ZDNet – (International) How hackers scrape RAM to circumvent encryption. Speaking at Verizon's media day forum November 7, the company's business investigative response managing principal said the various encryption standards today do a good job of protecting data that is at rest, such as data stored on a server or in transit across a network. However, in many cases, data is left completely vulnerable during the processing stage. This has opened up servers to attack by a technique that the principal calls "RAM scraping," which examines the memory of the running Web server and extracts data while it is in its processed, unencrypted state. He demonstrated the attack using a fictitious e-commerce site that never stores credit card information — a practice that many retailers do when they take payment details and pass them on to a third-party payment processor. However, the Web server must handle the information during processing, and it is there that it appears in the memory of the server in its unencrypted form, which allowed the principal to retrieve the information.
Ali Loney, on November 08, 2012