HOUSTON , Aug. 5 /PRNewswire/ -- In April 2008 , a massive SQL injection attacked web sites throughout the world, compromising the integrity of their databases and garnering much industry attention. What seemed to be a sequel to this SQL injection surfaced in mid-June, slipping in largely under the radar - but not the radar of at least one global provider of managed security, Network Box Corp.
"The SQL injection appeared to be highly targeted, affecting a single one of our boxes in Australia at a rate of about 5,000 hits per day," says Pierluigi Stella , CTO of Network Box USA, Inc. (http://www.networkboxusa.com), the American arm of Network Box Corp. "The attack first identified a specific version and account of Microsoft IIS and SQL Server, and then delivered a complex encoded SQL injection payload."
In reaction to this heightened activity, the Network Box Security Response center developed two new IDP modules to further improve its detection and protection abilities for generic and specific known SQL injection threats, and released the modules to its customers.
"About a week later, the attack went global," says Stella. "We saw it on about 30 boxes, with each box getting some 1,000 probes a day. Over the next few days, we saw a dramatic increase in malicious activity across several continents and from more than 40 source countries."
A major botnet with at least 4,000 compromised hosts was responsible -- creating and sending spam and viruses and flooding networks with messages as a denial-of-service attack. Network Box increased its global threat-level indicator and continued to closely monitor the situation, further refining and improving its protection signatures and heuristics as necessary.
"Because we knew something was up and were prepared for this dangerous threat, our customers' network security was not breached," Stella concludes. "This stuff is very focused, and if you just have a device, instead of a managed security provider with a worldwide presence, this type of attack is not easy to notice -- that is, until it's too late."
"This instance underscores the advantages to Network Box customers that the company is dispersed geographically and operates as a managed service provider," notes industry analyst Tim Clark of The FactPoint Group.
"As a managed service provider, Network Box's revenue is directly tied to keep its existing customers safe and happy; otherwise they might bolt to another provider," says Clark. "Security device makers also want happy customers, but their financial interest comes from selling the next device, not the current one.
"Network Box's global footprint helped, too. The initial attack in Australia put Network Box on alert with solutions to counter the attack anywhere. That made their customers safer when the attack went global the following week."
About Network Box USA
Network Box USA, Inc. (http://www.networkboxusa.com), the American arm of Network Box Corp., was formed in response to the escalating danger posed by security breaches, virus attacks and similar threats arising from widespread use of the Internet. Its mission is to provide enterprises of all sizes with a cutting-edge computer network security solution that is effective yet affordable. The company's flagship product, the Network Box appliance, has won numerous awards for excellence and is now in the forefront of UTM, the next generation of firewall technology. Among Network Box USA's customers, the product has been especially embraced by banks, credit unions, and other financial institutions. Network Box USA is headquartered at 2825 Wilcrest, Suite 259, Houston, Texas 77042; telephone 832-242-5758 or (toll free) 888-315-8886; fax: 713-933-0290; email firstname.lastname@example.org.
SOURCE Network Box USA, Inc.