Behavioural analysis security software could have prevented IKEA spam incident

(23/01/2008)

Companies need to review their IT security arrangements, if they are to avoid a potentially serious spam incident that affected the email servers of Scandinavian furniture giant IKEA. A security hole gave hackers and phishers a free rein to exploit the company's mail server and made it possible for anyone to create a potent spam service, using the company's international mail server in Sweden as the sender.

"Newswire reports suggest that IKEA has just closed a serious security flaw that allowed hackers and phishers full-on access to the resources of its email servers, allowing them to send bulk outbound mail from the furniture giant's systems," said Geoff Sweeney, Tier-3's CTO.

The really troubling side of this security breach is that provides sophisticated hackers an opportunity to use it as a launch pad to send specially targeted emails containing zero day Trojans or Rootkits. The emails could then pass through almost all email and anti spam security technology that relies on white and black listing as a method to filter spam as they would come from an actual IKEA domain.

The behaviour of these emails coming through to an organisation could be detected by behavioural analysis security software which prevents both known and unknown threats. The sinister side of this type of attack is that they are targeted at specific people in an organisation and when they appear from a trusted source and combine the latest Antivirus evasion techniques there is a chance that a organisation’s entire set of security defences will be beaten .

According to Sweeney, “IKEA's problems were caused because the contact template on the firm's home page was inadequately secured, allowing hackers with criminal intentions to insert alternative e-mail addresses in a contact form. This basically allowed anyone with a little technical knowledge to generate millions of phishing and/or spam messages from IKEA's mail servers using a simple script. The potential damage to the company's reputation and possibility of email blacklisting could be significant."

"This is a classic case of where, with a little forward planning and investment in IT security technology, IKEA could have avoided denting its reputation, it is hard to believe that IKEA reportedly did not close this security hole immediately but left it open for a further 5 days after they were warned about it by Jonas Thomsen."

Sweeney added "Had IKEA installed behavioural analysis security software on its systems, then it could have locked down the spam email problem as soon as it had happened, and avoided blackening its name".

Related topics:  Virus, Worm, Email security, spyware and malware 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources