Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT

Is Your Webserver a Double-agent?

  • 0
admin
Tuesday, 08 January 2013 / Published in Woo on Tech
Rogue Server

Over the past four months, many of the Western world’s largest banking institution websites have been under attack by a well-organized and funded cyber “brigade” that is allegedly part of the US-branded terrorist group “Izz ad-Din al-Qassam” – the military arm of Hamas. Aside from the publicly-stated political agenda motivating the attacks, little else was known about how the attacks were being carried out. Security analysts believed that rather than using large numbers of zombified consumer computers, this series of attacks were actually being powered by a smaller number of more-powerful webservers.

Security firm Incapsula confirmed this theory after recently discovering that a single UK webserver was behind a most recent attack on PNC, HSBC and Fifth Third banking websites. The server had been compromised with a simple backdoor program that allowed a remote operator to launch DDoS-style attacks using a simple, light-weight interface that may have been operating for months unbeknownst to the host or the server’s legitimate admin. Even though it was a single, relatively small server, it was capable of crippling websites of major financial institutions.

What this means for you:

The server in question wasn’t compromised using some sophisticated exploit, brute force attack or clever social engineering. According to Incapsula, the server was using an easily guessable admin password that resulted in an effortless and undetectable security breach. As consumer technology has become more accessible, so have server-class platforms that can be rented out by anyone with a credit card, and typically can be set up in minutes with only a rudimentary knowledge of server administration. This results in situations that look a lot like handing a powerful weapon to someone who has only been given very basic instructions on which end to hold and which end to point at the target. However, in the hands of a skilled hacker, a small “team” of compromised webservers is the equivalent of having a small special forces team operating behind enemy lines. Bottom line – if you have servers in your technology portfolio that aren’t being managed properly, your own technology might be waging an invisible war right under your nose.

Image courtesy of “renjith krishnan” / FreeDigitalPhotos.net

backdoorbankingcyber attackexploitfinancial institutionssecuritywebsite servers

Recent Posts

  • ID-10067190.jpg

    Don’t expect Facebook to honor your privacy

    As someone who is beyond jaded by social media ...
  • Working from Home is great. Or is it?

    Social media is literally ablaze with heated di...
  • Should you flag a number as “spam”?

    It happens to all of us. You are elbow deep in ...
  • Honda Hacked

    Honda key fobs vulnerable to hack

    If you are a long-time reader of this blog, you...
  • Gmail security change creates unintentional headaches for businesses

    You may not realize it, but your organization i...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP