As attacks on corporate networks continue to escalate, we are seeing more and more instances of very sophisticated intrusions. The recent discovery of the breach of the U.S. Chamber of Commerce illustrates that these types of attacks will continue to progress in both their frequency and sophistication.
It is being reported that the U.S. Chamber might not have been the ultimate target but instead was potentially being used as a gateway to the networks of its members.
What are you doing to protect your networks? What are your trusted business partners doing?
Here is more on the U.S. Chamber of Commerce attack as reported at TechTarget.com:
Spear phishing attacks likely key in U.S. Chamber of Commerce breach, experts say
Robert Westervelt, News Director
Published: 21 Dec 2011A targeted attack responsible for the U.S. Chamber of Commerce breach, exploited serious weaknesses in the lobbying group’s security defenses, according to security experts, and could have been a staging ground for attacks on Chamber member organizations.
Investigators have not determined how attackers infiltrated the U.S. Chamber of Commerce, but once in, the attackers stealthily targeted approximately four people involved in the Chamber’s Asian policy affairs, according to a report in the Washington Post. Experts said that while it’s unclear if spear phishing attacks were involved, they have become the modus operandi of many of the most sophisticated attacks, enabling cybercriminals to gain the initial foothold in an organization’s systems.
“Years ago we used to say people got in through server vulnerabilities, but if we look back at this year of Microsoft vulnerabilities, we see a high majority of them we would classify as client-side bugs,” said Andrew Storms, director of security operations at San Francisco-based vulnerability management vendor nCircle. “Many of these attacks require the user to take some action, but they’re taking advantage of a piece of software that is otherwise silent but the user has activated it.”
The organization learned of the attack from the FBI, and an independent team of forensics investigators said the Chamber’s systems were compromised between November 2009 and May of 2010, though investigators said the attackers may have had network access for more than a year.
You can read the entire TechTarget article here.