Targeted Attacks Focus On Economic Cyberterrorism

Orome1 writes "When it comes to dangerous Web threats, the only constant is change and gone are the days of predictable attack vectors. Instead, modern blended threats such as Aurora, Stuxnet, and Zeus infiltrate organizations through a variety of coordinated tactics, usually a combination of two or more. Phishing, compromised websites, and social networking are carefully coordinated to steal confidential data, because in the world of cybercrime, content equals cash. And, as a new Websense report illustrates, the latest tactics have now moved to a political and nationalistic stage. Cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers."

"Legacy"?

[girlintraining]

Cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers."

Calling something legacy implies that there's something better to replace those technologies with. Those technologies have not been replaced by some revolutionary new technology that does all that and holds your d--- while you piss too. And they were never intended to be a pancea -- they are intended to augment information security, not act as a substitute for it.

Was This Story Summary Written By

[Anonymous Coward]

this book salesman [npr.org]? Because it has NO content.

Yours In Electrogorsk,
Kilgore Trout.

Re:"Legacy"?

[Defenestrar]

If it's about giving someone the money to fix the problem, then all you have to do is follow the slurs to find the money.

...security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers.

So the terror monger here is likely to be someone who makes money through (producing or advertising) two factor authenticator, an alternate active-DNS, or an ISP selling the "we filter the internet for you" service.

And checking net-security.org's "about us:"

Help Net Security is recognized as a media sponsor of leading information security conferences around the globe including: RSA Conference US, RSA Conference Europe, Infosecurity Europe, CSI, InfoSec World Conference & Expo, SC World Congress and more.

I think we have a winner. Why does the cynical approach have to be right so often?

Money for nothing and chicks for free

[Sheik Yerbouti]

Hey I bet Websense will sell you the solution to the problems cited in the report who wants to take a bet.

Cybercrime != Cyberterrorism

[SirGarlon]

I think any sensible definition of "terrorism" has to involve violence -- people in meatspace getting killed or at least hurt. I read TFA and the only connection it had to terrorism was in the headline. Skimming credit card numbers is not terrorism (though it could be used to finance terrorist activities). Spreading malware through Facebook is not terrorism (though a botnet could be used in conjunction with a terrorist attack, maybe).

I am not aware of terrorists ever having made a "cyber terror attack." Most extremist groups are looking for a bigger shock value than they can get by knocking out Google's Web server or even bringing down the electric grid in half the United States (either of which could be accomplished by a misplaced backhoe or a freak thunderstorm). Actually they would much rather blow up a school bus or something. A lone gunman can create more of a scare and get more PR for the cause than could a group of crack cyber-terrorists who managed to reproduce the U.S. blackout of 2005.

To label any and all malicious activity is disingenuous. It grabs some attention and helps you sell something in the short run, but in the long run, crying wolf is a disservice to the public and it doesn't pay off.

Attacks build immunity.

[couchslug]

I'd like to see a much more hostile internet to coerce better security practices. People in general won't care about such things unless and until it is forced upon them by events.

If they won't change unless someone "breaks their shit", then that needs to happen.

Re:Cybercrime != Cyberterrorism

[Anonymous Coward]

No.

Terrorism is a method. You achieve effects by creating terror among your targets.

Damage is not the same. That's an attack, but it isn't terrorism.

Re:Nations are stupid

[girlintraining]

That doesn't mean that it always goes well, but that's the general idea. You seem to be suggesting that ALL nations are oppressive because some nations are oppressive to thugs. Denying liberty to those who seek to deny liberty to others is not oppression. It's the opposite.

All laws benefit one group by disadvantaging another. What you're calling liberty is just screwing over a minority to benefit a majority, and what you're calling tyranny is benefiting a minority by screwing over a majority. Both are oppressive, the difference is one group knows it and the other group posts on slashdot about how great it is to live in a "free" society.

Re:"Legacy"?

[poetmatt]

what you're talking about is more about setting standards, not legislation. There are already best practices in place for stuff like this, it's more that people don't follow them.

Re:"Legacy"?

[mrheckman]

Firewalls, anti-virus, and URL blockers are not legacy systems at all. They are the state of the art in security precisely because they have to protect legacy operating systems and applications, or new systems built to be backward compatible with legacy systems, which are the real "legacy" problem.

People use all sorts of old software because they have such a huge investment in systems and applications that are built on them. But that old software keeps needing to be patched. For example, there's Windows, of course, 'nuf said, and applications like Adobe Reader. Adobe has to come out with a new patch every week to fix another critical flaw, but they can't simply drop it and start from scratch to fix fundamental flaws - it's not economically feasible. And large numbers of businesses still use IE6, for crying out loud, because of all the infrastructure they've built around it. You can put all the security system armor you want around that soft, chewy center, but there will always be gaps.

As critics like Bruce Schneier have been pointing out for a long time, on the other hand, we've known how to prevent whole classes of attacks for many years, but no one seriously expects these fixes to be implemented because of the economics.

That said, there's no protection when administrators and users do stupid things with passwords and the like. Phishing will always work, no matter how hardened we make our systems. At best, we can put bounds on the damage.