03 November 2011

Chemical industry cyber attacks needed privileged identity management

Commenting on reports from Symantec that hackers targeted nearly 30 companies in the chemical industry this summer, with the intent of stealing sensitive IP, Lieberman Software says that this latest cyber crime wave cries out for privileged identity management technology.

Philip Lieberman, president and CEO of the identity management specialist, points out that, while digital rights management (DRM) is often proposed as a panacea for IP security, the attacks identified in Symantec's research use 'spear phishing' that fools email recipients into compromising their IDs and passwords.

"Spear phishing pierces DRM systems like a hot knife cutting through butter," states Lieberman.

"Privileged identity management, on the other hand, limits the damage that compromised account credentials can cause, and can stop hackers from gaining access to private data, following a security breach," he adds.

Lieberman insists that the mere fact that these firms include Fortune 100 companies, that can afford experienced IT security professionals, demonstrates that sophisticated cyber attacks stand a good chance of getting through the defences even of the best.

For him, privileged identity management controls are key, because they can act as "a last line of defence" against hackers gaining access to administrator level accounts – so preventing intruders from gaining full control over an organisation's IT resources.

"The fact that these victim organisations are developing new materials for military vehicles, advanced manufacturing infrastructure, and other strategic technologies is very worrying, as it means that there may be more than a simple economic crime perpetrated here," states Lieberman.

And he expresses concern that the attacks apparently used a backdoor Trojan called Poison Ivy. "Poison Ivy uses distant command-and-control servers to gain remote control over compromised systems, which suggests to me a degree of professionalism amongst the hackers.

"It seems like this should be clear wake-up call to organisations that fail to secure their privileged identities."

Brian Tinham

Supporting Information

Lieberman Software

This material is protected by MA Business copyright
See Terms and Conditions.
One-off usage is permitted but bulk copying is not.
For multiple copies contact the sales team.

Do you have any comments about this article?

Add your comments




Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Use data effectively call

Manufacturing businesses in the UK need to unlock the Big Data held in their ...

Manufacturing view of security

The British Security Industry Association (BSIA), the trade body representing ...

Safety performance tool

Rockwell Automation has launched the Safety Maturity Index (SMI) tool, a ...

Getting IT right

Back to basics, but with your eyes wide open is a good starting point for any ...

Network practice

There’s much more to securing and provisioning your business and plant networks ...

Wireless world

Going wireless isn’t just about business communications. Brian Tinham discovers ...

Bakehouse: Delicious and determined

Bakehouse have gone from start-up to market leaders in 15 years. They are now ...


Customers and Shareholders Benefit as Global Manufacturer Deploys Management ...

Six Steps for: Discrete Manufacturers

Columbus IT has worked with many Discrete Manufacturing organisations enabling ...