It is pretty telling how far online gaming, especially MMO (Massive Multiplayer Online) gaming, and other new media have come in recent years. Technologies typically reserved for use by security minded corporate IT executives are now making their way into online gaming.

An IT security specialist may want to add a second layer of authentication credentials to protect valuable company assets accessible on a company Intranet. Typical corporate users are known to use weak passwords. One might suggest that the use of strong password conformance programs or generation of strong passwords be used. This is easily responded to with reality. Anyone who has worked in IT in a corporate environment knows that executive arm twisting takes place and often these rules go wayside for some users. For example, the fictional CEO that always forgets his password unless he uses his daughter’s name and birth year  ”Jane2001″.

One answer to this security dilemma: Two factor authentication. This leverages the security philosophy of something you have and something you know. You see, someone may know or guess your password, but unless they have this other physical thing, the password does them little good. This other physical thing could be an access card, smartcard, authentication token or key on a memory stick, or better yet a small device that generates a six digit code every so often that matches the same code generated on the server side every so often. We are talking about DIGIPASS® by Vasco Data Security Intl. , or SecurID® by RSA Security. So, a user login may go like this: user enters username and password, then pushes button on SID device which provides the six digit code which must be entered with the other aforementioned credentials. This has been around for years, but this is the first time I have ever seen a game or game network offer this technology to its users.

The fact is, gamers invest a great deal of time and money into this new era games and these accounts can accrue considerable value. Enough so that phishing, account theft, etc. are reported at a blistering rate. Battle.Net, a Blizzard Entertainment company, most known for the management of millions of World of Warcraft® accounts has implemented such security technology recently. Battle.Net uses DIGIPASS® by Vasco Data Security Intl..

“The Battle.net Authenticator is designed as a supplemental authentication method for your World of Warcraft® account, giving you the security of Two-Factor authentication. Each time you log in using the Battle.net Authenticator you are provided with a unique, one-time use password to use in addition to your regular password. Log in with both and you can rest easy knowing that your account is now even more secure from malicious attacks such as key loggers and trojans.”

Battle.Net Keychain Authenticator

Attaching one’s account to the authenticator is ultra simple and the price for this cool little gadget is less than $7 US. But, you don’t need the keychain authenticator to tap into Battle.Net’s two-factor authentication; they offer a mobile application for free that does the same thing, and it is available for iPhone/iPod Touch, Android, and other mobile phones.

As social networking, gaming, and life online all continue to evolve, look forward to this security technology becoming much more common place.

Yesterday, February 18th, 2010, NetWitness Corporation announced that its analyst had discovered  a dangerous new ZeuS botnet affecting 75,000 systems in 2,500 organizations around the world. The newly-discovered botnet, referred to as the “Kneber botnet” after the username linking the infected systems worldwide, collects login credentials to online financial systems, social networking sites and email systems from infected computers and reports the information to evildoers who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities.

NetWitness discovered this particular botnet in January during a routine deployment of one of their systems. Further investigation uncovered extensive compromise of commercial and government systems that included 68,000 corporate login credentials, access to email systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials. Plus, 2,000 SSL certificate files, and dossier-level data sets on individuals including complete dumps of entire identities from victim machines.

Amit Yoran, CEO of NetWitness and former Director of the National Cyber Security Division, said, “While Operation Aurora shed light on advanced threats from sponsored adversaries, the number of compromised companies and organizations pales in comparison to this single botnet. These large-scale compromises of enterprise networks have reached epidemic levels. Cyber criminal elements, like the Kneber crew quietly and diligently target and compromise thousands of government and commercial organizations across the globe. Conventional malware protection and signature based intrusion detection systems are by definition inadequate for addressing Kneber or most other advanced threats. Organizations which focus on compliance as the objective of their information security programs and have not kept pace with the rapid advances of the threat environment will not see this Trojan until the damage already has occurred. Systems compromised by this botnet provide the attackers not only user credentials and confidential information, but remote access inside the compromised networks.”

“Many security analysts tend to classify ZeuS solely as a Trojan that steals banking information,” stated Alex Cox, the Principal Analyst at NetWitness responsible for uncovering the Kneber-bot, “but that viewpoint is naive. When we began to detect the correlation among both the methodology used by the Kneber crew to attack victim machines and the wide variety of data sets harvested, it became clear that security teams must rethink their entire perspective on advanced threats such as ZeuS and consider more diverse mission objectives.”

Over half the machines infected with Kneber also were infected with Waledac, a peer to peer botnet. The coexistence of ZeuS and Waledac suggests the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground.

“NetWitness enables the discovery of malicious code like Kneber – before things get critical and valuable data is lost,” said Cox. “It is 100% certain that many organizations have no idea they are victimized by these types of problems because they’re just not tooled to see them on their networks. The Kneber botnet is just one category of advanced threat that organizations have been facing the past few years that they are still largely ignorant or blind to today.”

This botnet is believed to have been operating undiscovered for the last 18 months.

To download a copy of the NetWitness Kneber whitepaper, visit http://www.netwitness.com.

The Wall Street Journal also wrote an article regarding this http://online.wsj.com/article/SB10001424052748704398804575071103834150536.html