By ALEJANDRO MARTINEZ-CABRERA
San Francisco Chronicle
December 29, 2009
While the year didn't see many technological leaps in the techniques hackers employ, they continued to expand their reach to every corner of the Internet by leveraging social media, infiltrating trusted Web sites, and crafting more convincing and tailored scams.
Although there were a handful of firsts -- like the first iPhone worm -- most attacks in 2009 were near-identical to tactics used in prior years, changing only in the victims they targeted and their level of sophistication.
One of the most preoccupying trends was personalized attacks designed to steal small and medium business owners' online banking credentials. The scheme was particularly damaging because banks take less responsibility for the monetary losses of businesses than of individual consumers in identity theft cases.
In October, the FBI estimated small and medium businesses have lost at least $40 million to cyber-crime since 2004.
Alan Paller, director of research at the SANS Institute, said criminals shifted the focus of their tactics from developing attack techniques to improving the social engineering of their scams. The institute is a computer security training and research outfit.
"It's not the tools but the skills. That's a new idea," he said.
One example is rogue antivirus schemes, which often trick computer users with a fake infection. Criminals then obtain their victims' credit card information as they pay for a false product, all the while installing the very malicious software they were seeking to repel.
Even though these scams have been around for several years, they have become more a popular tactic among criminals because they pressure potential victims into making on-the-spot decisions.
"People have been told to look out for viruses and want to do the right thing. There's security awareness now, but the criminals are taking advantage of their limited knowledge," said Mike Dausin, a researcher with network security firm TippingPoint's DVLabs.
Chester Wisniewski, senior adviser for software security firm Sophos, said social networks also continued to be an important target for attackers. Despite Facebook and Twitter's efforts to beef up their security, it has become a common tactic for scammers to hijack Facebook accounts and post malicious links on the walls of the victim's friends or distribute harmful content through tweets.
"We haven't had this before -- a place where all kinds of people go and dump their information, which makes it very valuable for criminals," Wisniewski said. "It's kind of a gold mine for identity thieves to get on people's Facebook account."
Another common ploy was malicious software that piggybacked on common third-party applications like Adobe PDFs and Flash animations.
Although Adobe scrambled this year to improve its software update procedures and roll out patches more frequently, criminals have increasingly exploited the coding flaws in Adobe products in particular because of their ubiquity and the abundance of vulnerable old code, said Roel Schouwenberg, senior virus analyst at Kaspersky Lab, an anti-malware company.
By using ad networks or taking advantage of exploitable Web programming errors to insert malicious content, criminals cemented their presence in legitimate Web sites and made 2009, according to anti-malware firm Dasient, the year of the "drive-by download," in which users only have to visit a compromised Web site to become infected.
Researchers also noted a high volume of attacks disguised as content related to popular news items -- anything from Michael Jackson to the swine flu -- to coax Web users into downloading malicious content. This closing year also saw a handful of notorious politically motivated online attacks, and the issue of national cybersecurity continued to gain prominence.
In July, several U.S. and South Korean government Web sites went offline after being hit by a denial-of-service attack that South Korea has attributed to a North Korean ministry. U.S. defense officials revealed in April that hackers have stolen thousands of files on one of the military's most advanced fighter aircrafts.
"Now it's in the agenda of every government to pay attention to the cyberworld," Schouwenberg said.
Distributed to subscribers for publication by
Scripps Howard News Service, http://www.scrippsnews.com
Publish A Letter in SitNews Read Letters/Opinions