Click to Play | 
SMX West 2008
An intense situation results as desperate webmasters seek answers to their SEO problems. Why would someone stoop so low to get answers that could be easily... |
| Recent Articles |
Where Is Software Going This Year?
Thanks to my friends at IDC I got to attend an IDC Breakfast on their predictions for 2008. First up was Henry Morris discussing general economic trends. He pointed out that economic indicators are mixed and...
Surviving The Death Of Corporate IT Departments
If you have never heard of Nicholas Carr, make it a point today to go visit his blog, and go to Amazon to purchase his books. His thoughts on the death of the IT department have serious ramifications for corporate...
If JBoss Developer Studio Support Is Extra, What's...
By now you may have read my views on OSS 1 & 2. Here's something you may find interesting. Red Hat released JBoss Developer Studio in early December 2007. InfoWorld reported: "While JBoss Developer...
Problems That Lend Themselves To EDM
I was talking with Neil Raden and Tom Davenport today on the subject of decisions - what are the various kinds of decisions and how do companies make them and think about making them. Afterwards I was reminded...
From The SOA Consortium - IT Needs SOA Skills
I am attending the SOA Consortium meeting that is co-located with the OMG in Burlingame this week. The SOA Consortium was founded in 2007 and has grown from 11 to 81 members already. They do podcasts...
Virtualizing Data To Close The Gap Between IT And...
The Issue: Business units are making decisions outside of IT in regards to Information Access applications and tools - and then expecting IT to quickly provision and support those applications. Information Access...
|
|
02.28.08
Protecting Systems From "Malware As A Service"
 By Dan Morrill
Interesting new research was released today on Malware as a Service, with credentials stolen, and researchers cracking malware.
Security Company Finjan reports the first indication that the theft of FTP credentials was caused by hackers installing code at the Software as a Service (SaaS) level.
What's notable about this development is that hackers are using a software as a service (SaaS) model to deliver applications that are designed to abuse and trade FTP accounts. According to Finjan, this database may be the first use of SaaS for something other than legitimate means. Maybe we could call it HaaS: Hacking as a service. Source: ZDNet
It looks like that this was a stand alone application that was installed on the server level, and enabled hackers to work behind the scenes to gather login information by mimicking a SaaS application.
Much like early trojaned applications, on the surface it looked like it was behaving normally, but in reality it was also performing functions that the hackers wanted it to perform.
This is part of the problem with security 2.0, with a distributed application, hackers can take advantage of any section of the process, and security engineers are ill equipped to deal with this kind of attack. There are few tools that will follow the application firing string along multiple systems, running multiple snippets of code, in a distributed hierarchy.
This is where and when security engineers need to understand the "why does it work the way it works, and where is it working across the framework" level of application hacking. Distributed applications make security harder, but not impossible, just finding the Malware as a Service (MaaS), we can better understand how this happened, where it happened in the hierarchy, and how to better protect our systems against these kinds of attacks.
Comments
About the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
|
|
