- As the busy holiday shopping season gets into full swing, a federal security agency affiliated with the US Federal Bureau of Investigation (FBI) is warning that attacks by malicious hackers against e-commerce websites and other companies doing business online are on the rise.
The Washington-based National Infrastructure Protection Center (NIPC) issued an advisory last week saying FBI investigations and unspecified additional information point to an increase "in hacker activity specifically targeting US systems associated with e-commerce and other internet-hosted sites."
The NIPC, which is located at FBI headquarters, says most of the intrusions were made against systems running Microsoft's Windows NT operating system, although Unix-based machines also were reported to have been victimised. The centre didn't include any specific examples of attacks in its advisory, and a spokeswoman for the NIPC declined to comment on that.
According to the NIPC's advisory, attackers "are exploiting at least three known system vulnerabilities to gain unauthorised access [to systems] and download proprietary information" from unsuspecting companies. Most of the attacks had been under way for several months before being discovered, the centre adds.
"Although these vulnerabilities are not new, this recent activity warrants additional attention by systems administrators," the advisory says. "The NIPC strongly recommends that all computer network systems administrators check relevant systems and apply updated patches as necessary. Specific emphasis should be placed on systems related to e-commerce or e-banking/financial business."
Eric Hemmendinger, a security analyst at Aberdeen Group in Boston, says the agency's alert should be taken seriously by IT managers because it comes from the government, not from security firms or antivirus software vendors warning of the end of the world as we know it.
"What might be a little bit unusual about this is not what the warning is, but where it's coming from," Hemmendinger says. "When the federal government wakes up to a problem, they're usually not the first ones [to see it]. That means it's worth paying attention to."
Hemmendinger says users can defend themselves against virus attacks and network intrusions by updating their antivirus programs and making sure they apply any available security patches to their applications. But companies are still vulnerable to distributed denial-of-service attacks, which can crash their websites, he adds. "In the case of denial-of-service attacks, there is no really good answer right now," Hemmendinger says.
That problem was evident last February, when major websites such as the ones operated by Yahoo, eBay and Buy.com were shut down by a string of denial-of-service attacks.
In a more recent high-profile security incident, Microsoft confirms that its internal computer network was broken into by an attacker who was able to view some of the software vendor's source code for a future product that's under development. Microsoft says it tracked the intruder's movements inside its network for 12 days before reporting the attack to the FBI.
The NIPC's advisory points users to website links with information about how to plug the security holes that it says are being exploited by attackers. The centre, which is continuing its investigations into the attacks that have been reported thus far, also asked companies to report any suspicious online activities to it or to the FBI.