Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hackers steal FTP passwords of Symantec, McAfee and others

Add to del.icio.us     Digg this story Digg this

July 9, 2009

Over 88,000 FTP login user IDs and passwords, including those of security firms Symantec and McAfee were recently stolen by a Trojan. This new attack shows that the security of enterprises’ FTP servers are often greatly overlooked and neglected.

An actual revelation of a cache of FTP credentials stolen by hackers from big name Internet security companies greatly underscores the importance of carefully securing data during file transfers and other various file movement from one server or from one computer to the next.

Worse, the stolen FTP credentials also belonged to huge companies that also included Bank of America, Amazon and even Cisco Systems.

Overall, there are many companies and organizations that actually think they have done their best at securing data to be transferred over to outside of their control, but the reality is, security isn't the only requirement when it comes to FTP, said Frank Kenney, research director with Stamford, Conn.-based research firm Gartner Inc.

For example, innovation in IT infrastructure may allow companies like Amazon to offer services like real-time access to information on products, shipping and payment transactions, but Kenney said, this all boils down to transferring large files of data on a daily basis.

“We are moving large amounts of files to and from our partners internally and externally, and the level of security being used isn't quite what it should be,” said Kenney.

He added “we certainly don't spend enough time on the soft side of file transfer. Most companies are not thinking at that level. Many people are still not taking the whole matter as seriously as they should, and that's exactly where the problem lies."

These kind of attacks are usually done when hackers first infect popular Web sites that in turn infect unsuspecting visitors whose computers download the Trojan. Those infected PCs could belong to a Web developer that works with a large enterprise and regularly accesses the secure FTP server, said Brian O’Higgins, a Toronto-based independent security consultant.

O’Higgins explained that the developer’s infected computer will harvest login credentials for the FTP server, whereupon “the bad guys log onto the server and use those credentials to install yet another virus or malware entry point.”

The victimized security companies, Symantec and McAfee, whose FTP credentials were stolen likely work with many industry partners and resellers who access their FTP servers, and that isn't a very good idea, said O’Higgins.

Also, SSL (Secure Sockets Layer) encryption isn't adequate either for securing file transfers, said O’Higgins. “SSL does virtually zero for you in this case. That might be a little surprising for people,” he said.

While the risk to enterprises depends on the kind of data stored on FTP servers, it could nonetheless be a very likely scenario, said Jacques Erasmus, director of research with Prevx, a large U.K.-based Internet security company.

“The hacker's goal is to infect people no matter who they are and then harvest any stored FTP credentials that are on their systems,” added Erasmus.

The fact that hackers are constantly moving their operations elsewhere to avoid law enforcement who are attempting to take down the servers dosen't help either, said Erasmus. “And it’s just like a cycle that keeps on going-- a bit like a cat-and-mouse game,” he said.

Erasmus suggests that organizations use different types of clients and move to a secure FTP structure that uses much stronger encryption.

As for the people that should be involved in securing FTP servers, Kenney said it’s no longer just for security professionals. Quite often when FTP servers have been secured, things like guaranteed delivery and ensuring SLAs (service level agreements) are met become additional requirements, making it a risk and compliance issue, he said.

“The more you start to think about having visibility and control into the file transfers that are really happening, you start to work up the trail eventually until you get to the CIO,” said Kenney.

Add to del.icio.us     Digg this story Digg this

Source: Gartner Inc.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.


The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.