• It’s Dangerous Out There! Website Security Trends

    Website security has become a continuous do-loop of attackers exploiting vulnerabilities in software of ever-increasing complexity and software engineers developing new defenses and patches. It’s almost impossible to keep up with the cat-and-mouse game, but the United States Computer Emergency Readiness Team (US-CERT) tries to do just that through alerts and a blog of high impact security incidents. Here’s a quick summary of some recent incidents you’ll find on their website.

    DC Radio and News Sites Attacked

    In early May 2013, attackers took advantage of multiple vulnerabilities in Adobe Reader, Adobe Acrobat, and Oracle Java 7 to compromise the websites of WTOP Radio and Federal News Radio. The attacks appeared to be financial in nature. The exploit delivered a variant of the “ZeroAccess Trojan,” which, according to Symantec, downloads an application to the compromised computer that conducts “click fraud” by clicking on “pay per click” advertising. The exploit also delivered fake anti-virus software, FakeAV/Kazy, which tries to lure the user of a compromised machine into paying for non-existent software. Adobe has provided updates and Oracle has released a security alert to address the threat. This was not the first malware attack on media organizations — for example, the New York Times and Fox News have been hacked as well. In fact, all types of enterprises are vulnerable, as demonstrated by other recent attacks in the financial and defense sectors.

    Updates for Multiple Vulnerabilities in Microsoft Products

    Microsoft releases monthly security bulletins that summarize various vulnerabilities found in their software. The May update identified 10 vulnerabilities alone, bringing the 2013 total to 46. Multiple private users reported these vulnerabilities to Microsoft; affected applications include Windows, Internet Explorer, .NET Framework, Lync, Office, and Windows Essentials. The Microsoft Security Bulletin provides detailed information on these vulnerabilities. For example, the most serious vulnerability involves luring a user to a rogue webpage that then gains control of the user’s computer. This vulnerability could be particularly dangerous if a user has administrative user rights on a large system. A less-serious vulnerability involves an attacker sending a rogue HTTP packet to an affected system and causing a denial of service.

    South Korean Malware Attack

    In March 2013, South Korean computers were attacked with malware since named “DarkSeoul.” Although the malware was specifically targeted against South Korean computers, there are still good lessons to be learned. The malware wiped the master boot record and other files from affected computers, was effective against multiple operating systems and, despite being relatively unsophisticated, created high damage.

    Protecting Yourself from Vulnerabilities & Malware

    In addition to maintaining awareness of current vulnerabilities by periodically checking the US-CERT website, here are some basics from US-CERT for protecting yourself from the bad guys:

    • Install good anti-Virus software, including Microsoft Security Essentials if you run Microsoft products.
    • Run a reliable website malware scanning and removal tool that regularly checks your website for malware and hacker attacks
    • Have a response plan in the event your computers are compromised.
    • Transfer files critical to your business to centralized backup systems.
    • Conduct daily backups of critical files and maintain offsite copies of backups.
    • Disable operating system and application features you don’t need to reduce vulnerabilities.
    • Be cautious about what websites you and your employees visit.
    • Use strong passwords on all your accounts and require users of your website to also have strong passwords.

    In addition to the above, your website needs StopTheHacker! You always want to make a great first impression, so in addition to scanning for malware every day, why not also use SaveTheHacker’s Webface Defacement Detection to scan your wesbsite’s face to the world every day? Get some peace of mind today.