- Email: [email protected]
Large online gamer paid ransom to hacker extortionists
issue.qxd
24/03/2003
16:30
Page 3
news What about Sun's Solaris system, its closed source isn't it? Sun's Solaris system is not as closed as Microsoft. We show it to a much wider range of customers on routine source licenses than Microsoft does. My belief is that a source license is something that customers can routinely get, its probably expensive but major customers can get source licenses to look at Solaris code. There was an attempt to open Solaris completely a few years ago and some rather complex patterns of ownership stopped us from publishing all of it in the late 1990s.
Security breach forces closure of company Janteknology, a software distribuor recently closed business after suffering an internal security compromise. Glen Miller, managing director of Janteknology said in a statement “The company has suffered a major internal security breach that among other things involved the removal and modification of company records.” Miller was unable to comment further as investigations are currently taking place. In order to deal with existing backorders, Jantecknology are restoring and validating a number of records.
Large online gamer paid ransom to hacker extortionists Russian extortionists took control of servers on a major online gaming company
using a virus, and demanded a ransom, which the corporate victim paid. The hackers bypassed firewalls and other security systems to infect five servers from Grafix Softech F.A. with a virus, they then encrypted vital data and demanded a ransom in return for the key. “These hackers were good, it took something special for them to break in” said Bill Margeson, CEO of CBL Data Recovery Technologies who helped Grafix Softech recover the data. Grafix Softech, based in Costa Rica, lost $75 000 daily for eight days as a result of the breach, which meant that vital company data disappeared. Margeson said that Grafix were also under “intense pressure from business relationships.” Even though the intruders received the ransom and delivered the encryption key, data could not be retrieved from one key server containing a list of consulting clients and details for the operation of many gaming sites. “When the data was encrypted a large temp file was created so encryption effectively deleted the MS SQL database” said Margeson. When Grafix Softech complained to the extortionists, they recommended using ndustrial software for recovery, which failed to work. “Because Grafix Softech don’t work at the hex level, they were misapplying products to retrieve the data” said Margeson so they summoned in CBL, data recovery experts. CBL examined the file structure of the Microsoft SQL database, and wrote custom software to piece together signatures left from the file
structure of the database, which led to the recovery of all the data. Margeson said: “This was a well thought out and targeted attack, the extortionists knew who they needed to talk to.”
IDS — the new firewall? Catherine Everett Until now, the high cost and complexity of IDS/IPS products have meant they have been deployed only by large organizations with stringent security requirements, according to Jeff Wilson, executive director of Infonetics Research. But as companies of all sizes begin to rely on the Internet more and more, they are realising that their firewalls, although widely deployed, are not 100% effective and so are looking at the next stage in how to protect their perimeter security. "Though growth in 2003 will be strong, the [IDS/IPS] market will really take off in 2004 due to increased global demand from customers of all sizes, and innovations that will make the technology easier to use, more accurate and widely available," explains Wilson. A recent Infonetics study dubbed "Network Technology Adoption Forecasts, North America 2003 and Europe 2003" indicates that, while sales of IDS/IPS products hit $382 million last year, by 2006 this figure is expected to leap to $1.6 billion, a compound annual growth rate of 42%. Marcus Ranum, an independent consultant, agreed with the findings. "The IDS market is about to explode, with most organizations seeing their value now and just trying to decide whether to
In Brief US UNIVERSITY HACKED An intruder exploited a vulnerability in the University of Texas administrative data reporting system and stole 55200 records. A program was written to bombard the system with millions of social security numbers. All SSNs that matched any of the millions of security numbers in the database were captured along with other personal information. The case is currently being investigated. SECURITY ALERT ON PERSONAL STORAGE WEBSITES Personal storage websites could increase the threat of industrial espionage warn Websense, an employee Internet management company. Websites such as briefcase.yahoo.com and Hotdrive.com now number 1000 worldwide and 71% of companies around Europe do not have policies on the use of such websites. Approximately 20% of company’s surveyed by Websense knew of spyware use within their organization. budget for them and do it. We'll only start to see them really penetrating the data centre and infrastructure when they become cheap enough, however, which won't be for another few years yet."By 2002, about 38% of small, 48% of medium and 63% of large organizations globally had already implemented IDS systems, but this figure is expected to grow to 62%, 83% and 92 % respectively by 2007. 3
24/03/2003
16:30
Page 3
news What about Sun's Solaris system, its closed source isn't it? Sun's Solaris system is not as closed as Microsoft. We show it to a much wider range of customers on routine source licenses than Microsoft does. My belief is that a source license is something that customers can routinely get, its probably expensive but major customers can get source licenses to look at Solaris code. There was an attempt to open Solaris completely a few years ago and some rather complex patterns of ownership stopped us from publishing all of it in the late 1990s.
