Slashdot Mirror

← Back to Stories (view on slashdot.org)

Targeted Attacks Focus On Economic Cyberterrorism

Posted by samzenpus on from the serious-gold-farmers dept.

Orome1 writes "When it comes to dangerous Web threats, the only constant is change and gone are the days of predictable attack vectors. Instead, modern blended threats such as Aurora, Stuxnet, and Zeus infiltrate organizations through a variety of coordinated tactics, usually a combination of two or more. Phishing, compromised websites, and social networking are carefully coordinated to steal confidential data, because in the world of cybercrime, content equals cash. And, as a new Websense report illustrates, the latest tactics have now moved to a political and nationalistic stage. Cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers."

18 of 73 comments (clear)

  1. "Legacy"? by girlintraining · · Score: 4, Insightful

    Cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers."

    Calling something legacy implies that there's something better to replace those technologies with. Those technologies have not been replaced by some revolutionary new technology that does all that and holds your d--- while you piss too. And they were never intended to be a pancea -- they are intended to augment information security, not act as a substitute for it.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:"Legacy"? by girlintraining · · Score: 4, Funny

      but you missed the point!
      IT'S SCARY!
      AND WE SHOULD GIVE SOMEONE MONEY TO FIX THE PROBLEM!

      I'm surprised you can get internet out at your ranch, George.

      --
      #fuckbeta #iamslashdot #dicemustdie
    2. Re:"Legacy"? by Defenestrar · · Score: 4, Insightful

      If it's about giving someone the money to fix the problem, then all you have to do is follow the slurs to find the money.

      ...security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers.

      So the terror monger here is likely to be someone who makes money through (producing or advertising) two factor authenticator, an alternate active-DNS, or an ISP selling the "we filter the internet for you" service.

      And checking net-security.org's "about us:"

      Help Net Security is recognized as a media sponsor of leading information security conferences around the globe including: RSA Conference US, RSA Conference Europe, Infosecurity Europe, CSI, InfoSec World Conference & Expo, SC World Congress and more.

      I think we have a winner. Why does the cynical approach have to be right so often?

    3. Re:"Legacy"? by poetmatt · · Score: 2, Funny

      remember, they added the word cyber, so we need new legislation!

      as opposed to, you know, economic terrorism.

    4. Re:"Legacy"? by jd · · Score: 2, Funny

      Actually, legislation might not be a bad idea. I propose that it be illegal to store passwords in plaintext (or equiv), allow passwords that John the Ripper can break, not QA code correctly, not encrypt traffic, provide identity verification that is bogus, or provide APIs that allow the protection in place to be bypassed. First-time offenders should be forced to read my posts - not because they're necessarily useful on issues of security, but because they're usually long and occasionally tedious. Repeat offenders should pay for the carpal tunnel syndrome surgery I'll eventually need because of all the writing of long and occasionally tedious posts.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    5. Re:"Legacy"? by poetmatt · · Score: 2, Insightful

      what you're talking about is more about setting standards, not legislation. There are already best practices in place for stuff like this, it's more that people don't follow them.

    6. Re:"Legacy"? by mrheckman · · Score: 2, Insightful

      Firewalls, anti-virus, and URL blockers are not legacy systems at all. They are the state of the art in security precisely because they have to protect legacy operating systems and applications, or new systems built to be backward compatible with legacy systems, which are the real "legacy" problem.

      People use all sorts of old software because they have such a huge investment in systems and applications that are built on them. But that old software keeps needing to be patched. For example, there's Windows, of course, 'nuf said, and applications like Adobe Reader. Adobe has to come out with a new patch every week to fix another critical flaw, but they can't simply drop it and start from scratch to fix fundamental flaws - it's not economically feasible. And large numbers of businesses still use IE6, for crying out loud, because of all the infrastructure they've built around it. You can put all the security system armor you want around that soft, chewy center, but there will always be gaps.

      As critics like Bruce Schneier have been pointing out for a long time, on the other hand, we've known how to prevent whole classes of attacks for many years, but no one seriously expects these fixes to be implemented because of the economics.

      That said, there's no protection when administrators and users do stupid things with passwords and the like. Phishing will always work, no matter how hardened we make our systems. At best, we can put bounds on the damage.

  2. Time for IBM to work on the ZTIC successor? by mlts · · Score: 4, Informative

    Maybe its time to work on better out of band authentication and confirmation devices.

    Take the IBM ZTIC that plugs into a USB port, and communicates encrypted from the device itself to the bank, just using the computer as a passthrough. This is what needs to be worked on, and maybe banks should start handing these out to customers. This way, even if an end user's computer is infected, their bank account couldn't be logged into without the device, and even if someone was to gain access upon logging on, all bank transfers would have to be confirmed on the ZTIC, so a quick transfer of funds would be caught and denied.

    Applying this to MMOs, maybe the ZTIC device to confirm character transfers or deletion, as well as be needed to confirm logging on.

    The advantage of using the ZTIC device over a cellphone for this is that the ZTIC device is simple -- it isn't a full fledged computer like a cell phone, and only does one task. Of course, exploits might be found, but the attack surface for this device is a lot smaller than a general purpose machine.

