Lieberman Software says chemical company hacker attacks could have been prevented
London - 3 November 2011
Commenting on reports from Symantec that hackers targeted nearly 30 companies in the chemical industry this summer with the intent of stealing sensitive IP (intellectual property), Lieberman Software says that this latest cyber crime wave cries out for privileged identity management technology.
According to Philip Lieberman, President and Chief Executive Officer of the identity management specialist, while Digital Rights Management (DRM) is often proposed as a panacea for IP security, the reality is that the types of attacks identified in Symantec's research use a ‘spear phishing’ methodology that carefully targets the email recipient and fools them into compromising their IDs and passwords.
“Spear phishing pierces DRM systems like a hot knife cutting through butter. Privileged identity management, on the other hand, limits the damage that compromised account credentials can cause, and can actually stop hackers from gaining access to private data following a security breach,” he said.
“The fact that these firms include Fortune 100 companies that undoubtedly have experienced IT security professionals working for them - and yet they were still victimized by hackers - tells us that sophisticated cyber attacks stand a good chance of getting through the defences that large corporations have in place,” he added.
Against this backdrop, the Lieberman Software president went on to say, privileged identity management controls can act as a last line of defence against hackers gaining access to administrator level accounts, preventing the intruders from effectively gaining full control over an organisation's IT resources.
Put simply, he explained, with a privileged identity management system in place, should hackers ever gain access to one of more user accounts, the intruders will only have limited, localized rights and will encounter cryptographically complex administrative passwords that are impractical to crack with today's technology.
“The fact that these victim organizations are developing new materials for military vehicles, advanced manufacturing infrastructure, and other strategic technologies is very worrying, as it means that there may be more than a simple economic crime perpetrated here,” said Lieberman. He added that these attacks are also interesting as they reportedly used a backdoor Trojan called Poison Ivy.
“Poison Ivy uses distant command-and-control servers to gain remote control over compromised systems, which suggests to me a degree of professionalism amongst the hackers. It seems like this should be clear wake-up call to organisations that fail to secure their privileged identities.”