Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them.
What MANDIANT found was that an unauthorized kernel modification had caused the system to become unstable, and that the modification had compromised the system’s security as well. To determine the extent of the breach, each of the 48 servers needed to be taken offline, booted in a controlled environment, and analyzed for three to five hours each. About half had the crack installed, forcing the company to assume that all credit card information had been compromised. What had first seemed routine resulted in a financial nightmare — one that many companies are leaving themselves exposed to, unaware of the increasing pervasiveness of rootkits.

Full story

Source: www.infoworld.com

April 30th, 2007
Categories: Web & Net . Author: webmaster

No Comments

No comments yet.

Comments RSS TrackBack Identifier URI

Leave a comment

Name (required)

Mail (will not be published) (required)

Website

Notify me of followup comments via e-mail