FICORA’s CERT-FI information security review 4/2011: Sharp increase in information security breachesPublished 03.02.2012 The year 2011 was characterised by many information security breaches, which received a lot of publicity. The data stolen in these break-ins was posted publicly on the internet. The usernames, passwords, and other data giving access to several services were published in discussion forums and file sharing services. The data theft against Sony’s services in April 2011 can be considered as the most wide-spread data leakage of all times. In Finland, the information systems at training firms and various online services were used as the sources of hacking.
The trustworthiness of internet’s certificate system has been tested due to information security breaches and hacking attempts against companies acting as root Certificate Authorities. The cases have drawn the attention to the certificate providers' information security level, as well as the weaknesses in the system in general. By using certificates, users can ascertain that an online service provider is who it claims to be.
Becoming a victim of a security breach was also the American provider of security, RSA. The hackers got their hands on information related to SecurID tokens, which are used for strong authentication. The tokens are commonly-used in Finland, too. Due to the case, RSA has offered its customers to replace their SecurID tokens.
Bank customers targeted by malware and phishing
In 2011, Finnish bank customers became victims of several scam attempts based on malware and phishing sites. Finland saw attacks such as man-in-the-middle as well as malware exploiting network banking sessions becoming all the more common. In the attacks, the criminals can exploit a malware for the purpose of monitoring the telecommunications of the users of online banking services, and use the codes entered by the user of an online banking service to verify bank transfers. The malware were mainly the different versions of the Zeus malware family.
CERT-FI publishes a quarterly overview of information security, which examines the most significant threats to information security. The objective of the reviews is to support companies and organizations in their attempts to improve the management of information security. The CERT-FI information security review 4/2011 is available in Finnish at http://www.cert.fi/. The English version will be placed on the site later.
Duty Officer of CERT-FI, tel. +358 9 6966 510
Ari Husa, Information Security Adviser tel. +358 40 722 3130