Covisint, a subsidiary of Detroit-based Compuware Corp. (Nasdaq: CPWR), Monday announced the availability of a new, free whitepaper helping organizations fend off “Night Dragon” style attacks.
These “Night Dragon” vulnerabilities — a form of cyber espionage — began in 2008 and 2009 and lasted for well over a year. As a result, several gigabytes of highly sensitive account information and internal documents were exposed to rogue users from companies on multiple continents.
“The ‘Night Dragon’ threat is real, it is dangerous and it can irreparably harm organizations both financially and reputationally,” said Dave Miller, Covisint Chief Security Officer. “More importantly, these attacks should serve as a reminder that organizations need to try to proactively manage and secure their precious identities — leveraging solutions such as Covisint’s — particularly as more and more data and
applications move into the cloud.”
The Covisint whitepaper articulates:
* the inefficiencies and pitfalls of managing identities manually;
* how “orphan accounts” and “incomplete user deactivations” are common yet dangerous;
* the inherent weakness of password credentials;
* identity vulnerabilities that can lead to financial and reputational disaster; and
* the misunderstood importance of separating identities from the data and applications.
Night Dragon hackers focused on global oil and petrochemical companies, exposing highly sensitive competitive information and potentially jeopardizing multi-billion dollar energy deals. Hackers did this by subverting administrative accounts to gain “allegedly” authorized access by leveraging simple password entrance tactics. Once given access, they, in essence, became new “users,” thereby avoiding detection.
Covisint debuted today’s whitepaper offer at SPE Digital Energy Conference & Exhibition 2011 (booth No. 407). Attendees can obtain and discuss the whitepaper (titled: Protecting Your Organization from “Night Dragon” Style Attacks) in-person with Miller, the paper’s author. Additionally, the whitepaper can be obtained online at
As a pioneer in cloud computing and hosted identity management, Covisint enables customers to simply and securely access relevant information and applications while also managing digital identities. Covisint enables this access via a single digital identity and sign-on across virtually any combination of internal and external systems and end user groups.
Covisint provides secure communication and collaboration. Its ExchangeLink platform provides industry-specific services for identity management, collaborative portals and data exchange, as well as a third-party application marketplace. Learn more at www.covisint.com.