Imperva comments on Iowa Homeland Security site hack

Wednesday, 10 March 2010 13:55

Reports that the US Department of Homeland Security’s Web site for Iowa has been defaced by hackers sends out a very strong message on the IT security front, says Imperva.

According to the data security specialist, although there is clearly a balance that needs to be struck in all organizations in terms of security expenditure and its return on investment, the high profile status of the Department of Homeland Security means that the Web site should not be vulnerable to hacker defacements.

“Although it’s fair to say that no IT resource can ever be 100 per cent protected against all types of attacks, the fact that this hack – and the other two state sites that were also defaced – apparently stems from a misconfigured script or server settings sending out all the wrong messages to businesses and hackers alike,” said Amichai Shulman, Imperva’s chief technology officer.

“As if this wasn’t bad enough, the statements by officials also seem to be at odds with each other.

“On the one hand we have a state spokesperson saying no real damage was done, and on the other we have another set of people trying to justify the need for another layer of government employees when the existing staff resources could do the IT defense job just as well – or not, as in this case,” he added.

Shulman went on to say that the best security can always prevent hackers, but the big question is how much security an organization is willing to invest in.

This is generally answered, he explained, by balancing the pros and the cons of investing in one or more elements of IT security – and in the case of the Department of Homeland Security, the pros very clearly outweigh the cons.

It’s important to realise, the Imperva CTO went on to say, that hackers never introduce the vulnerabilities themselves – they just exploit them.

“People need to realise that whatever you do, wherever you are everyone is a target. Only by investing in the best software can you prevent hackers from destroying your business” adds Shulman.

by Janet Harris

www.securitywatch.co.uk

Add comment

JComments

HostExploit News Feeds

RSS feed (default)
FeedBurner RSS feed

Latest News

Router Hacking, Warkitting Take Stage at Black Hat Router hacking and modem security is in the news again, thanks...
Millions of fake items seized in fight against counterfeiting and piracy A regional breakdown of the fight against piracy and counterfeiting...
Nation needs ways of reducing Internet censorship The Internet is reportedly among the candidates for this year’s...

HE Twitter

Google Security News

Researchers Hack the Internet to Keep Us Safe - Black Web 2.0 15:47 (GMT) - 30.07.2010
Read all 'Cyber Command' posts in Military Tech - CNET (blog) 14:18 (GMT) - 30.07.2010
Norton Internet Security 2010 - ITWorld Canada 12:34 (GMT) - 30.07.2010
Webroot Internet Security Complete 2011 - PC Magazine 11:01 (GMT) - 30.07.2010
Internet 'key holders' are insurance against cyber attack - msnbc.com 9:47 (GMT) - 30.07.2010
McAfee Acquires tenCube – Makers of WaveSecure - Phandroid.com 7:55 (GMT) - 30.07.2010
Skull Security Offers Up 100 Million Facebook Profiles to Anybody - DailyFinance 22:00 (GMT) - 29.07.2010
Black Hat 2010 - Day One Roundup - The Tech Herald 19:08 (GMT) - 29.07.2010
RIM Acquires Internet Domain Name Rights to Blackpad.com - Bloomberg 17:24 (GMT) - 28.07.2010
Webroot adds functions to security software (podcast) - CNET 21:41 (GMT) - 26.07.2010