Businesses need new security doctrine as Trojans evolve, says RSA


Businesses need new security doctrine as Trojans evolve, says RSA

Warwick Ashford

Trojans originally developed to steal credentials in the financial sector have been refined and are now deployed throughout the business world, say security researchers.

No company is immune, according to Uri Rivner, head of new technologies, identity protection and verification, at RSA, the security division of EMC.

"Nearly all Fortune 500 companies are infected. Lots of data goes out on a daily basis to Trojan mother ships," he told attendees of the RSA Conference 2010 in San Francisco.

The bulk of this information is being collected by the Zeus Trojan and all its variants, said Rivner, who described the world's most popular Trojan building kit as a "life grabber".

"We have evidence that Zeus Trojans on corporate computers are collecting a wide variety of information about employees," he said.

RSA researchers inspecting Trojan data stores have found that Zeus is collecting every kind of information users enter into corporate applications and online services such as dating sites.

"This information goes beyond usernames and passwords to include personal details such as the job title, hobbies and blood type of employee," said Rivner.

The good news is that there is no evidence that cybercriminals have developed an effective way to monetise this information yet, he said, giving businesses a window of opportunity to up their defences.

"Enterprises must develop a new defence doctrine that follows the example of the financial services sector to use multiple lines of defence," said Rivner.

These should include mechanisms for intrusion detection, strong authentication, behavioural analysis, data leakage prevention, desktop virtualisation and real-time security data sharing.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy