Saturday, October 14, 2006
The next wave: attacks on specific targets
Antivirus software works, to the extent it does work, because viruses spread all over and the antivirus companies can change their software to recognize the new ones.
That wouldn't work if someone wrote a malicicous piece of software just for you. If you were the only victim, the antivirus company would never know.
In real life, just that is starting to happen. It's still small. Security firm Messagelabs says that out of the last three million malicious pieces of email they caught, only seven were one-offs aimed at particular organizations. But the number will grow.
Targeted attacks can be especially dangerous because the attacker can make them look more plausible than the average spam. Someone after your secrets in particular could forge email to look like it came from one of your business partners. Such an attacker could choose a subject likely to appeal to you in particular. In the HP boardroom spying scandal, reporters were hit with fake email from the private investigators pretending to be from someone with confidential information to share. The email was of course boobytrapped.
The attacker will be trying to get you to install software that will steal ifnormation from your computer. The most dangerous sort records every keystroke you type, including all your passwords. This may or may not involve tricking you. Sometimes the attacker will use a security hole to install nasty software. That's what happened in a clever targeted attack against a major financial institution. It tricked people into visiting a web site that installed a keystroke recorder.
Defend yourself by
|
That wouldn't work if someone wrote a malicicous piece of software just for you. If you were the only victim, the antivirus company would never know.
In real life, just that is starting to happen. It's still small. Security firm Messagelabs says that out of the last three million malicious pieces of email they caught, only seven were one-offs aimed at particular organizations. But the number will grow.
Targeted attacks can be especially dangerous because the attacker can make them look more plausible than the average spam. Someone after your secrets in particular could forge email to look like it came from one of your business partners. Such an attacker could choose a subject likely to appeal to you in particular. In the HP boardroom spying scandal, reporters were hit with fake email from the private investigators pretending to be from someone with confidential information to share. The email was of course boobytrapped.
The attacker will be trying to get you to install software that will steal ifnormation from your computer. The most dangerous sort records every keystroke you type, including all your passwords. This may or may not involve tricking you. Sometimes the attacker will use a security hole to install nasty software. That's what happened in a clever targeted attack against a major financial institution. It tricked people into visiting a web site that installed a keystroke recorder.
Defend yourself by
- Keeping sensitive information off Internet-connected machines
- Installing security updates: many of these attacks depend on known security problems
- Do NOT use Microsoft Internet Explorer
- Never install software unless you know for sure what it does and where it came from
- Rummage through your mail program's settings to find where it alows something called "HTML email" and disable it. You'll get email without pretty pictures, without multiple fonts, and without security threats
# posted by Frederick @ 11:50 PM Email to a friend:
Haloscan: they provide trackback