    1. Re:Time for IBM to work on the ZTIC successor? by httptech · · Score: 2, Interesting

      Have a look at Cronto - it's an out-of-band authentication system, similar to ZTIC but doesn't use an electrical connection to the computer that could be impacted by a malware infection on the PC. Instead it transfers encrypted/signed transaction details via visual code to the Cronto device (or Cronto app running on a camera-enabled smartphone). There are a few other similar systems from other vendors, but Cronto is the only one I've seen with a mobile app so far.

  3. Re:Nations are stupid by ScentCone · · Score: 2, Interesting

    Why do we still have nation-states? What good do they serve?
    They help to make sure that even though millions of people want to live under Sharia law, I don't have to. Yet.

    --
    Don't disappoint your bird dog. Go to the range.
  4. Re:Nations are stupid by KarrdeSW · · Score: 2, Informative

    Why do we still have nation-states? What good do they serve?

    Nations are an emergent phenomena. It all starts with small tribes of people that are small enough that the leaders know everybody, and then grows as the technology and institutions grow to be able to keep more people under its umbrella. Once the group of nations grow large enough, they then have the choice of either attempting to dominate one another until no others remain or cooperating. The eventual result of either of these paths would probably be one singular world government, assuming that either ultimate victory or complete peaceful cooperation are even possible. If they're not, then we're all just wasting a hell of a lot of time trying.

    But really, in answer to your question: You have to start with Nations, and long before they become obsolete they become an entrenched middle-man. Doing away with them is a lot like trying to eliminate any middle-man who wants to keep their job.

  5. Cyberterrorism? by flaming+error · · Score: 3, Funny

    Were cyberbombs detonated on a cybertrain?

  6. Money for nothing and chicks for free by Sheik+Yerbouti · · Score: 3, Insightful

    Hey I bet Websense will sell you the solution to the problems cited in the report who wants to take a bet.

  7. Cybercrime != Cyberterrorism by SirGarlon · · Score: 4, Insightful

    I think any sensible definition of "terrorism" has to involve violence -- people in meatspace getting killed or at least hurt. I read TFA and the only connection it had to terrorism was in the headline. Skimming credit card numbers is not terrorism (though it could be used to finance terrorist activities). Spreading malware through Facebook is not terrorism (though a botnet could be used in conjunction with a terrorist attack, maybe).

    I am not aware of terrorists ever having made a "cyber terror attack." Most extremist groups are looking for a bigger shock value than they can get by knocking out Google's Web server or even bringing down the electric grid in half the United States (either of which could be accomplished by a misplaced backhoe or a freak thunderstorm). Actually they would much rather blow up a school bus or something. A lone gunman can create more of a scare and get more PR for the cause than could a group of crack cyber-terrorists who managed to reproduce the U.S. blackout of 2005.

    To label any and all malicious activity is disingenuous. It grabs some attention and helps you sell something in the short run, but in the long run, crying wolf is a disservice to the public and it doesn't pay off.

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
    1. Re:Cybercrime != Cyberterrorism by Nidi62 · · Score: 2, Interesting

      I would focus more on the political aspect of terrorism rather than the violence aspect. The DDOSing of the Georgian national bank by Russian hackers during the crisis over North Ossetia certainly didn't kill anyone, but it left a large portion of that state's population without access to cash for a few days. Attacks such as these have the potential to cause severe economic and psychological damage to a targeted society. Reducing confidence in something that a society takes for granted has great political/terroristic potential. Remove the ability for hundreds of thousands (millions?) of stay at home soccer moms to play Farmville, and you will have an affect. Terrorism should be defined more by the motive rather than the method.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  8. Re:Nations are stupid by ScentCone · · Score: 3, Interesting

    Nations help oppress people, not keep them free

    No. Nations that don't have a constitutional framework founded in liberty (freedom of speech, assembly, etc) might fit that description, but not all nations. Nations are either subject to the rule of law (as backed up by their founding documents) or they are just mob rule (or a fuedal society). A nation that doesn't prevent thugs from telling you what to do isn't keeping people free. A nation that is constititionally chartered around the idea of keeping thugs (individual or governmental) in check is, in fact, a preserver of liberty.

    That doesn't mean that it always goes well, but that's the general idea. You seem to be suggesting that ALL nations are oppressive because some nations are oppressive to thugs. Denying liberty to those who seek to deny liberty to others is not oppression. It's the opposite.

    --
    Don't disappoint your bird dog. Go to the range.
  9. it's the end of the interweb as we know it by davidwr · · Score: 2, Interesting

    Countries and organizations are going to have to realize that connecting their in-house network to "the internet" securely is HARD and sometimes the best thing to do is to have an "ip gap" or better yet an "air gap" between their in-house data and the outside world. Oh, and turn off of those USB ports or at least treat them as untrustworthy. This isn't easy either, so there is a trade-off.

    Many governments already do this for their sensitive networks.

    This won't stop inside jobs and it won't stop the most determined invader but it will make it much more expensive to succeed.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  10. Attacks build immunity. by couchslug · · Score: 2, Insightful

    I'd like to see a much more hostile internet to coerce better security practices. People in general won't care about such things unless and until it is forced upon them by events.

    If they won't change unless someone "breaks their shit", then that needs to happen.

    --
    "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."