March 31, 2011, 8:53 PM — This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
Cybercriminals are increasingly targeting the information assets of some of the world's most well-known organizations, according to the findings of a recent global study by McAfee and Science Applications International Corp. (SAIC) entitled "Underground Economies: Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency."
With firewalls, antivirus and other security mechanisms protecting corporate networks, how do attackers manage to penetrate enterprise computer systems? Simply by exploiting the weakest link in the security chain. One of the newest methods is tunnelling in via employees' browsers using an attack known as "Man-in-the-Browser" (MitB).
An MitB attack starts with malicious software (usually a Trojan like Zeus or SpyEye) lurking on a seemingly innocuous website. When visitors arrive the malware takes control of their Web browser and modifies pages, content or transaction data presented to the user.
All of this is done without the user's knowledge in a completely covert fashion. Depending on what the browser is being used for, MitB enables attackers to silently steal anything from login credentials to account numbers or financial information. With browser sessions often containing the logon details for email systems, VPNs and cloud services -- such as cloud CRM -- it's critical to lock down these sessions without impacting performance. Making the situation worse is the explosion of mobile devices and the multitude of people who can access enterprise resources remotely.