Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Cyber Criminals targeting controlled access sites

Finjan Software : 27 October, 2009  (Technical Article)
Identity credentials are the emerging target for criminals seeking to obtain and market identity information harvested from web sites that require user data to be entered
Newsletter featured story - sign up for our free weekly editorial newsletter here

As news of the Guardian web site hack broke on Sunday, Finjan, the business Internet security specialist, said that identity information on consumers and companies continues to be a prime target for criminal hackers.

'As we identified back in May of last year when our researchers discovered a Crimeserver containing more than 1.4 gigs of data on individual and business credentials, data that can be assembled for a user in identity theft kits has been right up there on cybercriminals shopping lists for some time,' said Yuval Ben Itzhak, Finjan's chief technology officer.

'Although top Web sites have been - and continue to be - targeted by cybercriminals, those sites that store identity information will continue to a primary target, especially now that criminal hackers are being affected by the economic situation we all find ourselves in,' he added.

And with the holiday season now starting in earnest, he went on to say, IT managers will be under immense pressure to maintain the status quo on their security, so it is important that managers make full use of the automated technology at their fingertips to help stop hacker incursions into their site data.

Securing Web applications using web application firewalls and securing the backend database using database security tools, he explained, are a logical course of preparing to defend those IT resources that contain personal and business data.

But, he went on to say, security vendors have reported on additional attack vectors such as the theft of administrator FTP server credentials, which are then later used by cybercriminals to penetrate even more highly secure Web sites.

'Usually, cybercriminals are using this type of stolen data to create fake identities, as well as generating spam plus phishing attacks, as well as many other scams,' he said.

'Auctioning stolen identity information is another technique that our researchers have spotted. It's also worth noting that Guardian portal is not alone in being attacked by cybercriminals, as other US job sites have also been hit using this hacker methodology,' he added.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo