Tri-LoniX Security Corp – The American company that takes its security seriously.
At least that’s what the sign says… In the meanwhile someone or something in South Korea has been pounding on one of Tri-Lonix’s publicly facing SFTP servers all day and night for three months now. This APT (Advanced Persistent Threat) has been changing the login name to the most frequently used account names such as root, admin, administrator, etc every few attempts then trying default and commonly used passwords. As it passes authentication strings to the server without noticeable reaction or consequence this APT appears to be learning that either this targeted machine is legitimately an unprotected machine or that it is a honeypot. With nothing to lose in the case it were a honeypot the monster continues to grind away with its masters knowing they will eventually get in.
On the other side of the ranch the SFTP server’s hypervisor hasn’t been updated in four years, the server’s OS in two years and not to mention the third-party server service itself over one year. As to the contents of the server there are gigabytes of unencrypted Personally Identifiable Information (PII) from the corporate staff, their partners and all attached parties. There’s also various directories of ill-contrived sharing methods such as zip files of internal source code between developers and clouded services that couldn’t share with the company’s crippled SVN or plain red tape. For lack of a better phrase this box is ripe for the picking.
Ironically the only saving grace from this box getting owned right now by this APT is that when it was configured there were no test accounts used and it didn’t come with a default account. In fact no testing whatsoever occurred. It was hauled right into production to meet the immediate need. Virtual accounts and permissions were generated and brought to the edge for all the world to see and access. Clearly the Tri-LoniX’s Information Technology management has no idea what they are doing or even not doing and are only still around by mere luck. Eventually their luck will run out and the data will be free… or at least with another master – one that would give the respect the data deserves. 😉
The technology of today’s attack systems is so advanced that no single person or even team of people can stay on top of. It takes a dedicated company firmly planted in security research and development to even get a whiff of the the latest zero day zipping through the air at the speed of light; armed heavy resources to stop it from taking the intended target down. Imagine what kind of chance a misinformed and mismanaged team such as Tri-LoniX has…
With Milton Security Group your mind can lay at rest because all the dirty work gets handled and managed by the appliance itself; such as the Milton Security Group’s Edge 7200i. Threats such as this are a thing of the past with Adaptive Network Access Control. Your packets stay where you want them to stay.