Thursday, April 27, 2017

US Cert warns on state-sponsored malware that could hurt ISP's offering shared hosting


US-Cert in Pittsburgh (DHS) has sent out a detailed bulletin (TA17-117A) about foreign malware, apparently aimed mainly at Unix or Apache servers, that could steal information from customer accounts, particularly in shared hosting environments.

The report is very detailed and technical  and requires a lot of knowledge of PHP and other scripting to understand.

But it suggests that all service providers insist on longer passwords, more frequently hanged, and use 2-step verification from consumers.
 
The greatest danger, though, would seem to customers who have major consumer data.  And this seems to be a tool that may be of value to state actors in special situations (like North Korea’s Sony hack).  There could develop some political sensitivities about who could become a target in a shared environment, making them harder to secure in general.

No comments: