Rootkit breaches network security in India, Are you effected?

In my role at work I recently had the opportunity to discuss with a expert in security aspects of the PCI-Data Security Standard in the context of storing credit card information. This covers amongst many other things, whom has access to the data. Our client has a team in India doing work for his site as well.

This means that when he comes round to getting pci-dss compliant he will have to factor in them into his equation.  Now I’m seeing that there’s been a pretty major security breach across India. This is one of the many factors one should consider when outsourcing work to beyond national borders.

The breach is in the form of a rootkit hijacking against certificates for drivers by Realtek whom quite commonly develop Ethernet cards for many manufacturers. Therefore there is a significant risk that your outsource partner could be effected.

References
ZDNetUK

Leave a comment

Your email address will not be published. Required fields are marked *