03 November 2011

Chemical industry cyber attacks needed privileged identity management

Chemical industry cyber attacks needed privileged identity management

Commenting on reports from Symantec that hackers targeted nearly 30 companies in the chemical industry this summer, with the intent of stealing sensitive IP, Lieberman Software says that this latest cyber crime wave cries out for privileged identity management technology.

Philip Lieberman, president and CEO of the identity management specialist, points out that, while digital rights management (DRM) is often proposed as a panacea for IP security, the attacks identified in Symantec's research use 'spear phishing' that fools email recipients into compromising their IDs and passwords.

"Spear phishing pierces DRM systems like a hot knife cutting through butter," states Lieberman.

"Privileged identity management, on the other hand, limits the damage that compromised account credentials can cause, and can stop hackers from gaining access to private data, following a security breach," he adds.

Lieberman insists that the mere fact that these firms include Fortune 100 companies, that can afford experienced IT security professionals, demonstrates that sophisticated cyber attacks stand a good chance of getting through the defences even of the best.

For him, privileged identity management controls are key, because they can act as "a last line of defence" against hackers gaining access to administrator level accounts – so preventing intruders from gaining full control over an organisation's IT resources.

"The fact that these victim organisations are developing new materials for military vehicles, advanced manufacturing infrastructure, and other strategic technologies is very worrying, as it means that there may be more than a simple economic crime perpetrated here," states Lieberman.

And he expresses concern that the attacks apparently used a backdoor Trojan called Poison Ivy. "Poison Ivy uses distant command-and-control servers to gain remote control over compromised systems, which suggests to me a degree of professionalism amongst the hackers.

"It seems like this should be clear wake-up call to organisations that fail to secure their privileged identities."

Author
Brian Tinham

Supporting Information

Companies
Lieberman Software

This material is protected by Findlay Media copyright
See Terms and Conditions.
One-off usage is permitted but bulk copying is not.
For multiple copies contact the sales team.

Do you have any comments about this article?

Add your comments

Name

 
Email

 
Comments
 

Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

ODVA machinery SIG

Open, interoperable automation technologies pressure group ODVA is forming a ...

Hype and jargon

More than four fifths (84%) of IT decision makers in manufacturing industry say ...

Cybersecurity survey

A global cyber security of more than 1,500 professionals has revealed that more ...

Getting IT right

Back to basics, but with your eyes wide open is a good starting point for any ...

Network practice

There’s much more to securing and provisioning your business and plant networks ...

Wireless world

Going wireless isn’t just about business communications. Brian Tinham discovers ...

Bakehouse: Delicious and determined

Bakehouse have gone from start-up to market leaders in 15 years. They are now ...

Sevcon

Customers and Shareholders Benefit as Global Manufacturer Deploys Management ...

Six Steps for: Discrete Manufacturers

Columbus IT has worked with many Discrete Manufacturing organisations enabling ...

UK & Ireland SAP User Group

ICC, Birmingham,West Midlands B1 2EA