Tuesday, December 9, 2008

Registrar's are still a weak link

Very nice article on the hack against Check Free here.

Current theories center on the likelihood that a Check Free employee got suckered by a phishing or straight-up social engineering attack.

I'm going to hazard a guess that this was a spear-phish or more targeted form of attack. A quick search of Linkedin, Facebook and other social networking applications finds a treasure trove of CheckFree/Fiserv employees.

It's a small step to go from these links to a targeted attack against Fiserv IT staff.

However, as the article notes Fiserv was not the only target in this attack and Financial Institutions (FI) are dangerously reliant on a single registrar.

My recommendations:
  1. FI's and others must monitor and protect themselves from domain hijack -- I recommend Pharming Shield.
  2. Get social networking applications out of the data center, IT personnel must not use corporate resources (including email) to access these sites
  3. The Financial Industry is at risk from a single-point of failure at Network Solutions. This must be addressed through community efforts and directly by the platform providers.
Happy Holidays!

No comments: