From a press release by ISS (Internet Security Systems):
Internet Security Systems (Australia) Managing Director Kim Duffy said the company’s Global Threat Operations Centre first discovered attacks being launched worldwide late Thursday evening.
â€œBy Friday 8 am the attacks had escalated significantly and by lunch time we became aware that hackers were trying to infiltrate many of Australia’s largest financial institutions,â€ Mr Duffy said.
â€œAlthough many were already protected by us, we took the precaution of alerting them and, as a courtesy, we also faxed Australia’s top 500 private and top 500 public companiesâ€ he said.
â€œHackers have now developed and published three attack â€˜tools’ and, as these tools become more widely available, it is expected that the target base will grow and include government and commercial entities.
â€œOur Global Threat Operations Centre expects the threats to continue for some days,â€ Mr Duffy said.
â€œSo far, we’ve monitored many separate attacks on our Australian high profile clients. We know from our colleagues that a number of financial institutions in the U.S. have been compromised and a similar situation could arise here with companies that are not adequately protected,â€ he said.
The hacker attacks came only hours after Microsoft had announced that it had released an upgrade (known as a patch) to plug a security gap in one of its most popular software applications SSL (Secure Socket Layer).
â€œOur X-Force research laboratory discovered the flaw in September last year when we informed Microsoft in accordance with our confidential disclosure procedures,â€ Mr Duffy said.
â€œThese procedures are designed to give vendors like Microsoft as much time as possible to develop and then distribute upgrades to plug any security gaps,â€ he said.
â€œA successful attack over the weekend would enable hackers to have full remote control of important servers and have the potential, depending on the target server’s configuration, to compromise an institution’s most sensitive data.
â€œWhilst the attacks were primarily aimed at financial institutions, the reality is that they could, at any moment, switch to any entity operating with a vulnerable Microsoft SSL (Secure Socket Layer) server,â€ Mr Duffy said.