Monster hack "should have been avoided"

 

Gallery

By Stuart Turton

Posted on 23 Aug 2007 at 15:30

The Monster.com trojan attack could have been avoided had the site encrypted its database, according to security experts.

The attack on Monster was an incredibly well executed strike, which saw thousands of US users targeted with emails supposedly from the job site telling them to download a "Monster Jobseeker Tool". Upon installation, the tool encrypted and stole users' files, leaving notes that demanded the victims pay the hackers $300 (£150) to decrypt the information and prevent it from being made public.

Security companies say that not only was the attack easily avoided, but that the only surprise was that it hadn't happened to a major company sooner.

"Organisations such as Monster are relying too much on the integrity of the network," says Calum Macleod, European director of Cyber-Ark. "Emphasis on perimeter security has caused IT managers to lose sight of the fact that it is the data that is important, not the infrastructure."

"If the kids leave the door open and somebody steals your jewellery, you don't wonder why the door was left open, you wonder why the jewellery wasn't in a safe," he adds.

Macleod describes the attack on Monster as "miniscule" in comparison to what could happen in the future and said encryption of data at source has to become a priority for companies.

"Using this approach means that the data can be held securely on the web server and, even if hackers succeeded in downloading the files, the fact that they were encrypted would render the data unreadable and therefore unusable."