RSA's New FraudAction Anti-Trojan Service
Listen to the column RSA's New FraudAction Anti-Trojan Service, or visit our Podcast Center to hear more by James Gaskin.
If your company belongs to the financial world in any way, whether as a bank, brokerage, or e-commerce leader, fraud gives you constant headaches. If phishing and pharming weren't bad enough, your company may be targeted by a Trojan campaign grabbing legitimate user information to use against you. RSA's expanding focus beyond authentication into pro-active fraud security may be able to help.
RSA's four pronged attack includes identification to monitor crimeware and discover intended victims (like your credit union). Analysis then decodes the crimeware to understand the intended crime method for exploiting stolen information, including security holes in the victim's technology. Tracing backwards, RSA works to identify and block control and command servers that distribute crimeware, such as Trojans waiting to report or get updates. Finally, their targeted shutdown programs convinces hosting providers to close the sites before they can do damage.
This trend makes sense as RSA expands their security services. Unlike some of the earlier services, the FraudAction activity runs as a hosted service at RSA on behalf of customers. They integrate with leading access and hosting providers to look for Trojan traffic targeting clients, then move to cut off avenues the criminals use to exploit their stolen information.
Marc Gaffan, Director of Product Marketing for RSA, says, "financial services clients in the past could only be reactive. We capture the crimeware, understand who it targets and what kind of damage it can do, and decide what countermeasures to use to combat the Trojan."
Law enforcement must be called by the client, not RSA, because the client is the one getting attacked. RSA will happily provide all forensic data to help in the prosecution, of course. But the reality is many financial institutions keep these types of attacks out of the courts and therefore the news.
Over 200 clients have signed up already, and this is an expensive program used by big companies. Gaffan claims RSA has already detected and shut down over 32,000 unique phishing attacks. The criminals keep advancing, changing, and trying new tactics. You must do the same, and RSA offers an interesting twist on the typically reactive security model.
Unfortunately, there isn't a Web host API command called "explode" or "flame on." Seeing criminals fleeing exploding Web servers into the arms of waiting police would be a great joy.
ITworld.com
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
