One in five corporate servers hijacked by spam-mailers

NEWS Another set of shocking security statistics has emerged from an Internet audit published this week by NTA Monitor. The security consultant says one in five of the corporates it surveyed have had their servers hijacked by spammers because out-of-date security software. This morning Silicon.com reported that NTA Monitor conducted an Internet survey which found that over half of Europe's corporations have security flaws on their email servers leaving internal communications vulnerable to outside interference. Now NTA has revealed further evidence to show how damaging these lax security measures can be. Over the last nine months, according to Roy Hills technical director at NTA, nearly 20 per cent of the company's 100 corporate clients have had their servers attacked. According to NTA, a spamming technique known as public relaying allows offenders to re-route emails through an unsuspecting corporation's server. The spam emails are sent in the host's name and the upsurge in traffic often crashes their server. But the most lasting affect can often be the damage to a company's reputation after it has been associated with a bad spam attack. One of NTA's clients, which refused to be named, told Silicon.com: "One weekend we had an influx of 20,000 emails from an unknown source. It caused a hefty blow to our network with a week's backlog and delays." The problem, said Hills, is that server software usually comes with a default setting that means it will route email traffic from one domain name to another -making it easy for a hacker to route traffic through the server. According to Hill, most corporations have old software which means they cannot limit where emails can be sent from and to. New versions can be bought which would allow limits to be set - but most almost 60 per cent of those surveyed have not yet bothered to use the technology.