Software Housing Source Code Poorly Protected

Security researchers at McAfee stated on March 3, 2010 that software utilized for housing (or protecting) source code in corporations and which cyber criminals attacked against Google and other companies recently was poorly protected.

The security company examined popular software known as Perforce, which shelters intellectual property, and revealed its outcomes at the San Francisco held RSA security conference.

It commented that the systems which sheltered data like those related to intellectual property and others normally didn't feature the expected tracking or authentication properties. Sometimes it was possible that cyber criminals altered the source code even as the targeted organization couldn't know of it.

Citing the Google attack as an instance, George Kurtz, Chief Technology Officer of McAfee, stated that the criminals executing it sometimes acquired access to the computers stored the companies' "source code." By source code, it meant the main software script, which lay within the products of a technological organization. The access allowed the hacker to capture or modify the code, as reported by The Wall Street Journal on March 3, 2010.

McAfee had been executing certain security tasks jointly with a few among the group of organizations that were attacked together with Google. Nonetheless, Kurtz refrained from revealing if any of those organizations or Google really had their respective "source codes" stolen.

He said that the particular attackers used spear phishing attack in which fake e-mails are forwarded to specific employees who handled data of high profile, as reported by BusinessWeek on March 3, 2010. According to the CTO, the hackers first found about the individuals whom the targeted employees trusted. After that, they sent e-mails carrying malware-laden attachments to those employees while posing as those individuals.

As the employees opened the attachments, malicious software got activated. The software created a 'backdoor' giving the hackers access to the company computers from where they stole passwords and similar valuable data, McAfee said.

Security professionals such as Mr. Kurtz haven't come across this degree of sophistication earlier, but they expect that they will witness it again. Kurtz said that attacks were surging ahead in the manner as described.

Related article: Software Giant Microsoft Becoming More Spam Affectionate

» SPAMfighter News - 3/10/2010