Tag Archives: Panda Security

Top 10 Cyber Threats of 2011 – Updated

PandaLabs, the antimalware laboratory of Panda Security, the cloud security company, has forecasted several radical innovations in cyber-crime for 2011. Hacktivism and cyber-war; more profit-oriented malware; social media; social engineering and malicious codes with the ability to adapt to avoid detection will be the main threats.

“There will also be an increase in the threats to Mac users, new efforts to attack 64-bit systems and zero-day exploits.”

PandaLabs

Here is a summary of what PandaLabs now predicts as the ten major security trends of 2011:

1. Malware creation:
In 2010, PandaLabs witnessed significant growth in the amount of malware and discovered at least 20 million new strains, more than in 2009. At present, Panda’s Collective Intelligence database stores a total of more than 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked. Several years ago it was over 100 percent and in 2010 it was 50 percent.

2. Cyber war:
Stuxnet and the WikiLeaks cables suggesting the involvement of the Chinese government in the cyber-attacks on Google and other targets have marked a turning point in the history of these conflicts. Stuxnet was an attempt to interfere with processes in nuclear plants, specifically, with uranium centrifuge. Attacks such as these, albeit more or less sophisticated, are still ongoing, and will undoubtedly increase in 2011, even though many of them will go unnoticed by the general public.

3. Cyber-protests:
Cyber-protests , or hacktivism, are all the rage and will continue to grow in frequency. This new movement was initiated by the Anonymous group and Operation Payback, targeting organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of WikiLeaks. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns. Despite hasty attempts in many countries to pass legislation to counter this type of activity effectively by criminalizing it, PandaLabs believes that in 2011 there will be more cyber-protests, organized by this group or others that will begin to emerge.

4. Social engineering:
Cyber-criminals have found social media sites to be their perfect working environment, as users are even more trusting with these than with other types of tools, such as email. Throughout 2010, PandaLabs witnessed various attacks that used the two most popular social networks – Facebook and Twitter – as launching pads. In 2011, not only will hackers continue to use these networks, but it is predicted that they will also be used more for distributed attacks.

BlackHat SEO attacks (indexing and positioning of fake websites in search engines) will also be widely employed throughout 2011, as always, taking advantage of hot topics to reach as many users as possible. In addition, a significant amount of malware will be disguised as plug-ins, media players and other similar applications.

5.Windows 7 influencing malware development:

It will take at least two years before there is a proliferation of threats designed specifically for Windows 7. In 2010, PandaLabs began seeing a shift in this direction, and predicts that in 2011, new cases of malware targeting users of this new operating system will continue to emerge.

6.Mobile phones:

In 2011 there will be new attacks on mobile phones, but it will not be on a massive scale. Most of the existing threats target devices with Symbian, an operating system which is now on the wane. Of the emerging systems, PandaLabs predicts that the threats for Android will increase considerably throughout the year, becoming the number one mobile target for cyber-crooks.
7. Tablets:

The dominance of the iPad will start to be challenged by new competitors entering the market. Therefore PandaLabs does not believe that tablet PCs will become a major consideration for the cyber-criminals in 2011.

8. Mac:

Malware for Mac exists, and will continue to exist. And as the market share of Mac users continues to grow, the number of threats will grow. The greatest concern is the number of security holes in the Apple operating system. Developers will need to patch these holes as soon as possible, as hackers are well aware of the possibilities that these vulnerabilities offer for propagating malware.

9. HTML5:

HTML5 is the perfect target for many types of criminals and could eventually replace Flash. It can be run by browsers without any plug-ins, making it even more attractive to find a security hole that can be exploited to attack users regardless of which browser they use. PandaLabs expects to see the first attacks on HTML5 in the coming months.

10. Highly dynamic and encrypted threats:
PandaLabs expects dynamic and encrypted threats to increase in 2011. PandaLabs is receiving more and more encrypted, stealth threats designed to connect to a server and update themselves before security companies can detect them. There are also more threats that target specific users, particularly companies, as information stolen from businesses will fetch a higher price on the black market.

Related by the Econotwist’s:

5 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology

Anonymous Amateurs & Script Kiddies

The underground cyber movement has drawn a lot of attention to themselves in the aftermath of WikiLeaks’ disclosure of the secret US embassy cables. In their vendetta against financial institutions who has suspended the accounts of WikiLeaks associates, they’ve managed to take down the websites of major companies like Visa, MasterCard and PayPal. Not bad for a bunch of uneducated teenager! But really; how dangerous are these people?

“A lot of these kids probably are getting into the thrill of it without having the expertise and knowledge that they’re actually committing a crime.”

Paul Sop


A cyber war? Online vandalism? A virtual sit-in? A Computerized protest? It’s not easy to find a category for the many distributed denial of service (DDoS) attacks carried out by the group Anonymous recently. But after hearing and reading what the IT experts have to say about it, I think the term vandalism is the most accurate.

That said; I also believe that parts of the group have the potential to become very real – and very dangerous – cyber soldiers at some point in time.

