Swedish military unwittingly helped hose US banks in 2012/2013
Plenty of machines still unpatched, says Daily News
Sweden's military has told a newswire that its servers were used in a 2012/2013 attack on American banks.
The report from Agence France Presse (AFP) quotes military spokesperson Mikael Abramsson, who told the agency, "The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to prevent such a thing from happening again."
The military has since taken unspecified measures to improve the security of its machines.
Back in 2013, the US government claimed Iran was behind attacks on American banks. Arbor Networks reckoned the attacks didn't use traditional PC botnets, but were launched from insecure Web servers – which is broadly in line with the AFP report.
As many as 20 banks were targeted in the DDoS campaign, including Citigroup, Capital One and HSBC.
According to Sweden's Dagens Nyheter (Daily News), the military was alerted to the compromise of its servers by the country's Civil Contingencies Agency, MSB.
An armed forces security bod, Dan Eriksson, told Daily News the exposure was down to human error, and said that exploiting the vulnerability for DDoS didn't let attackers get into the military's systems.
However, the Swedish report also claims the vulnerability that existed in the military server is still present on "14,000 servers in Sweden," including 7,600 DNS servers and an unspecified number of NTP servers. It also claims many of the vulnerable machines are in the university sector. ®