Excerpts from a
post on security and networks (the
whole site is interesting):
Bottom line, there are fundamental protocols of the Internet that were not designed to be secure. And there is only so much anyone can do to protect themselves....
Escalating security threats:
Merike led off the presentations. She grouped threats into four categories — Protocol Errors, Software Bugs, Active Attacks and Configuration mistakes. Here's how she charted the evolution of online threats:
In the Past – Deliberate malware was rare, bugs were just bugs, mitigation was trial by fire and the regulatory structure did not exist.
Today – Highly organized criminals are designing specific malware, bugs are now avenues for attack, mitigation is understood but deployment issues remain, and regulations struggle to assess the reach and impact of cybercrime, though global coordination is much better
She also shared some interesting insights into the cyber attacks in Estonia in May of 2007. Merike is Estonian and was in the country at that time. She shared how cyber literate the population is in that country, and how they fended off the attacks far better than media reports indicated.
Rodney titled his presentation "Black Swans and Other Phish," a reference to the Nassim Taleb theory, not the new Natalie Portman movie. His overall message was the miscreant of the distant hacking past became the spammer of yesterday. The spammer became the hardcore online criminal of today, hired by organized crime and nation states alike.
Some other interesting points:
• DDoS attacks first arose to attack anti-spam efforts
• Malware specifically designed to steal personal information and credentials appeared around 2005
• In 2007 nation states got into the dark game
In an effective demonstration, Rodney brought up a false FBI web site by typing in an IP address corresponding to www.fbi.gov. The cache had been poisoned, and that morning a fake web site was announcing to the world it was the real site of the FBI. Many in the room were clearly surprised by how easy it is to poison the cache of such a high profile government site.
As a nerd and computer repairman, I can anecdotally vouch for this shift as I look back from my early interactions with these things to now. Nearly every day I am approached by someone who has acquired malware on their PC that prevents them from making any outgoing connections except to a server setup by the perpetrators to collect the user's credit card information. Typically, it is attached to a message that the machine is infected and the software is protecting the user from the Internet to prevent things from getting worse. It can be very confusing to the average denizen of the web. This was never the case when I was younger.
ReplyDeleteI'm interested in the impact that the ubiquitousness of Facebook use has had on spreading these types of applications. If a person received an email from a friend with a virus attached to it in the past, it might be easier to detect if the content of the email didn't match up to your relationship. On Facebook, people share all sorts of completely random things with each other all of the time and it is rarely targeted at only one person like an email generally is.
Outside websites and applications are using Facebook Connect as a login and its appearance outside of Facebook's own pages makes it harder for users to distinguish between a legitimate login and a phishing attempt that will send out links to all of your friends to their malware download.
Facebook has become a perfect avenue for malware distribution.