But right now is a loosely organized group of protesters, just as the hippies in the 60’s, or the punk rockers of the 80’s.

Little Impact

According to Panda Security, Anonymous managed to hold down PayPal’s blog and MasterCard’s main site for more than one day.

Visa and a Swiss bank had theirs sites down for several hours, but others were out for just a few minutes.

Paul Sop, CIO at the cyber security company, Protexic, says that taking down a “brochure site” has little impact on a company’s bottom line, but adds that it could have collateral damage by affecting another system.

That’s what many assumes happened to MasterCard, as their SecureCode authentication also got hit the day of the attack, according to the magazine PC Pro.

PayPal’s transaction system also went down at the same time the company’s blog was being attacked.

This damage can amount to millions of pounds, according to Paul Sop.

Not At All Sophisticated

Despite the “successful” attracts, are the methods used pretty simple, and not at all sophisticated. It is traditional bot-net command and architecture.

They are carried out by using a widespread- and very available – software called Low Orbit Ion Cannon (LOIC).

The LOIC software has been around for quite some time. But it’s has developed to become a very user-friendly piece of software that can be run from any computer.

One version even has a JavaScript based interface, equipped with drop-down menus from which you can choose a target, easier to navigate than a Windows Home Basic application.

Of course, if 10.00 people run it at the same time it can cause trouble, but hardly any severe damage.

And – of course – the security firms have this kind of activity mostly under control.

“You can actually watch when it’s used by others, giving a puppet master kind of control,” Paul Sop tells PC Pro .

This may suggest that the attackers don’t have any special hacking skills,. However, on the other hand, the LOIC programs are still evolving and the latest versions has encryption features that makes the whole thing easier to hide.

Craig Labowitz, chief scientist at Arbor Networks points out that the recent attacks, assumed to be launched by members of Anonymous, is not only DDoS attacks.

There’s a wide range of methods, and the level of complexity might vary for one to another.

A Crowd-Sourced Phenomena

This also reflects the diversity of the cyber protesters. “It’s a crowd-sourced phenomena,” Sop calls it.

“With Anonymous you have thousands of people, anyone can change the attack, the rate of the attack or the protocols they’re using,” he explains.

And this is what keeps the security experts on their toes.

Paul Sop compares it to a game of chess: When the attackers discover that a countermeasure is being launched, they change the attack.

Communication and information are shared in chat rooms.

The chat rooms are also the Anonymous weakest link because the security people easily can log into them and figure out what’s cooking.

And this seems to be a pretty effective method of prevention.

“As we were blocking their attacks, they get discouraged because a lot of these users are very young and they want that endorphin rush,” Sop says. “Annoy them enough, and eventually they lose interest and go on to something else,” he concludes.

This attack and counterattack activity has elevated the worries about a co-called cyber war.

Vandalism

Craig Labowitz characterize the Anonymous attacks as “vandalism”.

But adds: “That isn’t to say that this doesn’t pose a threat, as writers of these tools evolve, as more machines become involved.”

According to the security industry, hackers control between 40 and 60 million computers worldwide.

Several hundred thousand people have downloaded the LOIC software.

The PC Pro Magazine has also spoken with a couple of Anonymous representatives, who emphasize that they don’t speak for the whole group.

They do, however, claim that there is between 500 and 1000 member who are “highly skilled” and who have “very large bot-nets” and “a lot of experience.”

The rest are just protesters, they say.

“They are just people who stand up for what they believe in, and shouldn’t be referred to as hackers,” say one.

And the Anonymous dismiss the speculations about them trying to spark a cyber-war.

“The DDoS attacks were neither an act of so-called cyber war, or sit-in, they were more of a wake-up call to the world about the suppression off the freedom of the press,” says another Anonymous.

The Amateurs

Regardless of motivation, DDoS is illegal in most countries. So far has 3 people been arrested in the Netherlands and in Greece.

And there will likely be more arrests. Just downloading a LOIC program can give up to two years in prison. Only since the WikiLeaks turbulence started, the software has been downloaded more than 100.000 times from the sites of SurgeForce.net.

The ting is: this software do not hide IP addresses. So, it’s an easy task for Sop, Labowitz and other security people to find out who use it.

And you can be sure they’re handing the information over to the authorities.

The Script Kiddies

Anyway – there is one thing the security experts won’t mention:

Have you ever heard about “script kiddies”?

Well, it’s a slang in hacker communities for young aspiring hackers who writes basic scripts for the real ones (the criminals), who then put it together in increasingly sophisticated ways to create more and more dangerous malware.

According to my own sources in the hacker environment, there are many script kiddies amongst the Anonymous.

Mr. Sop says in the interview that the Anonymous kids probably are getting into the thrill without having the expertise and the knowledge that they’re actually committing a crime.

In other words: it seems like organized cyber criminals have started to use children to do their dirty work and carry out the testing of new components, as they at the same time are hiding their own asses.

Now, there’s the really ugly side of the story.

Blogger Templates

Related by the Econotwist’s:

7 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology