BreachExchange mailing list archives
Web Hosting Servers At Increased Risk of Attack by Hackers
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 31 Jan 2014 13:16:30 -0700
http://www.inquisitr.com/1115781/web-hosting-servers-at-increased-risk-of-attack-by-hackers/ There's a school of thought that malicious hackers go after the lowest hanging fruit -- the easiest target -- when they look for computers to commandeer for use in sophisticated attacks. For a long time, desktops were a prime target because their users are less likely to be savvy enough to recognize these attacks. The trend appears to be changing, however. According to reports<http://www.computerworld.com/s/article/9238712/Hackers_target_shared_Web_hosting_servers_for_mass_phishing_attacks>, the favored target is quickly becoming web-hosting servers, because they offer more bang for hackers' buck; one compromised server can infect thousands of web sites. These servers can, in turn, be used to deliver malware to people who visit the infected sites. Also, their vast amounts of bandwidth and processing power are used to launch denial-of-service attacks against businesses and governments. "Threat actors -- hacktivists, national state actors, and cyber criminals -- will continue to conduct land grabs for high-powered infrastructure and compute power in 2014," said J.D. Sherry<http://www.networkcomputing.com/next-generation-data-center/servers/cisco-security-report-internet-infrastru/240165453>, vice president of technology and solutions at Trend Micro. "Several reasons are in play for this. The first is there is still a tremendous amount of DDoS attacks against banks and other critical infrastructures. Having large amounts of processing power across many geos helps with this." How hackers are taking over servers The way these threat actors are able to control a server may sound simple. "They're installing malware to maintain control over resources," says Levi Gundert<http://www.networkworld.com/news/2014/011614-cisco-web-hosting-centers-277621.html?hpg1=bn>, Cisco technical lead for threat research, analysis, and communications. The malware can be installed a number of ways, but most commonly, organizations are compromised as a result of a spear-phishing campaign in which the victim opens a malicious email that gives the attacker a foothold in the network. From there, invaders are able to escalate their attack to obtain control eventually over the servers themselves. Not all hosts are equally vulnerable While no web hosting firm can claim to be 100 percent protected against malicious attacks, some firms are making a more concerted effort to protect themselves and the sites they host. Social media sites and company blogs are a rapidly-growing channel to communicate to customers<http://www.linkedin.com/company/hostgator.com> ways to help prevent such attacks, such as keeping WordPress installations up-to-date. With the rising popularity of WordPress as a CMS, other firms are taking it a step further, configuring their WordPress-specific clients<http://www.hostgator.com/apps/wordpress-hosting> to automatically update WordPress immediately whenever new updates are released. Customers looking for a secure web hosting provider should only consider firms that keep updated technical controls in place, including firewalls, intrusion detection and prevention, anti-virus, and network monitoring. Firms that fail to consistently and frequently update server operating systems, and essential security patches are at increased risk<http://technet.microsoft.com/en-us/library/cc723503.aspx>. Furthermore, servers that are not up-to-date and not running updated antivirus software are specifically at risk. Conclusion In response to these heightened security concerns, many firms are introducing clearly visible policies that dictate how quickly customers are informed of a potential breach, allowing customers to implement measures to halt any successful breaches. Such policies are important indicators of the level of security offered by firms throughout the industry. While hackers and anti-hackers have always played a game of cat-and-mouse, attacks have historically been targeted at individual consumers. Now, the pressure is on for web hosting firms. While this trend means more work for web hosts, it also means better security measures for consumers. Let's hope the good guys win this round.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Web Hosting Servers At Increased Risk of Attack by Hackers Audrey McNeil (Feb 04)