Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 08 January 2013 / Published in Woo on Tech

Is Your Webserver a Double-agent?

Rogue Server

Over the past four months, many of the Western world’s largest banking institution websites have been under attack by a well-organized and funded cyber “brigade” that is allegedly part of the US-branded terrorist group “Izz ad-Din al-Qassam” – the military arm of Hamas. Aside from the publicly-stated political agenda motivating the attacks, little else was known about how the attacks were being carried out. Security analysts believed that rather than using large numbers of zombified consumer computers, this series of attacks were actually being powered by a smaller number of more-powerful webservers.

Security firm Incapsula confirmed this theory after recently discovering that a single UK webserver was behind a most recent attack on PNC, HSBC and Fifth Third banking websites. The server had been compromised with a simple backdoor program that allowed a remote operator to launch DDoS-style attacks using a simple, light-weight interface that may have been operating for months unbeknownst to the host or the server’s legitimate admin. Even though it was a single, relatively small server, it was capable of crippling websites of major financial institutions.

What this means for you:

The server in question wasn’t compromised using some sophisticated exploit, brute force attack or clever social engineering. According to Incapsula, the server was using an easily guessable admin password that resulted in an effortless and undetectable security breach. As consumer technology has become more accessible, so have server-class platforms that can be rented out by anyone with a credit card, and typically can be set up in minutes with only a rudimentary knowledge of server administration. This results in situations that look a lot like handing a powerful weapon to someone who has only been given very basic instructions on which end to hold and which end to point at the target. However, in the hands of a skilled hacker, a small “team” of compromised webservers is the equivalent of having a small special forces team operating behind enemy lines. Bottom line – if you have servers in your technology portfolio that aren’t being managed properly, your own technology might be waging an invisible war right under your nose.

Image courtesy of “renjith krishnan” / FreeDigitalPhotos.net

  • Tweet
Tagged under: backdoor, banking, cyber attack, exploit, financial institutions, security, website servers

What you can read next

Time for caution!
We are Our Own Worst Enemy
Java logo
Update Java but skip the shovelware
A Hidden War is Being Fought Among the Internet of Things

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • The invisible algorithm bubble

    Most of you have known about this aspect of Int...
  • Security is about to get even more complicated

    We’ve discussed in previous blogs how tec...
  • RIP Skype

    Two years ago, in 2023, Microsoft announced tha...
  • Make a list, check it twice!

    Get ready to show your work

    I’m sure it’s still a thing for stu...
  • Windows 10 Countdown

    As of now, Microsoft seems to be holding fast t...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP