[ insider_reports_insider ]
Anti-Forensics Thwarts Investigations
David Utter
Staff Writer
2007-06-01
 Insider Reports RSS Feed
The bad guys who can do the most damage to a network aren't bashing their way through the front door, but slipping in with what look like legitimate deliveries. They are sticking around undetected as well.
 | | Anti-Forensics Thwarts Investigations |  |
Every administrator who has had to hear a network user complain about being banned from downloading certain files, like songs, will take some bitter comfort in the account of an unnamed aquarium's compromise.
CIO noted how an investigator was able to determine how and when a rootkit made its way onto a computer at the aquarium. It arrived hidden with a song, and installed a secure tunnel the attacker could use to access the network, getting root access as well.
The attacker stole credit card information for a couple of years from the aquarium. There is probably no chance the criminal will ever be identified, much less caught.
Anti-forensic tools keep investigators from learning who got into a system or how they got there. The massive TJX breach exposed 45 million credit card records. That breach likely remained undetected due to the use of anti-forensic technology.
Those tools have become more commonplace, just as tools for creating attacks have as well. For every TJX, there could be a lot more places that have been compromised and do not realize they are handing over sensitive information each day.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
