Feb 11 2010

Spam, malware proliferate in late 2009

Category: MalwareDISC @ 2:16 pm

SPAM !
Image by colodio via Flickr

Alejandro Martínez-Cabrera

Online security firm Websense has released a report on the cyberthreat landscape during the second half of 2009, and some of the findings are jaw dropping:

The firm, which scans millions of Web sites and e-mails a day looking for malicious content, found that 95 percent of all user-generated content came laced with some kind of spam or malicious link.

“The notion that the Internet could be the great equalizer turned out to be true after all; unfortunately, it’s mostly making suckers out of all of us,” tech Web site Ars Technica said.

Also surprising: Remember last year when the New York Times said a page on its Web site had been sending malware through its ad network? That was the most high-profile example of how criminals have managed to infiltrate trusted Web sites through a tactic known as drive-by downloading, in which a Web user picks up a virus simply by visiting an infected page. According to Websense, 71 percent of all Web sites generating malware in the second half of 2009 were infected legitimate Web sites.

Echoing what other research has found, the report said the number of infected Web sites went through the roof last year. Websense estimated there was a 225 percent growth in the number of malicious sites in 2009 compared with the year before.

The problem declined slightly in the second half of the year, with the decrease attributed to criminals moving away from attacks on traditional Web sites and attempting to exploit social-networking sites.

Websense also found that 85.8 percent of all e-mails sent in the second half of 2009 were spam.

More surprising is that 81 percent of all e-mail sent during the same period had some kind of malicious link. That means there was a 4-in-5 chance that a link pasted into an e-mail would lead you to download an infected file or take you to an infected Web site. (You usually don’t see all of the junk mail because it’s often filtered by your e-mail provider, browser or antivirus software.)

Finally, Websense found that in the second half of 2009, it took security vendors an average 46 hours – almost two days – to repair damage by malware after it had been identified (compared with 22 hours in the first half of 2009).

“The idea that computer users are not protected for days at a time, or even weeks or a month, may be compared with leaving your laptop in a public space for three weeks and hoping it won’t be used or abused,” the report said.

On Feb 1oth this article appeared on page D1 of the SF Chronicle

Tags: Antivirus software, E-mail, Malware, New York Times, Social network service, Spam, User-generated content, websense


Sep 04 2008

Web 2.0 and more data

Category: Information Security,Web 2.0DISC @ 5:52 pm

According to the Identity Theft Resource Center of San Diego, “the data breaches are on the rise in 2008” and with more data breaches so are the impact and amount of losses. Web 2.0 is next phase of internet creation, where huge social networks are built and citizens of the network enjoy the interactive and conversational approach of the new web frontier. Does the web 2.0 introduce new threats which can be exploited by cyber criminals?

To aid a social communication, users are required to input personal profile including birth date and residence addresses into these social networks to participate, which happens to provide a target rich environment for cyber criminals. These days new attacks are already taking advantage of personal information, some of which is retrieved from social network sites. If the account is hacked/breached from one of these social network sites, the impersonator can damage the (personal and professional) reputation by modifying the profile or changing/inserting the contents or comments.

Cross site scripting is one of the major threat facing Web 2.0, below is an example of XSS.

“In an incident reported in early December 2006 by Websense, hackers compromised the MySpace social networking site and infected hundreds of user profiles with a worm. This malicious code exploited a known vulnerability to replace the legitimate links on the user profiles with links to a phishing site, where victims were asked to submit their username and password. In addition, according to Websense, the worm embedded infected video in victims’ user profiles.”

AJAX is one of the main programming languages used to develop Web 2.0.

“A traditional Web site is like a house with no windows and just a front door. An AJAX Web site is like a house with a ton of windows and a sliding door. You can put the biggest locks on your front and back doors, but I can still get in through a window.”

What if you happen to be a peace activist or a whistle blower in your company? Then perhaps Uncle Sam or your employer wants to settle scores with you for some reason. The question is who is monitoring them or for that matter stopping them from getting into your account to steal or modify data to damage your reputation or career? The point is, besides all the functional benefits, web 2.0 comes with new threats which we need to be aware of. Without knowing these risks we can’t manage or mitigate them to a point which is acceptable to the society at large.

Web 2.0 contents are mostly interactive or dynamic in nature. The tools which were used to defend static contents might not be feasible for dynamic web 2.0 contents. Non-repudiation, validating the source and real time verification of the contents might be necessary to stay on top of the dynamic nature of web 2.0 threats.

Web 2.0 – Opportunity 2.0 or Threat 2.0?

How freely available online infomation on Web 2.0 was utilized to break into online banking account

Web 2.0 … The Machine is Us/ing Us

httpv://www.youtube.com/watch?v=6gmP4nk0EOE


(Free Two-Day Shipping from Amazon Prime). Great books

Tags: ajax, cross site scripting, cyber criminals, data breaches, identity theaft, mitigate, non-repudiation, phishing, Web 2.0, web 2.0 threats, websense, xss