Sections Syndication |
Newsletter| Subscribe to newsletter: |
|
|
Assault of the HackersSpead the word... Jun 21,2007 by shab 
SINCE hanging out a shingle six years ago, Stonebridge Bank, a 50-employee Internet bank in West Chester, Pa., has built up 0 million in assets, virtually from scratch, by managing deposits for Pennsylvania families and lending to small businesses. Its success has also made Stonebridge a tempting target for cybercriminals, who according to the bank make about 100,000 assaults on its Web site each day. Skip to next paragraph Peter DaSilva for The New York Times
George A. Rapp, the bank’s director of information systems and a senior vice president, said that a quarter of its 0,000 information technology budget and a third of his staff’s time was spent on security-related computers and software and performing security audits. Even so, a glance at his PC revealed yet another attempt, he said, to pilfer customers’ account numbers. He would not say whether any hackers had succeeded in breaking into his databases. “We are getting attacked heavily,” he said. “We assume, every single day, someone’s going to break in successfully.” The company monitors customers’ accounts for suspicious payments, sets up procedures for preserving digital evidence and contacts the F.B.I. in the event of a break-in. Such is life online for a small company trying to stay a step ahead of hackers who are professional, organized and motivated by money rather than fame. Just staying safe can be expensive, and a breach can threaten a small business’s existence. The problem is worse for small retailers and mom-and-pop shops with e-commerce sites, which often cannot afford full-time technical staff or corporate controls. Small retailers are among the lowest spenders on computer security, along with farms and mining companies, said Steve Quane, a general manager at Trend Micro, a computer security company that has surveyed the cybersecurity of several thousand small and midsize companies since 2005. Web-based programs, including some that support e-commerce sites and blogs, accounted for more than two-thirds of the exploitable vulnerabilities that came to light during the first half of 2006, according to a report by Symantec, a maker of security software. Hackers attempted 33 million attacks each day worldwide during those six months, and the number of new vulnerabilities rose 20 percent compared with 2005. “We are seeing a lot of small-business cases,” said Mark Culp, a supervisory special agent at the F.B.I.’s cyberdivision in Washington. “The No. 1 motive for these attacks right now is financial.” The goal of the latest hacking wave is to break into computers that house e-commerce sites in search of credit-card information or lists of customers’ names, account numbers and log-in information. This data is either sold to other criminals or used to withdraw money or buy goods on the spot. In some cases, the crooks are current or former employees of the company, or they are competitors trying to knock a site offline or hold data for ransom. Mr. Culp said that hacking was more sophisticated and harder to detect than a few years ago. And obscurity is no safety guarantee for small businesses. “If the hackers think you have credit card numbers they can sell or use, they’re going to target your Web site,” he said. “That information should be encrypted. If companies aren’t doing that, they’re asking for trouble these days.” Given the array of nasty behavior online, what’s a small-business owner to do? The first thing, security experts said, is to pass credit-card data directly to a processing company rather than storing it on company servers, which attract hackers. Mr. Culp of the F.B.I. said that another imperative was to install firewall software on each computer, and keep PCs’ antivirus software current. Companies with wireless networks should use the latest wireless data encryption standard, called Wi-Fi Protected Access. And employees should have access only to the systems they need to do their jobs, and follow clear policies about not downloading suspicious e-mail attachments and free software. New forms of online danger for small companies continue to emerge. On the rise this winter are e-mail- and Web-borne attacks using software that lodges itself on small-businesses’ networks, then scouts for Microsoft Word and Access database files, said Gunter Ollmann, director of security strategy at Internet Security Systems at I.B.M. When it finds them, the software can encrypt those files and direct the victim to a Web site where hackers demand payment to unlock them. “There’s a high scare value to this,” Mr. Ollmann said. Yuval Ben-Itzhak, the chief technology officer at Finjan, whose security software is used by Delta Air Lines and the Walt Disney Company, and whose technology is licensed by Microsoft, predicted there would be an outbreak of infections aided by new encryption technology that can elude traditional antivirus software. Attacks on small businesses represent less than 1 percent of the hacking that targets a specific industry, Symantec said. But “the impact on small and medium business tends to be more dramatic,” said Alfred Huger, senior director of engineering at Symantec. Small businesses often outsource the development and maintenance of their Web sites to small consulting shops, which can be lax with security. 1 2 Next Page »More Topics: Inventory Software, Invoice Template, Inventory Control Software Free ... Inventory software for small and medium sized enterprises. ... Inventory Software. Shareware Downloads. Mp3 to CD. CD Ripper. Shareware Center. Cheap FFXI Gil ... 741 times read
|
|||
|
Did you enjoy this article?
(total 0 votes)
|
||
Comments (0 posted)
