Saturday, April 12, 2008

Here's how sophisticated the attacks are getting 

Business Week article alleging that attacks on government and contractors are from foreign spies.

A vice president at a defense contractor got email carefully customized to him to trick him into opening it. It seemed to come from one of his regular correpondents. It discussed a subject he was likely to be interested in. It used the jargon and acronyms that are standard in his industry. But it also contained a toxic payload, one which recorded all his keystrokes.

Business Week doesn't say whether the payload was an attachment or some kind of security exploit that depends on a bug in your system.

It's getting hard to protect yourself. Antivirus is getting less reliable over time, and if someone writes custom malware for espionage purposes then antivirus software may not recognize it. Being suspicious of attachments is still good, but that email looked exactly like expected correspondence. Patching is still a good idea and there's research that shows it's effective at least against malicious web sites.


This page is powered by Blogger. Isn't yours?