Navigation Links
Major Retailers Experience 161% Increase in Attempted Hacker Attacks, According to SecureWorks

ATLANTA, Dec. 4 /PRNewswire/ -- SecureWorks(R), a leading Security as a Service provider, reports they have seen a 161% increase in the number of attempted hacker attacks they are blocking for their retail clients. Attempted attacks increased from an average of 56,000 per client per month in the first six months of the year to 133,000 per client per month for the last five months. The attack statistics represent the attack activity for 36 major retail corporations located across the country.

SecureWorks' security researchers attribute the overall increase to a rise in attempted authentication attacks, SQL Injection attacks and network scans.

"We saw a large increase in hackers looking for open ports, as well as those trying to identify the applications and other services our retail clients were running," said Wayne Haber, director of architecture for SecureWorks. "An increase in network scans is often a red flag because many times it is followed by attacks specifically targeted at the organization's services," said Haber." "Attempted network scans against our retail clients increased 61% in 2008 going from an average of 56,000 per client per month in the first six months of the year to 90,000 per client per month in the last five months of the year," continued Haber.

The number of attempted authentication attacks -- attacks used to compromise user names and passwords -- increased steadily throughout the year, jumping from an average of 6,000 per client per month in the first six months of the year to an average of 34,000 per client per month in the last five months. The numbers continued to increase through the most recent month, November, where authentication attacks spiked to 137,000 per client per month. "It is not surprising that the attempts to steal customer credentials greatly increased just before the holiday shopping season. The November authentication attacks also followed a significant increase in network scanning in October where we blocked 202,000 network scans per client," said Haber.

"One of the methods used to bypass authentication are brute force attacks -- where hackers systematically try large numbers of username and/password combinations in order to gain access to the retail organizations," said Don Jackson, director of Threat Intelligence for SecureWorks. "Hackers know that if they can successfully steal customer usernames and passwords, they can get access to retail accounts to make fraudulent online purchases and redirect those purchases to mailing addresses of their choice," continued Jackson.

Attempted SQL injection attacks, a technique that exploits security vulnerabilities in Web applications by inserting malicious SQL code in Web requests, increased significantly in May for our retailers, going from an average of 20 per client per month to 237 per client per month. It then hit a peak in July with 17,000 attempted SQL Injection attacks per retail client and since November has dropped off to normal levels, averaging 18 per client per month.

"The abnormally high attack levels in July, August and September are a result of the rash of SQL Injection attacks we saw this year from a Chinese SQL injection tool and the Asprox trojan," said Jackson.

"In July, August and September, hackers used the Chinese SQL Injection tool and the Asprox trojan to launch thousands of SQL Injection attacks so as to build up their botnets," said Jackson. "With these attacks, they sought out websites that utilized active server pages linked to a Microsoft SQL Server backend and unfortunately a lot of retailers use this platform, thus they became a big target. Of course, this boded well for the hackers because if they could infect high trafficked sites then their chances of infecting large numbers of computers and turning them into bots would be much greater. The bots were then used to send phishing e-mails and launch additional SQL Injection attacks. For retailers, the danger of a SQL Injection attack is that if it is successful then the hacker can potentially gain administrator access to the affected server, thus opening up the entire customer database to the hacker, complete with the customers' account information which could include credit card data, bank account information, name, address, etc. Even worse, under some circumstances, once the hacker has successfully infiltrated the database server they can use it as a jumping off point to access the rest of the company's network," continued Jackson.

"With the holiday season upon us and shoppers flocking to the Internet to make gift purchases from the convenience of their computers, retail organizations and online shoppers should be aware of the threats and should employ protective measures," said Haber.

Security Tips for Online Retailers

Retail organizations should make sure their Web presence is secured against cyber attacks by employing a defense in depth strategy including:

-- Keeping all servers and workstations fully patched to protect against attacks targeted at the latest security vulnerabilities, especially Web application attacks such as SQL injection and cross site scripting.

-- Employing a default deny policy on firewalls at their network perimeters. This policy involves blocking all network traffic except traffic that is explicitly allowed.

-- Employing effective security practices on services requiring authentication, including password aging, password complexity, authentication delay and automatic lockout on repeated failed login attempts.

-- Employing intrusion prevention at the network perimeter to block attacks on key services accessible from the Internet including Web servers and mail servers, while allowing legitimate traffic to pass.

-- Monitoring servers and security devices 24x7x365 for security issues and requiring preventative actions to be taken on security threats in real time.

-- Regularly testing the organization's security posture via vulnerability scans and penetration tests.

Online consumers also need to take precautions, not only during the holiday season but whenever they are making online purchases. "E-commerce always increases around this time of the year, and with an increase in e-commerce comes an increase in criminal activity," said Jackson.

Security Tips for Online Consumers

Jackson recommends the following shopping tips for online consumers:

1. Be wary of holiday gift cards and holiday coupon offers sent via e-mail -- these often have malicious links within the offer which lead to downloads of info-stealing trojans or the hackers try to scam you out of your bank account information.

2. When visiting your favorite online retailer to purchase gifts, be sure to type the actual Web site address of the retailer into your browser. Do not follow links provided by e-mail offers or pop up ads. Many times these are fraudulent sites made to look like the legitimate retail sites.

