Hacker Attacks On Some U.S. Utilities Up 90% - InformationWeek
IoT
IoT
Software // Information Management
News
10/5/2007
06:29 PM
50%
50%

Hacker Attacks On Some U.S. Utilities Up 90%

A security company is reporting that the attack tactics include the Gozi, Prg, Storm, and BBB/IRS Trojans.

The number of hacker attacks on some U.S. utility companies is up 90% in the last nine months, according to a security company.

SecureWorks, a managed security services company that serves 100 American utilities, reported Friday that it has tracked a 90% increase in the number of hackers trying to attack its utility clients this year. Between January and April, SecureWorks blocked an average of 49 attackers per utility client per day. However, between May and September, the company's researchers saw an average of 93 hackers attempt attacks on each of its utility clients every day.

"In 2007, we blocked significantly more browser attacks for our clients than we did the year prior, as many of the top Trojans are using Web sites and e-mail links as infection vectors," said Wayne Haber, director of development at SecureWorks, in a written statement. "Some of the most prominent malware using these tactics include the Gozi, Prg, Storm, and BBB/IRS Trojans.

Researchers at SecureWorks noted that these attacks can put individual users at risk. Computer users can be victimized by browser attacks if they visit Web sites, which are surreptitiously hosting malware. If the utilities end up hosting malware, the companies' users could become victims themselves.

Haber pointed out that the utilities, like any other company, can fend off these attacks by creating strong Internet usage policies for employees so they aren't duped by social engineering tricks or phishing schemes, putting themselves and their network at risk. He also reminds IT managers to make sure their systems are up-to-date with software patches.

In a recent interview with InformationWeek convicted hacker Robert Moore said 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure. The biggest cause of that insecurity? Default passwords that had never been changed.

Moore recently began serving a two-year sentence for breaking into 15 telecommunications companies and hundreds of businesses worldwide as part of a scheme to steal voice over IP services and sell them through a separate company.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll