Hackers step up attacks on security firms

As attacks on the security infrastructure increase, we must ask if the firms responsible for our safety can protect themselves, much less us

The Internet's security infrastructure is under attack. Two major incidents against Comodo and RSA have raised the question of not just whether the enterprise can withstand hacker attacks but if the security firms we all count on to guard the infrastructure can protect themselves.

Earlier this week, Internet security firm Comodo revealed it had been tricked into minting nine high-value digital certificates that could allow the attackers to create fraudulent sites that fool users into thinking they are visiting Google, Yahoo, Skype or Microsoft's Live service. The sting on Comodo follows a more serious attack on RSA, which netted the infiltrators unspecified information that could compromise the security of the company's one-time password product SecurID.

These breaches follow other recent high-profile security events, including Anonymous's campaign to compromise HBGary Federal and Stuxnet's use of stolen code-signing certificates against Iran's nuclear capability. Altogether, it's undeniable that attackers now see the value in focusing on those companies and products that provide defense.

While the Comodo attack, at least, is thought to have limited impact, the RSA compromise could be more serious. However, both breaches point to a need by security firms to re-evaluate their approach to protecting themselves and their valuable intellectual property, says Anup Ghosh, founder and chief scientist of browser security firm Invincea. "How is it that the foundational elements of security are being compromised?" he asks.

"We have to worry whether we are going to be targeted next -- we, as in the royal we," Ghosh says. "And all we're really doing is doubling down on the technologies that was built in the late '90s and address yesterday's problems rather than the way that these attacks are actually perpetrated."

Hackers have always sought out corporate intel, but in a presentation at RSA, Josh Corman, research director of the 451 Group, argued that attackers are increasing their focus on intellectual property, at a time companies are becoming more proficient with protecting their custodial data, such as credit cards numbers and personal-identifying information. These factors point to a need by companies -- especially security firms -- to learn how to better protect their IP, he says.

"What is now required is for us to ask what kind of evolution and changes do we need to thwart those attackers who are more talented and more persistent," he says. "We can mock these companies for their mistakes -- or we can talk about the criminals and the perpetrators."

This article, "Hackers step up attacks on security firms," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.

Join the discussion
Be the first to comment on this article. Our Commenting Policies