eWeek: Attackers have frequently targeted human rights and foreign policy think tank websites with DDoS attacks, but now they're taking a craftier approach. According to the Shadowserver Foundation, hackers have begun compromising these websites with exploit code that spreads malware and enables cyber-espionage against people who visit the sites. Affected sites include Amnesty International Hong Kong, Center for Defense Information and the International Institute for Counter-Terrorism.
“These types of attacks seem to be increasing as the attackers look for additional ways to target and compromise a particular demographic while still being somewhat indiscriminate,” said Shadowserver’s Steve Adair. “I think attackers are finding that instead of going to the targets, that they can let the targets come to them. Even a person that's been trained on how to spot and notice suspicious emails will likely have their guard down when visiting a Website they go to every day or every week.”
“The cold reality is that, in addition to APTs [Advanced Persistent Threats], most organizations aren't protected from even the most basic of scripted attacks or common attack tools,” said Dave Marcus of McAfee Labs. “Ensuring security policies, network security prevention and detection, as well as incident-response plans are all up to date, will help your organization prevent and mitigate APT attacks."
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.