Log in

Posts Tagged ‘Trusted Platform Module’

Computer Systems at 2500 Companies Hacked

February 18th, 2010

: Image by joshuadelaughter via Flickr

In a high security breach malicious hackers have penetrated into more than 75,000 machines in 2500 companies across the US & rest of the world.. Not only have the breached the security, but also they have obtained access to confidential data from commercial and government entitites across the globe.

According to the security firm, NetWitness, the attacks have compromised the login credentials of over 68,000 accounts revealing the new banking site information. Raising serious eye brows about the type of computer security software, the report mentioned a “dangerous new ZeuS botnet (a malicious programme)”.

Apparently, the Zeus botnet tool kit, allows criminals to infect and remotel control of users’ PCs. The Zeus tool kit can be purchased on the payment of some dollars. Swiss anti-spam activist Roman Hüssy operates the ZeusTracker website, which keeps watch on several Zeus control servers that are used by various gangs of criminals.

Alex Cox, who works at NetWitness & uncovered Kneber said, “When we detected the correlation between the methodology used by the Kneber crew to attack victim machines and the wide variety of data sets harvested, it became clear that security teams must rethink their entire perspective on threats such as Zeus”.

Kneber is described as a command-and-control system botnet based on the ZeuS Trojan and is based on the older version of 1.2 Zeus. First discovered in January, the malicious programme collects login credentials of online financial systems, social networking sites like Facebook & corporate email systems from infested computers and reports the information to miscreants.

NetWitness CEO and former Director of the National Cyber Security Division Amit Yoran said that cyber criminals like the Kneber crew target and compromise thousands of government and commercial organisations globally.

The unaware employees were caught on the backfoot when they downloaded the hacked software from the sites which were administered by the hackers. They were baited into opening emails which contained these infected attachments.

According to Yoran, “Because they’re using multiple bots and very sophisticated command and control methods, once they’re in the system, even if you whack the command and control servers, it’s difficult to rid them of the ability to control the users’ computers” .

According to WSJ, there were many companies hit by this attack including Cardinal Health, located in Dublin, Ohio, and Merck. Once the infected computers were identified they were immediately removed from the network. Also caught were the educational institutions, energy firms, financial companies, internet service providers are even government agencies were penetrated.

In a statement issued by the security firm, the scope of these attacks scaled across the United States, Saudi Arabia, Egypt, Turkey and Mexico.

To help keep your business data protected in an effective way, explore our secure encryption software solutions. Unlike competitors, our software won’t be hacked and it provides an independent layer of encryption. Try a free 30-day trial now!

Kneber botnet catches 2,500 companies worldwide (guardian.co.uk)
Virus breaches 75,000 computers, study says (msnbc.msn.com)
New virus has breached 75,000 computers: Study (calgaryherald.com)

3 comments »

Posted in Encryption, Encryption Chip

Tags: BlackHat Botnet Cardinal Health ChristopherTarnovsky Encryption Facebook Mexico Personal computer RSA Saudi Arabia security Social network service Trusted Platform Module United States United States Army Yahoo

“Unhackable” TPM Chip Cracked

February 13th, 2010

The Trusted Platform Module (TPM) chip was generally accepted by security specialists as a safe method of protecting and encrypting information. The chip is common in thousands of motherboards which power everything from notebooks to XBox 360 video game consoles. Many businesses employ the chip as a defense for keeping their private data secure and rely on it as their main encryption device. Even Microsoft’s encryption service, BitLocker, depends heavily on the chip for storing encryption codes.

Earlier this month, a specialist engineer hacked the chip and figured out a way to access its secrets. Using an Infineon chip, Christopher Tarnovsky went through a complicated procedure which broke down the hardware’s defenses and gave him access to the processing core. Breaking into the chip was a lengthy process, but one thing is clear from the hack: depending solely on hardware supported encryption is a bad idea for businesses that truly want their information to be protected.

Am I at Risk?

Tarnovsky’s accomplishment is a serious warning sign, however, the procedure used to break down the chip’s security was extremely advanced and beyond the skill of a novice hacker. The Government Computer News reports:

“Don’t think that this is easy,” Tarnovsky said. He spent six months on the project and still has unanswered questions about the chips’ operations and security. The process of reverse-engineering would cost about $200,000 commercially, but he says that now that he has the technique worked out he can access a chip’s core and its data in six or seven hours.

Tarnovsky’s current method is very difficult to copy and isn’t likely to become a mainstream way of breaking into computers. However, others are going to follow in his footsteps and will continue to build on his work. Eventually, a more efficient and affordable strategy for cracking the TPM chip will be discovered. Hackers will develop ways to break into the chip by evaluating and reworking Tarnovky’s technique. The TPM chip has been proven to be hackable and should no longer be viewed as a secure standalone for protecting information.

We’ve touched on some of the weaknesses that BitLocker had earlier; now we can add its integration and dependence on the TPM chip to our list of complaints. Even if you’re using encryption software to protect your information, you may still find yourself depending on the TPM chip. Many full disk encryption service providers offer a product built around the TPM chip; if the TPM chip of your machine is hacked, essentially, your encrypted data will no longer be safe.

How to Stay Protected

Computer protection is extremely important and the news about the TPM chip’s security flaws should be a wake-up call for businesses. Choosing data encryption software which works is critical and will help protect your organization’s future. If you’re currently using software which is heavily dependent on the TPM chip as the main stronghold, it may a good idea to start exploring other options. Not having any sort of protection is simply unacceptable and inexcusable; we’ve covered several examples where security breaches have lead to serious repercussions for businesses.

To help keep your business data protected in an effective way, explore our secure encryption software solutions. Unlike competitors, our software isn’t dependent on the TPM chip and provides an independent layer of encryption. Try a free 30-day trial now!

Further Reading
Black Hat: Engineer Cracks ‘Secure’ TPM Chip [MCPM]
Engineer shows how to crack a ’secure’ TPM chip [GCN]
Hacker extracts crypto key from TPM chip [The H Security]

1 comment »

Posted in Data Protection, Encryption

Tags: BitLocker Drive Encryption data Encryption microsoft security Trusted Platform Module Xbox XBox 360