Search
Advertisement

Business

Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Threat Intelligence / Strategies

Hackers Will Shift Targets in 2006

By Tom Schmidt

The year 2006 was barely under way when a recently discovered flaw in Microsoft Windows allowed attackers to perform arbitrary code execution, initiate a denial-of-service attack, and take control of a user's machine. According to US-CERT, at least 57 worm variants were almost immediately observed leveraging this vulnerability. Such a rapid rise in cyber attacks ultimately forced Microsoft to bow to "strong customer sentiment" and issue an early fix to the problem.

With the New Year have come new threats.

As the authors of the most recent edition of the Internet Security Threat Report observed, there has been a discernible shift in the threat landscape. Attackers are moving away from large, multipurpose attacks on network perimeters and concentrating instead on more focused attacks on client-side targets. The authors predict that this new threat landscape will likely be dominated by emerging threats such as bot networks, customizable modular malicious code, and targeted attacks on Web applications and Web browsers. Moreover, where traditional attack activity was motivated by curiosity and a desire to show off technical virtuosity, the new threats are motivated by profit.

This article looks at the new threat landscape in some detail in order to better prepare enterprises for the complex Internet security issues likely to arise in 2006.

New targets

In the concluding section of the latest Internet Security Threat Report, the authors discuss emerging trends and issues that they believe will become prominent over the next year. The most critical of these for enterprises include:

  • Modular malicious code This is malicious code -- such as worms, viruses, and Trojans -- that initially possesses limited functionality; however, once installed on a target computer, it downloads other pieces (or modules) of malicious code with different functionalities and further compromises the infected computer.
  • Bot networks Bots (short for "robots") are programs that are covertly installed on a user's computer in order to allow an unauthorized user to control the computer remotely. There is strong correlation between the number of bot computers and the number of denial-of-service attacks. Over the next year it is expected that there will be a more coordinated community of bot network computers carrying out more sophisticated, targeted attacks.
  • Phishing targets Phishing has evolved from simple attempts to obtain small items of information like gaming passwords to all-out identity theft. Because there are far more small targets (such as regional banks) than large ones (like credit card companies) and because smaller targets generally present fewer challenges for attackers, the number of phishing targets will most likely continue to grow.
  • Adware/spyware As cellular telephones, PDAs, and hybrid devices become more prevalent, it is reasonable to assume that security threats, such as spyware and adware, will increasingly target these devices.
  • Wireless security The growing number of people using wireless connectivity has brought a corresponding increase in the security risks of insecure wireless access points.
  • VoIP threats According to a recent Evalueserve study, by the end of this year, it is expected that two-thirds of the Global 2000 companies will have adopted VoIP (Voice over Internet Protocol) as their primary means of voice communication. However, the introduction of VoIP on enterprise networks in the absence of appropriate security measures could introduce another entry point for attackers to exploit. (In October, Skype Technologies warned that flaws in its Internet telephony software could allow attackers to take control of a user's system.)

The shift to non-PCs

One of the biggest developments over the next year will be attacks and attempts on alternative devices and platforms. As networked and user devices gain more intelligence and more computing power, they may become targets.
 
Experts are seeing a shift in emphasis over to non-PCs: routers, switched, backup devices, etc. Although there haven't been any widespread attacks, cell phones and mobile devices will also become ripe for hacking as software becomes interoperable and financial data is loaded onto their hard drives and networks. There has been a heavy amount of scrutiny on end-point applications associated with VoIP.
 
Earlier this month, The Washington Post reported that popular BlackBerry handheld devices are vulnerable to a security hole that could let attackers break in to the gadgets by convincing users to open a specially crafted image file attached to an email. An alert posted by US-CERT confirmed that remote code execution is possible.

IM emerges as a target

When it comes to new technologies, few have been adapted as quickly by enterprises as IM (instant messaging). From shipping companies to hedge funds, businesses in almost every market segment are adopting IM at a record pace to improve their information sharing abilities and to decrease the time needed to make business decisions. But the rapid adoption of IM networks by corporate users makes instant messaging a viable vehicle for malicious threats. Real-time communication solutions like IM create a new attack vector for threats to enter an enterprise network.
 
Last year witnessed a dramatic increase in the number of such threats, according to IMLogic Inc., a leading developer of enterprise software for IM. With over 2,400 threats discovered in 2005, the year over year increase was nearly 1,700%. November 2005 was the most dangerous month to date, with a record number of unique threats (307) discovered.
 
IM worms are the driving force behind this spike. These threats are particularly fast to propagate and mutate, making them an attractive option for malware authors. IM worms are also the most dominant threat type hitting the public IM networks, and all of the popular networks have been attacked.
 
As a result, enterprises will increasingly require a holistic management tool to control all real-time collaboration and keep it available, compliant, and secure.

Conclusion

For the new generation of financially motivated hackers, 2006 will present numerous opportunities to develop increasingly more sophisticated attack methods. Wherever the money is, that's where the attackers will be. For today's enterprises, that makes 2006 a year in which they must take aggressive steps to minimize the risk of business disruption due to information security threats.

Tom Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.

CIO Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Spam and Viruses
Preparedness
Strategies
Related Content

Features

View More


Metrics

View More

Fast Fact

"The popular BlackBerry handheld devices are vulnerable to a security hole that could let attackers break in to the gadgets by convincing users to open a specially crafted image file attached to an email."

-- The Washington Post

Sponsor Tools

Resources

White Papers

View More


Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Preparing for a Disaster
Playtime: 8 min 07 sec



Download | Subscribe

Copyright © 2009 Studio One Networks. All rights reserved.

© MMIX, CBS Broadcasting Inc. All Rights Reserved.