Trojans target online gamers, put businesses at risk

By Shamus McGillicuddy, News Writer 09 Jan 2007 | SearchSMB.com

Technology news and tips for midmarket CIOs Digg This!     StumbleUpon     Del.icio.us

About 62% of all password-stealing Trojans target financial institutions. But a new report from researchers at Santa Clara, Calif.-based security vendor McAfee Inc.'s Avert Labs revealed that 18% of known Trojan password stealers target massive multiplayer online role-playing games, such as World of Warcraft and Second Life.

More on business apps CIOs fighting uphill battle against renegade apps IM too critical a business app to ban

Why games? There's real money to be had. Players will actually pay real money for virtual resources other players accrue while playing such games -- resources such as gold, weapons, cars or real estate. These goods may be fake, but to gamers who spend hundreds of hours playing in these virtual worlds, it's worth the money to get a leg up on the competition.

The problem for businesses is this: A lot of employees are playing these games on company-issued computers. If criminals can hack into the game, eventually they could hack your business, too.

With a lot of these games, players' computers act as servers. The user will invite other players onto their computer to play the games.

"Businesses could be at risk," said David Marcus, security and research communications manager at Avert Labs. "Let's say employee X sets up their own World of Warcraft server and lets people come in and play. That allows people on other machines to come into the business. It allows people outside the business to log on behind the firewall. It allows people to potentially get access behind the firewall."

Marcus said such employees are definitely exposing corporate networks to threats. Malicious users seeking game passwords could just as easily probe and scan a corporate network. It just requires some imagination. And cybercriminals have plenty of that.

Ron O'Brien, senior security analyst at Burlington, Mass.-based security vendor Sophos PLC, said CIOs know this is becoming a problem.

"We did a poll on our Web site and got about 500 responses," O'Brien said. "When it came to computer games, 90% of respondents wanted to be able to block games and 62% said it was essential."

O'Brien said IT managers know games pose a bandwidth problem, but the security issue is also a growing concern.

"If I were a participant in some of these games and I post my availability, I'm saying 'I'm online playing this game and I can have up to 15 other people play with me,' which means I'm hosting this game on my server. So anyone looking to steal credentials could tie up my server because I made a public announcement that I am available to host games."

Those foreign users are stealing computer power -- and they're seeing things they shouldn't see.

"What it does in some instances is lower your resistance to external threats because you may be, in effect, opening up your firewall," O'Brien said.

Richard Stiennon, chief marketing officer at Sunnyvale, Calif.-based Fortinet Inc., added, "You're taking a local machine that is hidden behind a firewall and making a bunch of people aware that it's even there."

Stiennon added that these games have virtual chat rooms where critical business information could be leaked, and those chat rooms are also a venue where game players can be tricked into clicking on malicious Web links.

Natalie Lambert, an analyst at Cambridge, Mass.-based Forrester Research Inc., said the chat functions alone in these games are an auditor's nightmare.

"There is always that fear that some kind of confidential data will get leaked out on these machines that are meant for corporate use," Lambert said. "One of an organization's biggest challenges now is making sure everything is logged for audits, and this can make things much more difficult -- when you are having chats with outsiders and trying to have some sort of audit trail going."

Sophos recently added about 30 games to its application control software, a product bundled with its security software that blocks unwanted programs. O'Brien said Sophos is blocking some games simply as a productivity issue, such as the games that come standard on Microsoft Windows. But the online games carry the added security threat. He said Sophos will continue to add games to it blacklist over time.

Stiennon said CIOs should look at other ways of closing off online games, such as preventing employees from reaching other players.

"Trying to do it through a blacklist is not necessarily the best way," Steinnon said. "You can do it at the network level."

Let us know what you think about the story; email: Shamus McGillicuddy, News Writer

Tags: Information security management for the midmarket,  Risk management for the midmarket,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Information security management for the midmarket Using key risk indicators to sell your information security program IT security spending a bright spot in '09, with more growth predicted Gartner: Vetting security of third-party partners in five steps Locking down security in the move to electronic medical records Security and risk management in the midmarket Identity and access management planning guide for the midmarket Information systems management for the midmarket CIOs share advice on doing more with less Get smart about patching security vulnerabilities A CIO's advice for implementing single sign-on solutions Risk management for the midmarket Using key risk indicators to sell your information security program Gartner: Vetting security of third-party partners in five steps Security and risk management in the midmarket Identity and access management planning guide for the midmarket Get smart about patching security vulnerabilities Log management tool saves big on network fixes, integrates with IPS Unified communications: Securing access to OCS Disaster recovery and business continuity planning: Know the risks Database security: Who should have access? San Francisco network lockup justifies CIO fears

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary