December 15, 2008
Cisco: Cyber Attacks Are Growing More Sophisticated, Targeted
By Michael Dinan, TMCnet Editor
Cyber-criminals – men and woman who use computers to do things like make bogus offers or steal information, money and identities – are becoming more and more sophisticated and are developing increasingly specialized attacks, a panel of experts from the world’s largest maker of networking gear said today.
Officials from Cisco Systems Inc. said during an IPTV (News - Alert) broadcast this morning that people who use technology as a tool to drive their own illegal businesses are innovating in ways far more complex than the old e-mail viruses.
According to Patrick Peterson, a Cisco (News - Alert) fellow and chief security researcher, the criminals now are blending e-mail and the Web to attack specific entities, such as smaller credit unions and universities.
“The sophistication is mind-boggling,” Peterson said. “It’s impossible to imagine that criminal enterprises can do this kind of sophistication.”
Peterson was joined by David Goddard, Cisco’s vice president of security assurance, and Tom Gillis, its vice president of security product marketing, in an hour-long, free broadcast available here.
With botnets, phishing and spam attacks, cyber-criminals possess the technology to infiltrate Web sites and post their own content, though at other times, criminals are using legitimate means – such as popular e-mail sites from Yahoo!, Hotmail or Gmail – to hijack personal accounts. Once inside a user’s personal account, for example, the criminals may use contact lists to spread harmful hyperlinks that pull other people’s PCs into a network of infected computers.
According to Gillis, what’s spurring the increasingly complicated, bold and targeted attacks is a familiar motivator: money.
“Money is often the root behind innovation,” Gillis said. “If someone has an attack that works, they get rich.”
According to the report, which includes protection recommendations to individuals as well as government officials, the overall number of disclosed vulnerabilities grew by 11.5 percent over 2007. Also, the report says, vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year, and attacks are becoming increasingly blended and cross-vector.
Cisco researchers say they saw a 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007. Also, the volume of malware successfully propagated through e-mail attachments is declining. Over the past two years, the number of attachment-based attacks decreased by 50 percent from the previous two years.
As TMCnet reported, experts say that the increasingly popularity of mobile devices that are Internet-ready, such as the Apple (News - Alert) iPhone or BlackBerry smartphones, also is increasing security threats.
According to Terry McCabe, chief technology officer at Airwide Solutions – an international company headquartered in Burlington, Massachusetts that provides next-generation mobile messaging and wireless internet infrastructure, applications and solutions – also says that in this slower economy, more consumers are using their mobile devices to comparison shop, as well as check their bank balances and portfolios.
Already, McCabe told TMCnet during an interview, mobile malware has evolved from annoying text message spam to snoopware that enables the hacker to listen in on conversations, install spyware that allows him to access phone logs and contacts, and send text messages and multimedia spam to other devices.
“However, the most frightening aspect about mobile malware is its potential to use an infected smartphone or other device as a proxy or gateway into an organization’s core network,” McCabe told TMCnet. “By hijacking a handheld device, hackers can breeze past a traditional firewall and make their way onto a company’s mail server, customer database, CRM tools, and other critical parts of the network. And this damage may result from something simple, such as an employee receiving a message to download a free game or antivirus update.”
Specific threats, according to Cisco’s report, include spam, phishing, botnets, social engineering and reputation hijacking.
While targeted spear-phishing represents about 1 percent of all phishing attacks, it is expected to become more prevalent as criminals personalize spam and make messages appear more credible, according to Cisco. Also, botnets reportedly have emerged as a nexus of criminal activity on the Internet. This year, numerous legitimate Web sites were infected with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites.
The report also finds that the use of social engineering to entice victims to open a file or click links continues to grow.
According to the IPTV broadcast panel, the economic recession increases the likelihood that disgruntled workers from the hard-hit financial services industry, especially, may be preparing to launch attacks.
Such attacks, from the inside, are difficult to track, Goddard said.
“If there is an intelligent person, especially with technical abilities and they want to commit a crime in an organization, it’s certainly very difficult to capture them,” he said.
TMC (News - Alert) announces NGN – the new magazine for service providers building tomorrow's communications networks. Subscribe free today.
Michael Dinan is a contributing editor for TMCnet, covering news in the IP communications, call center and customer relationship management industries. To read more of Michael�s articles, please visit his columnist page.
Edited by Michael Dinan