- Attack code released for new DNS attack
- Parts of SF network still locked out
- Basic to-do apps for iPhone, iPod touch
- Spam King pulls prison vanishing act
- SCO Group: Its future is all used up
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
A distributed denial-of-service attack that disrupted Web-based systems at credit card payment processing firm Authorize.Net earlier this week is indicative of a sharp increase in the number of cyberattacks being targeted at specific companies and driven by profit motives on the part of the hackers who launch them.
The DDoS attack against Authorize.Net coincided with the release of a report by IT security software vendor Symantec Corp., which said its analysis of network attacks in the first six months of this year shows that malicious hackers appear to be moving away from mass attacks to more focused ones aimed at e-commerce sites.
Other security vendors and analysts painted a similar picture.
"We're seeing a big escalation of attacks targeted at e-commerce companies," said Tom Corn, a vice president at Mazu Networks Inc., a Cambridge, Mass.-based vendor of DDoS-mitigation technologies. Many of the attacks involve attempts to extort money from the targeted companies, he said.
The plight of Bellevue, Wash.-based Authorize.Net was a perfect example. The company, which provides payment processing services to more than 100,000 mainly small to midsize online businesses, was the target of intermittent but "large-scale" DDoS attacks that began on Sept. 15, said Authorize.Net's marketing director, David Schwartz. The attacks resulted in periods of "brief disruptions" for Authorize.Net's customers, said Schwartz.
The attacks were launched a few days after company officials refused to give in to an extortionist's demand for "a substantial amount of money," Schwartz said. "It was something that was sent to our general mailbox," he said, adding that the FBI and other law enforcement authorities are investigating the incident.
This isn't the first time Authorize.Net has been targeted by cyberattackers, but the scope is bigger. "We have been attacked in the past, but not on this scale and with such tenacity," Schwartz said.
Jonah Paransky, a senior manager at Cupertino, Calif.-based Symantec, said 16 percent of the attacks against e-commerce sites that the company analyzed were targeted. In the same period last year, just 4 percent of the attacks on e-commerce sites were thought to be aimed at specific sites. The increase suggests "that attackers are turning to where the money is," Paransky said.
Rss FeedRss Feed
DLP solutions are the first-last opportunity to correct a policy problem...and do so at the last frontier...- Schratboy
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment