Cyber Attack Toolkits Dominate Internet Threat Landscape -UNPAN - United Nations Public Administration Network

Home > United Nations Online Network in Public Administration and Finance (UNPAN)

1. Global: Global
2. Africa: Africa
3. Arab States: Arab States
4. Asia & Pacific: Asia & Pacific
5. Europe: Europe
6. Latin America & Caribbean: Latin America & Caribbean
7. North America: North America

UNPAN Asia & Pacific

Register | Login


Home About UNPAN UNPAN Coordinator (DPADM) UNPAN Partners UNPAN Newsletter UNPAN User's Survey UNPAN CMS UNPAN Portal Guide FAQs DPADM Intranet My UNPAN RSS feeds Contact Us Regions Global Africa Arab States Asia & Pacific Europe Latin America & Caribbean North America Standards/Codes International Code of Conduct Regional Public Service Charter National Codes of Conducts Standard of Excellence in PA Education&Training; Ethics, Transparency and Accountability E-Learning Online Training Centre Featured Learning Materials Learning Materials News Public Administration News Governance World Watch Governance Asia-Pacific Watch RCOCI Informatization Bulletin Library Search Documents Advanced Search Major Publications UN E-Government Surveys World Public Sector Report Digital Governance in Municipalities Worldwide DPADM E-Library Resolutions UN E-Government Development Database Knowledge Base of E-Government Practices Knowledge Base of ICT for Public Service Knowledge Base of UN Public Service Awards Thematic Project Websites Technical Project Highlights UNPAN Photos UNPAN Videos Events The Committee of Experts on Public Administration DPADM Monthly Bulletin UN Public Service Day UN Public Service Awards Browse Events by Calendar Browse Events by UNPAN Partner Global Forum Directories Practitioners/Experts Glossary Employment Opportunities Blog Contact Us

Public Administration News

Cyber Attack Toolkits Dominate Internet Threat Landscape

Source:	egovonline.net
Source Date:	Wednesday, January 19, 2011
Focus:	Electronic and Mobile Government, Citizen Engagement, Internet Governance
Created:	Jan 25, 2011

Symantec Corp has announced the findings of its report on Attack Toolkits and Malicious Websites. The study reveals that as attack kits become more accessible and relatively easier to use, they are being utilized much more widely. This has attracted traditional criminals who would otherwise lack the technical expertise into cybercrime, fueling a self-sustaining, profitable, and increasingly organized global economy. Attack toolkits are software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers. These kits enable the attacker to easily launch numerous pre-written threats against computer systems. They also provide the ability to customize threats in order to evade detection, as well as automating the attack process. The relative simplicity and effectiveness of attack kits has contributed to their increased use in cybercrime— these kits are now being used in the majority of malicious Internet attacks. For example, one major kit called Zeus poses a serious threat to small businesses. The main objective of Zeus is to steal bank account credentials; unfortunately, small businesses have fewer safeguards in place to guard their financial transactions, making them a prime target for Zeus. The profitability of malicious code attacks using Zeus was recently illustrated by the September 2010 arrests of a ring of cybercriminals who allegedly used a Zeus botnet in the theft of more than $70 million from online banking and trading accounts over an 18-month period. As cyberattacks have become more profitable, the popularity of attack kits has dramatically increased. This in turn has led to increasingly robust and sophisticated kits. These kits are now often sold on a subscription-based model with regular updates, components that extend capabilities, and support services. Cybercriminals routinely advertise installation services, rent limited access to kit consoles, and use commercial anti-piracy tools to prevent attackers from using the tools without paying. Because attack kits are becoming easier to use, cybercrime is no longer limited to those with advanced programming skills. Participants now include a mix of individuals with computer skills and those with expertise in traditional criminal activities such as money laundering. Symantec expects that this much larger pool of criminals entering the space will lead to an increase in the number of attacks. “In the past, hackers had to create their own threats from scratch. This complex process limited the number of attackers to a small pool of highly skilled cybercriminals,�? said Shantanu Ghosh, Vice President, India Product Operations, Symantec. “Today’s attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized.�? On mitigating attacks, the report says that the organizations and end users should ensure that all software is up-to-date with vendor patches. Asset and patch management solutions may help to ensure systems are compliant and deploy patches to systems that are not up-to-date. Organizations should create policies to limit the use of browser software and browser plug-ins that are not required by the users of the organization. This is especially prudent for ActiveX controls, which may be installed without the knowledge of the user. Comments (0)

Rate:

0 ratings

Views:

263

Comments:

0

Favorited:

0

Bookmarked:

0

Tagged:

0

0 Comments | Login to add comment

| | |

Copyright 2008-2010 by UNPAN - United Nations Public Administration Network