3. When making online purchases, always use a credit card that limits your fraud liability. Avoid using debit cards to do online purchases when possible so as to limit your personal exposure to any possible fraudulent transactions.

4. When making online purchases, always look at your Web browser for the https (as opposed to http) protocol that proceeds a Web address. The "s" let's you know that the Web site is providing a layer of security for transmitting your personal information over the Internet.

5. Be wary of unsolicited e-mails, even from senders that you know, that include links or attachments. Before clicking on links or attachments, ALWAYS verify that the correspondent sent you the e-mail and enclosed link or attachment.

6. Be wary of e-mails notifying you that your banking certificate or token is out of date and to download a new certificate or token. Before taking any action, verify with your financial institution by calling them on a number that is not provided in the email.

7. Online computer users should avoid using weak or default passwords for any online site.

"We traditionally think of financial institutions as being the primary target of hacker attacks, but the fact is cyber-criminals are targeting other industries, like the billion-dollar retail industry, in order to get their hands on valuable personal data so they can reap the rewards from selling or using the data to commit fraud," Haber said.

About SecureWorks:

With over 2,000 clients, SecureWorks is one of the market's leading Security as a Service providers. Organizations are protected from external and internal cyber-threats through SecureWorks' On-Demand Security Information and Event Management (SIEM) platform, the SecureWorks Counter Threat Unit(SM) and three fully synchronous Security Operations Centers (SOCs) staffed with SANS GIAC certified analysts working 24x7 to safeguard client systems. SecureWorks has won SC Magazine's "Best Managed Security Service" award for 2006, 2007 & 2008 and has been named to the Inc. 500, Inc. 5000 and Deloitte lists of fastest-growing companies. .

SOURCE SecureWorks
Copyright©2008 PR Newswire.
All rights reserved

Related medicine news :

1. NUCRYST Receives Requisition to Call a Special Meeting of Shareholders From Majority Shareholder
2. Mini heart attacks lessen damage from major ones
3. Major North American breakthrough for dialysis patients
4. Labopharm to host webcast presentation on novel trazodone formulation for treatment of major depressive disorder
5. New Survey Shows Majority of Americans Need to Take Proper Steps to Manage Diabetes Risk
6. Hospital of the Future Report Urges Major Changes
7. America Reaches Major Anti-Smoking Milestone
8. Examines Major Medical Mistakes Called Never Events
9. Employers Want National Approach to Health Care—Still Believe Employer-Based System Works Best: New Survey Looks At Attitudes toward Health Care Reform and Major Health Care Issues.
10. Lilly Announces Major Donation of Insulin to International Diabetes Federations Life for a Child Program; Initial Focus Will Be on Sub-Saharan Africa
11. Major Mental Health Associations Join to Support Give an Hour
Post Your Comments:
(Date:6/25/2016)... Montreal, Canada (PRWEB) , ... June 25, 2016 , ... ... the pursuit of success. In terms of the latter, setting the bar too high ... low, risk more than just slow progress toward their goal. , Research from ...
(Date:6/24/2016)... ... June 24, 2016 , ... Those who have experienced ... feelings, many turn to unhealthy avenues, such as drug or alcohol abuse, as a ... has released tools for healthy coping following a traumatic event. , Trauma sufferers tend ...
(Date:6/24/2016)... ... ... a crisis. Her son James, eight, was out of control. Prone to extreme mood shifts ... upset him, he couldn’t control his emotions,” remembers Marcy. “If there was a knife ... and say he was going to kill them. If we were driving on the ...
(Date:6/24/2016)... (PRWEB) , ... June 24, 2016 , ... Global law ... magazine’s 2016 Legal Elite. The attorneys chosen by their peers for this recognition are ... , Seven Greenberg Traurig Shareholders received special honors as members of this year’s Legal ...
(Date:6/24/2016)... , ... June 24, 2016 , ... Comfort Keepers® of ... Cancer Society and the Road To Recovery® program to drive cancer patients to and ... other adults to ensure the highest quality of life and ongoing independence. Getting ...
Breaking Medicine News(10 mins):
(Date:6/23/2016)... 2016 Research and Markets has announced ... Forecast to 2022" report to their offering. ... the patients with kidney failure, it replaces the function of ... patient,s blood and thus the treatment helps to keep the ... balance. Increasing number of ESRD patients & ...
(Date:6/23/2016)... , June 23, 2016 Research ... "Pharmaceutical Excipients Market by Type (Organic Chemical (Sugar, Petrochemical, ... (Oral, Topical, Coating, Parenteral) - Global Forecast to 2021" ... The global pharmaceutical excipients market is ... a CAGR of 6.1% in the forecast period 2016 ...
(Date:6/23/2016)... June 23, 2016 Roche (SIX: RO, ROG; ... for its Elecsys BRAHMS PCT (procalcitonin) assay as a ... septic shock. With this clearance, Roche is the first ... integrated solution for sepsis risk assessment and management. ... infection and PCT levels in blood can aid clinicians ...
Breaking Medicine Technology: