VeriSign Inc said yesterday that it saw a 176% average increase in attempting hackings logged by its managed security services (MSS) in the six months to December 2003, and that it can often correlate the sources of these attacks with the sources of fraud.
The company operates credit card payment processing systems, sells SSL certificates, manages the .com and .net domain name system servers, and manages security devices like firewalls and intrusion detection systems for enterprises.
After cross-referencing data produced by these various services, VeriSign claims that in November it saw a 47% correlation between the IP addresses involved in fraud, and those involved in hack-related port scans.
In one instance, the firm said, a great deal of credit card fraud was being detected coming from an address range at a Ukrainian ISP. VeriSign cross-reference these addresses with intrusion logs to infer that the same person was port scanning its customers’ firewalls.
The claims came in VeriSign’s quarterly Internet Security Intelligence Briefing, in which it also reported that e-commerce sites using VeriSign’s fraud detection systems turned away about 7% of attempted transactions for being suspicious.
This article is based on material originally published by ComputerWire