Banks targeted in Windows hack attack:
from The Sydney Morning Herald
Article ID: D144607
Malicious attackers in Brazil, Germany and the Netherlands tried to use a vulnerability in Windows to break into some of Australia's largest financial institutions, including at least three banks, over the Anzac weekend, according to the Atlanta-based security firm, Internet Security Systems.
In a media release, ISS (Australia) managing director Kim Duffy said the attacks were picked up by ISS's Global Threat Operations Centre late on Thursday evening.
He said that by 8am on Friday the attacks had escalated significantly 'and by lunch time we became aware that hackers were trying to infiltrate many of Australia's largest financial institutions.'
He said that although many were already protected by ISS, he alerted the institutions 'and, as a courtesy, we also faxed Australia's top 500 private and top 500 public companies.'
The vulnerability which was targeted by the attackers was, coincidentally, discovered by ISS and notified to Microsoft in September last year. It was one of 14 sealed by the patch issued along with Microsoft Security Bulletin MS04-011 on April 13.
'Our X-Force research laboratory discovered the flaw in September last year when we informed Microsoft in accordance with our confidential disclosure procedures,' Duffy said in the release.
'These procedures are designed to give vendors like Microsoft as much time as possible to develop and then distribute upgrades to plug any security gaps.
'A successful attack over the weekend would enable hackers to have full remote control of important servers and have the potential, depending on the target server's configuration, to compromise an institution's most sensitive data.
'Whilst the attacks were primarily aimed at financial institutions, the reality is that they could, at any moment, switch to any entity operating with a vulnerable Microsoft SSL (Secure Socket Layer) server,' Duffy said.
Copyright © 2004. The Sydney Morning Herald"