News Feature

Boomtime for Malicious Hackers

Facing a persistent deluge in malicious code, IT security managers need to test their systems and stay current on security research.

August 06, 2007 — CSO — It’s a good time to be a malicious hacker. That’s because even though it’s not a time of revolutionary new techniques in hacking for profit, business is booming for the established methods. Despite increased investment in information security defenses, the good guys continue to lag badly behind. According to one report by Sophos, which called the recent uptick in malware a “deluge,” by April 2007, more than 250,000 websites were hosting malicious code and more than 8,000 were being added to that total every day.

A sample of the deluge:

Hackers compromised Google AdWords so that links on certain sponsored ads were redirected to the attackers’ website first, where an attempt was made to install a keylogging bot.

Zero-day exploits in Windows were discovered, including a critical flaw in animated cursor files that would allow an attacker to commandeer a PC.

Incidents of iFrame malware —code that lives in an invisible-to-the-eye frame on a website and delivers bots onto the PCs of people visiting the site —have increased.

Credential-stealing bots like Gozi and Torpig continued to troll for personal banking information on infected computers.

A hacker won $10,000 breaking into a Mac through the Safari browser, which was followed by Apple releasing a patch for 25 vulnerabilities.

A researcher announced she is planning to demo ways to install rootkits and perform encryption attacks on Microsoft’s new Windows Vista product at this summer’s Black Hat conference.

A 17-year-old was charged with hacking into AOL, using a phishing scheme against AOL employees and using unauthorized instant messaging accounts, with the intent to transfer confidential data.

The only response for many information security professionals is to stay on top of the latest developments and prioritize response according to need. But that’s getting harder to do with the sheer volume of information on new attacks.

Many are also met by apathy or skepticism when trying to shed light on the problems. “It is hard to discuss solutions when no one believes there is a problem,” says Eric Hacker, a CISSP who works for a technology company. “The culture cannot mix security and business for whatever reason.”

Attack Readiness Basics

In light of persistent attacks, security experts urge security and IT executives to do the following basic routines to stay ready and prepared for malicious code assaults:

1. Perform a complete penetration test and audit of your website. Close up any iFrame vulnerabilities.

2. Prepare for an increasing number of bot infections and have a response plan ready.

3. Keep up on the latest research and intelligence on current attacks.

Comments

Share [+]

TOOLS

Comments

Digg This

SlashDot

CENTER OF EXCELLENCE

Security

» Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.

» Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.

» Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.

» 7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.

» Ponemon Study: How Much Does a Data Breach "Cost"?
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.

Center sponsored by