[info] [tt] Symantec warns that "bot evolution" is major cybersecurity threat

Eugen Leitl <eugen at leitl.org> on Sat Dec 15 19:12:08 UTC 2007 
----- Forwarded message from "Hughes, James J." <James.Hughes at trincoll.edu> -----

From: "Hughes, James J." <James.Hughes at trincoll.edu>
Date: Sat, 15 Dec 2007 14:05:11 -0500
To: tt at postbiota.org
Subject: [tt] Symantec warns that "bot evolution" is major cybersecurity
	threat

http://www.networkworld.com/news/2007/111307-top-security-menace-2008.ht
ml

Top 5 security-menace predictions for 2008
Symantec's picks include advanced botnets, cybercrime in 'virtual
worlds' and cyberattacks on election campaigns

By Ellen Messmer, Network World, 11/13/07
Sponsored by:

If this year will be remembered for high-profile data breaches, with the
TJX break-in topping a long list, then what troubles are in store for
2008?

Predictions include more powerful hacker botnets that elude shutdown and
growth in numbers of compromised Web sites that attack trusting,
unsuspecting visitors. Those are some of the picks from Symantec's
director of emerging technologies, Oliver Friedrichs. A rundown of his
top five:

Bot evolution

"Today's bots are fairly centralized with a command-and-control center,"
he says. "In the future, they're going to be more peer-to-peer, and it
will make bots more difficult to take down." Friedrichs says the Storm
worm is the best example so far of a decentralized botnet. "It surfaced
in January, and it's still going strong."

Web threats:

In particular, trusted Web sites that are compromised, with attackers
loading them up with malicious code to attack unsuspecting visitors. The
year started with the hack of the Web sites of Dolphin Stadium and the
Miami Dolphins right before the Super Bowl game, causing them to
dispense attack code to visitors. Social-networking sites appear to be
ripe for this approach. The recent hack of Alicia Keys' Web site on
MySpace is likely a harbinger of more to come.

Mobile threats:

Particularly for new mobile platforms, such as the Google GPhone and
Apple iPhone, where kits are available to software developers and
applications in the future, could have holes to exploit. "Banks and
online auctions are moving to mobile phones," says Friedrichs.
Cybercriminals can only be expected to follow.

Virtual worlds

If attacks in the "real world" aren't enough, get ready for attacks in
"virtual worlds" where online players vie to win virtual battles and
virtual stuff. Some of the big ones are Second Life, Lineage and World
of Warcraft. "Attackers and criminals are looking at these platforms,"
Friedrichs points out. "There are already trojans that target Lineage
players. They take over an account and steal anything they have, like
their sword, their gold, and take these items and sell them somewhere."
Virtual worlds have real crime.

Upcoming presidential election

The presidential candidates - all 19 of them right now - accept online
donations and campaign online. During the presidential race in 2004, "we
saw phishing against the Edwards campaign," Friedrichs points out. "And
there was a denial-of-service attack against the Lieberman site." More
possibilities this time around in the presidential race include a
criminal or extremist supporter registering a "typo-domain" that mimics
the Web site of a political opponent, and when contributions come in,
they're either pocketed or contributed to someone else's campaign. 
_______________________________________________
tt mailing list
tt at postbiota.org
http://postbiota.org/mailman/listinfo/tt

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
More information about the info mailing list