen copy to email@example.com.