Hackers social engineering attacks new technologies:opportunities and-attack-vulnerability warning-the black bar safety net

2008-04-25T00:00:00
ID MYHACK58:62200818888
Type myhack58
Reporter 佚名
Modified 2008-04-25T00:00:00

Description

Opportunities type of attack refers to a specific time, place, event, environmental conditions, take special tools for the invasion and destruction of the means, it belongs to social engineering attacks, and in 2 0 0 8 years will frequently appear.

Trendy attacks

As social engineering attacks, opportunity attack entry points often have unexpected characteristics. In fact, in the past to launch such attacks hackers often for International Affairs, domestic hot issues, as well as some of the People's livelihood topic is quite interested.

The current point of view, caused this year the opportunity to attack the two hot issues include: the Beijing Olympics and the U.S. presidential election. The former is an international high profile event, the latter is the world's comprehensive national strength of the most powerful home significant change.

At present, many security experts say there is evidence into the 1 month since, a large number of Chinese and American Internet sites is the zombie control program, the concern is that this is for future opportunities to attack reserve“ammunition” to.

Hot

Prior to Websense security research Vice President Dan Hubbard said:“the 2 0 0 8 The Year of the Beijing Olympics is a world event News, reported on its web site and the network is virus infected visitors of the potential place.” In fact, the company had in the last 2 months found to be infected with the Super Bowl game site. Hubbard believes that the 2 0 0 8 year Olympics will likely be the hacker organization as a fraud of bait, not only on an international scale, and the amount is huge.

In addition, 2 0 0 8 in the United States in the presidential election will be the attacker and the crooks to provide another catches the eye of opportunity. Symantec Corporation, technology Director Oliver Friedrichs said:“in 2 0 0 4 years during the presidential elections, we saw for the Edwards campaign of phishing attacks. At the time also happened for the Lieberman web site denial of service attack.”

Friedrich believes that this presidential election may appear in the attack include a criminal or extremist supporter registering a parody of a political opponent of the site“typo”domain names(easily misspelled domain names), when someone contributions, criminals or extremist supporters either to put into their own pockets, or donated to someone else's election campaign.

Technical implementation

Many observers predicted the botnet will use a decentralized command and control structure to increase close to their difficulty, and will be in the Storm attack.

McAfee researcher Craig Schmugar said:“Storm attack establishes a trend. We see a lot of Spam is by is Storm infection propagation mechanism, and this will be the opportunity to attack the route of transmission.” Schmugar believes that the coming months will appear a wave of“parasitic”malicious member wave, such a malicious member to find a particular file and is embedded in the file.

Schmugar said:“we see 2 0 0 7 years like Philis such a parasitic virus increased 4 0 0%;Virut and a rootkit characteristics of Almanahe very active.” He pointed out that, in order to ensure that the opportunity attack is successful, hackers will find ways to promote all types of parasitic viruses, as long as they cover the good code, The user will never again recover.

New changes

Advisory bodies SystemExperts Corporation President Jon Gossels said:“the online threat sources have been from the Teens hack into to Organized Crime, hostile governments, industrial espionage.”

However, Gossels that, for the enterprise the head of security to say, every day the struggle may be concentrated in achieving compliance. He noted that next year the international will at least launch one for the application security of the new payment card industry standards. In the healthcare field, in part due to the United States Department of health and welfare first started in law enforcement activities and, according to the complaints, levy fines, will set off a wave of security a new climax.

Gossels said:“these changes in driving people to prevent data breach and the hacking of greater concern, which is the Defense the opportunity to attack there are also benefits, in fact, 2 0 0 8 years people will have to more attention to these issues.”

Note: this article from network World Network