Over 88,000 FTP login user IDs and passwords, including those of security firms Symantec and McAfee were recently stolen by a Trojan. This new attack shows that the security of enterprises’ FTP servers are often greatly overlooked and neglectedThese kind of attacks are usually done when hackers first infect popular Web sites that in turn infect unsuspecting visitors whose computers download the Trojan. Those infected PCs could belong to a Web developer that works with a large enterprise and regularly accesses the secure FTP server, said Brian O’Higgins, a Toronto-based independent security consultant.“The hacker's goal is to infect people no matter who they are and then harvest any stored FTP credentials that are on their systems,” added Erasmus.
The fact that hackers are constantly moving their operations elsewhere to avoid law enforcement who are attempting to take down the servers dosen't help either, said Erasmus. “And it’s just like a cycle that keeps on going-- a bit like a cat-and-mouse game,” he said.
Erasmus suggests that organizations use different types of clients and move to a secure FTP structure that uses much stronger encryption.
As for the people that should be involved in securing FTP servers, Kenney said it’s no longer just for security professionals. Quite often when FTP servers have been secured, things like guaranteed delivery and ensuring SLAs (service level agreements) are met become additional requirements, making it a risk and compliance issue, he said.
“The more you start to think about having visibility and control into the file transfers that are really happening, you start to work up the trail eventually until you get to the CIO,” said Kenney.
0 comments:
Post a Comment