Printable View
This may be old news to a degree, but I don't think the event got loud enough media coverage, so some some may have missed it. But, this column from the Washington Post presents a in-depth look at how the exploit occurred, and focuses on how apparently stolen credentials were presented to Network Solutions and used to redirect traffic for several hours to a bogus server. CheckFree handles about 70-80% of online bill payments in the U.S.
Ouch... I hope they work out exactly how this was done, seems to be mostly guess work from that report.
True as it relates to how the credentials were obtained, but I personally read the responses from CheckFree and Network Solutions as meaning, "Holly Cow! We weren't prepared for that and don't really have a fast security fix waiting in the wings."Quote:
Originally Posted by NooNoo
Maybe it's just 20/20 hindsight, but I don't see how this kind of attack was apparently totally unanticipated by Network Solutions. And just look at all those pretty eggs in a single basket! No wonder the Cybercriminals seem to be winning.
It can't have been unanticipated, surely they know the golden rule - the biggest security risk is from within...