Between phishers and the deep blue sea

Gavin Reid, trying to shut down a phishing Web site, found one thing was making the job that much harder: The attack was coming from India.

Businesses in that country were finishing up for the day when he arrived for work at his U.S.-based employer. That made coordination difficult for Reid, leader of a security incident response team at a Fortune 500 technology company, as he scrambled to fix the problem for a customer.

"By the time we reached the right contact, it was too little, too late," said Reid, who also serves as a project leader for the Forum of Incident Response & Security Teams. "Three days had passed, and with phishing attacks, much of the damage occurs in the first day."

When an attack is launched from overseas, time zones and language barriers can add a layer of complexity to quickly resolving the threat. These hurdles are becoming more of a problem as hackers target industry-identified soft spots such as China and Korea as a base for global attacks. And while security response bodies and law enforcement agencies are cooperating in the fight, there's still more that can be done to coordinate, experts say.

The stakes are high. Companies can find their operations sidelined for days and their reputation tarnished after suffering an onslaught from a worm like Sasser, a denial-of-service attack, or a phishing scam that attempts to steal sensitive information from their customers.

All that translates into a financial loss for companies and organizations in the United States, which last year saw viruses cost them $55 million and denial-of-service attacks $26 million, according to a survey of corporations, government agencies, financial and medical institutions, and universities conducted by the Computer Security Institute and the FBI.

read the rest here: