Over the past four months, many of the Western world’s largest banking institution websites have been under attack by a well-organized and funded cyber “brigade” that is allegedly part of the US-branded terrorist group “Izz ad-Din al-Qassam” – the military arm of Hamas. Aside from the publicly-stated political agenda motivating the attacks, little else was known about how the attacks were being carried out. Security analysts believed that rather than using large numbers of zombified consumer computers, this series of attacks were actually being powered by a smaller number of more-powerful webservers.
Security firm Incapsula confirmed this theory after recently discovering that a single UK webserver was behind a most recent attack on PNC, HSBC and Fifth Third banking websites. The server had been compromised with a simple backdoor program that allowed a remote operator to launch DDoS-style attacks using a simple, light-weight interface that may have been operating for months unbeknownst to the host or the server’s legitimate admin. Even though it was a single, relatively small server, it was capable of crippling websites of major financial institutions.
What this means for you:
The server in question wasn’t compromised using some sophisticated exploit, brute force attack or clever social engineering. According to Incapsula, the server was using an easily guessable admin password that resulted in an effortless and undetectable security breach. As consumer technology has become more accessible, so have server-class platforms that can be rented out by anyone with a credit card, and typically can be set up in minutes with only a rudimentary knowledge of server administration. This results in situations that look a lot like handing a powerful weapon to someone who has only been given very basic instructions on which end to hold and which end to point at the target. However, in the hands of a skilled hacker, a small “team” of compromised webservers is the equivalent of having a small special forces team operating behind enemy lines. Bottom line – if you have servers in your technology portfolio that aren’t being managed properly, your own technology might be waging an invisible war right under your nose.
Image courtesy of “renjith krishnan” / FreeDigitalPhotos.net
Several prominent multinational banks suffered website and online banking service disruptions over the previous two weeks as the result of focused and highly sophisticated cyber attacks. Apparently led by Middle-Eastern “Hackivists” groups in response to the “Innocence of Muslims” YouTube video controversy, researchers have indicated that unlike attacks seen in previous years, this series of attacks were well planned, highly organized and of sufficient force to have even taken down hardened and secure telecom companies who are well-versed in handling the Denial of Service attacks that are typically experienced. In these most recent attacks, the hacktivists used zombified user PC’s as well as thousands of compromised webservers to shut down bank websites for hours, and sometimes days at a time.
What this means for you:
Zombified PC’s are no good to their handlers if they are detected and sanitized before they can be “rented” out, and as such, the most effective malware infection is often one that exists quietly on your technology until it is called into service. Obviously, this could result in your computers or servers, previously well-behaved and performing normally, suddenly acting up and running slowly, usually at the most inconvenient time for you and your business. Always make sure your anti-malware software is installed, updated and working properly.
Keep in mind that it’s even possible for website engines to become compromised and used as a zombie. Unless you tend to your site regularly, it’s possible for it to become compromised without you even noticing – that is until a customer visits your website, notices something wrong, and takes the time to report it to you instead of moving on to something else. Not sure if your computers or servers are secure? Give C2 a call and let us put your mind (and business) at ease!
Image courtesy of Stuart Miles / FreeDigitalPhotos.net