Internet Identity

A leading A/V & Firewall provider was successfully compromised by an SQL Injection attack last week. As part of the attack, internal email addresses, passwords, and customer data were publicly posted by the hackers.

In the world of Information Technology, an organization's relationship with its Firewall provider is one of the most trusted. Fortune 500 companies spend large sums of money to ensure that their network perimeters are secure and contain the latest anti-spam and anti-virus data. Companies outsource this function to a specialist so that they don't have to devote internal resources to maintaining blacklists and updating the software within network appliances. Their partner takes care of all that, and it's a nice win-win.

This deep level of trust is exactly why these relationships must be scrutinized. Automated data feeds that go directly into network servers and appliances are a common way that technology is maximized for productivity in our industry. That is until that data feed suddenly becomes untrustworthy. Then several difficult and urgent questions emerge: What systems in our organization take in this feed? How do we unwind it across the board? Do the credentials for one product in the suite work for other products out of convenience? In the case of the company mentioned above, they also offer data storage, VoIP products, and load-balancing/traffic management.

Some other basic questions:

Do you have updated contacts at your Firewall and Intrusion Prevention partners?
Are you actively watching their IP space for known malicious threats?
Are you actively watching their DNS and BGP resolution globally?

Contact us at info@internetidentity.com for more information on how IID can help protect your Extended Enterprise.

If we're all not careful, 2011 will become known as the year of the attacks against IT Security Firms. The criminals definitely seem to be raising the stakes.