Security breach forces closure of company Janteknology, a software distribuor recently closed business after suffering an internal security compromise. Glen Miller, managing director of Janteknology said in a statement “The company has suffered a major internal security breach that among other things involved the removal and modification of company records.” Miller was unable to comment further as investigations are currently taking place. In order to deal with existing backorders, Jantecknology are restoring and validating a number of records.
Large online gamer paid ransom to hacker extortionists Russian extortionists took control of servers on a major online gaming company
using a virus, and demanded a ransom, which the corporate victim paid. The hackers bypassed firewalls and other security systems to infect five servers from Grafix Softech F.A. with a virus, they then encrypted vital data and demanded a ransom in return for the key. “These hackers were good, it took something special for them to break in” said Bill Margeson, CEO of CBL Data Recovery Technologies who helped Grafix Softech recover the data. Grafix Softech, based in Costa Rica, lost $75 000 daily for eight days as a result of the breach, which meant that vital company data disappeared. Margeson said that Grafix were also under “intense pressure from business relationships.” Even though the intruders received the ransom and delivered the encryption key, data could not be retrieved from one key server containing a list of consulting clients and details for the operation of many gaming sites. “When the data was encrypted a large temp file was created so encryption effectively deleted the MS SQL database” said Margeson. When Grafix Softech complained to the extortionists, they recommended using ndustrial software for recovery, which failed to work. “Because Grafix Softech don’t work at the hex level, they were misapplying products to retrieve the data” said Margeson so they summoned in CBL, data recovery experts. CBL examined the file structure of the Microsoft SQL database, and wrote custom software to piece together signatures left from the file
structure of the database, which led to the recovery of all the data. Margeson said: “This was a well thought out and targeted attack, the extortionists knew who they needed to talk to.”
IDS — the new firewall? Catherine Everett Until now, the high cost and complexity of IDS/IPS products have meant they have been deployed only by large organizations with stringent security requirements, according to Jeff Wilson, executive director of Infonetics Research. But as companies of all sizes begin to rely on the Internet more and more, they are realising that their firewalls, although widely deployed, are not 100% effective and so are looking at the next stage in how to protect their perimeter security. "Though growth in 2003 will be strong, the [IDS/IPS] market will really take off in 2004 due to increased global demand from customers of all sizes, and innovations that will make the technology easier to use, more accurate and widely available," explains Wilson. A recent Infonetics study dubbed "Network Technology Adoption Forecasts, North America 2003 and Europe 2003" indicates that, while sales of IDS/IPS products hit $382 million last year, by 2006 this figure is expected to leap to $1.6 billion, a compound annual growth rate of 42%. Marcus Ranum, an independent consultant, agreed with the findings. "The IDS market is about to explode, with most organizations seeing their value now and just trying to decide whether to
In Brief US UNIVERSITY HACKED An intruder exploited a vulnerability in the University of Texas administrative data reporting system and stole 55200 records. A program was written to bombard the system with millions of social security numbers. All SSNs that matched any of the millions of security numbers in the database were captured along with other personal information. The case is currently being investigated. SECURITY ALERT ON PERSONAL STORAGE WEBSITES Personal storage websites could increase the threat of industrial espionage warn Websense, an employee Internet management company. Websites such as briefcase.yahoo.com and Hotdrive.com now number 1000 worldwide and 71% of companies around Europe do not have policies on the use of such websites. Approximately 20% of company’s surveyed by Websense knew of spyware use within their organization. budget for them and do it. We'll only start to see them really penetrating the data centre and infrastructure when they become cheap enough, however, which won't be for another few years yet."By 2002, about 38% of small, 48% of medium and 63% of large organizations globally had already implemented IDS systems, but this figure is expected to grow to 62%, 83% and 92 % respectively by 2007. 3