THERE is a growing trend among computer hackers to target individuals and use them to gain access to corporate databases and banking systems, according to a qualified ethical hacker.
Matthew Parker from Ernst & Young’s technology and security risk services department, said companies should not underestimate the threat from their own employees.
‘Hackers no longer directly attack corporate computer mainframe websites. Instead they concentrate on downloading software onto individual computers which enable them to record every keystroke made and steal log-in details. They then know everything about the person from the websites they visit to the passwords they use. It is a back door which can get them into a company’s database.’
Mr Parker learned about the technique at a course he attended recently run by the Sans Institute – SysAdmin, Audit, Network, Security – a global IT organisation. ‘It’s very important to find out about hacking developments and trends regularly because they change so rapidly,’ he said.
‘I think there’s a move away from direct attacks on businesses and more towards using staff and customer information. Knowing how to handle these attacks is vital.
‘If a member of staff compromises a corporation PC, there could be significant amounts of information lost without your database being targeted. This is about protecting servers and using the best filters to ensure that they do not come under attack.’
According to Mr Parker, hackers are increasingly creating malicious websites and attracting people to them. He claims hackers are even manipulating search engines so that their site is ranked higher and consequently attracts more hits.
Article posted on 16th July, 2008 - 2.30pm
Most Commented: