Computer crime: Top threats in 2007
Narayanan R
Computer crime: Top threats in 2007
January 03, 2007
What kinds of security attacks should you worry about in 2007?
IT World Canada asked several industry experts for their take on these and other issues. And here's what they had to say.
Right on target
The closing year saw a remarkable slow down in worm attacks and widespread malware assaults, according to Internet and mobile security services provider F-Secure Corp. based in Helsinki, Finland.
The firm says in 2007 we're likely to witness an increase in targeted attacks against organizations, with backdoors, booby trapped documents and rootkits.
A 'backdoor" is a method of bypassing normal authentication, or of securing remote access to a computer, while attempting to remain hidden from casual inspection. The backdoor may take the form of an installed program, or could be a modification to a legitimate program.
In this scenario, he said, hackers use a cloaking device such as a rootkit to conceal a backdoor and extract valuable information from the target company. The forged e-mails may include booby-trapped Microsoft Office documents, or Excel spreadsheet files that appear to come from a legitimate source or even the company itself.
Hypponen also warns of an increase in phishing scams and the use of bogus domain names.
Crafty social engineering schemes and counterfeit but well-constructed Web sites or phishing e-mails will separate the unwary from their money or private information, according to industry observers. Scam artistes, increasingly, are deploying sites with a lifespan of just an hour, to entice users and then disappear.
PayPal and EBay continue to be the most targeted outfits by phishers, but some German banks are also becoming popular targets, said F-Secure.
Some sites deploy bogus login boxes that ask users to type in valid PayPal user names, passwords and credit card numbers.
Regards,
Narayanan.R
Asian School of Cyber Laws