[iwar] [fc:FBI.Warns.E-Commerce.Sites.Of.Insecure.Partners]

• Next message: Fred Cohen: "[iwar] [fc:Terrorists.did.not.use.high-tech.steganography.-.just.code.words...]"
• Previous message: Fred Cohen: "[iwar] [fc:Keeping.your.computer.secure]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Return-Path: <sentto-279987-2790-1002585752-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 08 Oct 2001 17:06:08 -0700 (PDT)
Received: (qmail 11497 invoked by uid 510); 9 Oct 2001 00:05:12 -0000
Received: from n12.groups.yahoo.com (216.115.96.62) by 204.181.12.215 with SMTP; 9 Oct 2001 00:05:12 -0000
X-eGroups-Return: sentto-279987-2790-1002585752-fc=all.net@returns.onelist.com
Received: from [10.1.1.221] by n12.groups.yahoo.com with NNFMP; 09 Oct 2001 00:05:17 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_4_1); 9 Oct 2001 00:02:32 -0000
Received: (qmail 16321 invoked from network); 9 Oct 2001 00:02:09 -0000
Received: from unknown (10.1.10.27) by 10.1.1.221 with QMQP; 9 Oct 2001 00:02:09 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 9 Oct 2001 00:04:53 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id RAA16372 for iwar@onelist.com; Mon, 8 Oct 2001 17:04:53 -0700
Message-Id: <200110090004.RAA16372@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 8 Oct 2001 17:04:53 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:FBI.Warns.E-Commerce.Sites.Of.Insecure.Partners]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

FBI Warns E-Commerce Sites Of Insecure Partners 
By Brian McWilliams, Newsbytes, 10/8/2001
<a href="http://www.newsbytes.com/news/01/170906.html">http://www.newsbytes.com/news/01/170906.html>

The FBI's computer security center said hackers continue to target
e-commerce sites, and third-party service providers are the weak link. 
The National Infrastructure Protection Center (NIPC) issued an advisory
Friday warning that computer criminals are specifically targeting
"several third-party service providers" that employ weak security
practices. 

According to NIPC, attackers are targeting partners of e-commerce and
e-banking firms in order to gain access to the "proprietary information"
contained at the sites. 

The advisory did not specifically name the service providers that are
being exploited.  Officials from the FBI were not immediately available
for comment. 

The FBI warning corroborates the experience of private-sector computer
security practitioners. 

As e-commerce firms increasingly link up electronically, many are
finding that their security is only as strong as that of their
suppliers, according to Greg Shipley, chief technology officer for
Neohapsis, an information security consulting firm. 

"Companies need to treat their partners' networks as hostile entities
and firewall them off.  Otherwise, partners could serve as a launch pad
for attacks that would fly in under your security radar," said Shipley. 
Such vulnerable partners could include a wide range of companies, from
data providers and credit-card processors to application service
providers, said Shipley. 

According to the FBI advisory, computer criminals are often targeting
systems running outdated versions of Microsoft's Internet Information
Server (IIS) software.  The agency said attackers are using a bug known
as the Unicode vulnerability to gain access to e-commerce systems. 
Microsoft provided a patch for the Unicode bug nearly a year ago. 

The advisory from NIPC Friday is an update to an earlier warning which
said more than 40 U.S.-based e-commerce and e-banking institutions had
suffered online security breaches over the past year. 

According to the NIPC March advisory, investigations revealed that
several organized hacker groups from Eastern Europe, specifically Russia
and the Ukraine, were exploiting IIS vulnerabilities to gain access to
e-commerce networks. 

According to Shipley, e-commerce and e-banking firms need to begin
asking their online partners for audit reports and security assessments
as proof they're secure. 

"They need to start poking their noses into their critical suppliers and
asking for validation that they have their information security program
in gear," he said. 

The latest NIPC advisory on e-commerce vulnerabilities is at <a
href="http://www.nipc.gov/warnings/advisories/2001/01-023.htm">http://www.nipc.gov/warnings/advisories/2001/01-023.htm>
.  Reported by Newsbytes, <a
href="http://www.newsbytes.com">http://www.newsbytes.com> .  09:36
CST


------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

• Next message: Fred Cohen: "[iwar] [fc:Terrorists.did.not.use.high-tech.steganography.-.just.code.words...]"
• Previous message: Fred Cohen: "[iwar] [fc:Keeping.your.computer.secure]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST