Security firms are being targeted by more violent attacks than ever before, one of the industry’s top experts has warned.
Mikko Hypponen, chief research officer at F-Secure, said security providers had to deal with some “pretty aggressive attacks” in recent months.
“We are seeing more of them now than before and they are more violent attacks,” Hypponen said today.
“Obviously, anybody in the security industry doesn’t like this, seeing more and more attacks against security companies. Nobody is 100 per cent secure, but we do our best. We definitely don’t want to challenge anybody to hack into our systems.”
Hypponen’s comments came after a spate of hacks against technology companies, with security firms being hit hard.
HBGary was infiltrated by hacktivist group Anonymous after a spat between the two organisations, as the security firm saw tens of thousands of its emails leaked.
More recently, RSA was hit by a significant targeted attack, or Advanced Persistent Threat (APT), when data on the company’s SecurID product line was taken.
Then, over the weekend, Barracuda Networks was hit with an SQL injection attack, with partner contact information stolen.
Barracuda admitted it made a mistake by turning its own Web Application Firewall, sitting in front of the company’s website, to “passive monitoring mode.”
Despite being averse to the 'APT' buzz-acronym of the moment, Hypponen said such targeted attacks were a genuine worry and have been for some time.
He revealed a billion-pound UK company was hit by an APT, when a key employee's laptop became infected with a back-door flaw for 18 months before the firm realised what was going on.
“It was basically leaking corporate data to an IP in China for a year and a half,” Hypponen said.
A significant problem with such targeted attacks is the difficulty of identifying them.
“We miss most of these attacks,” he added. “The reason why most of these go undetected is that they are so narrow targeted. Normally only one guy is hit by them and it’s not detected by any safeguards.”
Most APTs F-Secure has seen appeared to have been state-sponsored, Hypponen suggested, given many have targeted NGOs and freedom of speech groups.