Backdoor admin accounts blow corporate security

Businesses and government systems are at risk from undocumented administrator accounts that enable unauthorised access, analyst Ovum has warned.

An...

Businesses and government systems are at risk from undocumented administrator accounts that enable unauthorised access, analyst Ovum has warned.

An Ovum report entitled "Can you trust your vendor?" found that undocumented privileged administrator accounts have been discovered in new network routers belonging to two telecoms service providers.

"This is not the first time that we have seen attempts to hack into enterprise and carrier networks by infiltrating network routers", said Graham Titterington information security principal analyst at Ovum.

"At the time of the Athens Olympic Games, rogue software in four mobile switching centres illegally intercepted calls by Greek politicians, including the prime minister, for a year. After the discovery of the software, both the network operator and the equipment vendor were fined several million euros. More recently, the US government detected an attack on IT systems in the Pentagon in 2007 in which 1,500 computers were found to have been compromised."

Titterington said the unauthorised accounts were found by accident as most security audits do not check privileged admin accounts. He urged companies that are concerned about backdoors in their network routers to check that there are no unauthorised privileged accounts.

While spotting such accounts is quite easy, Titterington said intruders may use more complex techniques in the future, such as embedding backdoors in the actual router software. Such backdoors would be very difficult to identify.

In April, Huawei came under the spotlight when the Indian government withheld contracts over security concerns. Conspiracy theorists across the internet have written on how big US network providers were working with the US National Security Agency.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close