Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Global hacking attack raises security concerns
NEW YORK and HERNDON, Va. (2/19/10)--During the past 18 months nearly 75,000 computers at about 2,500 companies and government agencies have been hacked in what computer security experts say is a coordinated global attack (The Wall Street Journal Feb. 18). And the attacks are still operating. More than 374 are U.S.-based organizations, said NetWitness Corp., a Herndon, Va.-based company that uncovered the Kneber botnet attack last month (ComputerWorld Feb 18). Kneber, which began in Germany, is a variation of the Zeus botnet. It is working in tangent with another bot, the Waledac, making taking down the malicious software more difficult. Companies compromised in the U.S. include Fortune 500 companies; local, state and federal government agencies; Internet service providers, and educational institutions. The Wall Street Journal named pharmaceutical company Merck & Co., Cardinal Health Inc., Paramount Pictures, and software company Juniper Networks Inc. as among the companies with compromised computers. It is not known if credit unions are directly involved, but data stolen include banking information such as login credentials mainly for financial accounts, credit-card transactions and intellectual property. However, NetWitness Corp. told Computerworld the bot also appears to be harvesting other kinds of information that suggest Zeus is being put to broader uses than just stealing bank credentials. The Wall Street Journal reported that in more than 100 instances, hackers gained access to corporate servers storing large quantities of business data such as company files, databases and e-mails. Computers of at least 10 government agencies were accessed. For some companies, enterprise systems were compromised as a result of "drive-by downloads," while others were targets of "spear phishing" campaigns designed to get individuals to open up e-mails with malicious links and attachments. More than half the machines infected are also infected with a peer-to-peer bot called Waledac, with the Kneber bot actively logging Waledac activitiy and downloading it to machines it has infected. This makes it harder to take down both bots. When one is removed, it triggers another to insert it back into the compromised system. NetWitness said that rival cyber gangs are teaming up in the cyberattacks. The news comes just after Google Inc. disclosed it and more than 20 other companies had been breached by hackers from China. The hacking affected 196 countries, with the highest concentration of infected computers in Egypt, Mexico, Saudi Arabia, Turkey and the U.S.
Other Resources

RSS print
News Now LiveWire
Large CU stress testing on the agenda for the April @theNCUA open meeting http://t.co/2TUcnmCmPi
1 Day ago
#FinancialLiteracyMonth Test your college financial aid knowledge @nasfaa http://t.co/xgrDmHaw8W
4 hours ago
Join @theNCUA #NCUAchat with @KenWortheyJr on April 23 from 11am to 12pm EST http://t.co/TnNmfFh4Nl #FinancialLiteracyMonth
5 hours ago
Maine's patent troll bill has become law. Read more in Monday in @NewsNowLiveWire
8 hours ago
Wash. DFI discusses serving legal marijuana businesses with @NWCUA http://t.co/3kw79HJUYF
8 hours ago