Sunday, October 19, 2008

USA Today: Hackers got into 18 computer servers at World Bank

Did you see the USA Today article on the World Bank intrusions?

Cyberintruders used the Internet to crack into at least 18 computer servers at the World Bank Group last July.

One bank memo lists the breached servers and makes this assessment: "As of 9/9/08 we have determined that 5 of the compromised servers contain sensitive data, and care must be taken to determine the amount of information that may have been transmitted outside of the World Bank Group."


Wow, sounds like old school system penetrations. And here we thought all the hacking nowadays was through browser and email exploits.

Banks, indeed, are not the only targets. Corporate intrusions in general are on the rise, says Phil Neray, vice president at database security firm Guardium. Cybercrooks seek out PCs used by privileged insiders so they can access sensitive databases and other PCs. "Many organizations don't have any real-time monitoring or alerting mechanisms in place to identify unauthorized activities," Neray says.


Hopefully the state of information security in private industry is a lot better these days but somehow I doubt it. The risk needs to be palpable enough for CEOs to give a crap. As for the realtime monitoring, that should really be the last line of defense. The detective control to catch whatever preventative controls don't.

To me this type of article underscores the need to look at security in breadth across the enterprise as well as in depth. It's like securing a house. You don't put an iron door on a tin shed. Hackers are looking for the one way in. So make all the ways in a little bit harder.