May 08 2012
|more articles from|
Lieberman Software says malware-driven evolution of ransomware highlights need for corporates to raise their security game
Philip Lieberman, president of the IT security specialist - and an information security veteran of many years - said that the multiple successful takedowns of botnet servers and Web domain names this year by Microsoft and several law enforcement agencies around the world has undoubtedly affected the income streams of cybercriminal gangs, with predictable results.
"The attack code seen in this latest type of malware attempts to find common credentials to superuser accounts - i.e. where the same password is used on every machine - and which remain persistent over time," he said.
The Lieberman Software president went on to say that a properly implemented privileged identity management solution would randomise all the passwords used on the systems on a continuous basis, as well as providing time-limited access to sensitive credentials.
Since few companies use a formal privileged identity management solution, most companies will suffer untold pain from this new generation of malware with little being gained by educating users or using anti-virus plus anti-malware solutions, he adds.
Once the new malware slips in, he explained, it is effectively curtain time for corporate security, as, whilst ransomware itself has been around since the late 1980s, the technique is still pretty much the same today, involving the locking up and/or denying access to computer files until a `ransom' payment is made.
Adding the Citadel trojan to the mix, says Lieberman, is a value-added extra for the cybercriminals as the malware attempts to steal user credentials - regardless of whether the victim stumps up the illegal ransom payment or not.
"And if those credentials include an admin account, then the company is in potentially very serous trouble. The bottom line here is that companies need to start raising their security game through the use of additional layers of technology," he said.
"This is where privileged identity management really comes into its own as, when using this approach to security, even if a user account were to be compromised, then the degree of remote access by cybercriminals can be severely limited," he added.
For more on Lieberman Software: http://www.liebsoft.com
For more on the Citadel evolution of ransomware: http://bit.ly/JnkFlr
© Press Release 2012
© Copyright Zawya. All Rights Reserved.