Security experts say cyber attacks a growing threat
Pose greatest danger next to WMD
Cyber attacks are accelerating at a pace that suggests the Internet — already a risky environment — is likely to pose a steadily growing threat to individuals and companies for years to come.
That’s the sombre consensus of security and Internet experts participating in the giant Black Hat cybersecurity conference that concluded here last week.
Internet-generated attacks comprise “the most significant threat we face as a civilized world, other than a weapon of mass destruction,” Shawn Henry, former head of the FBI’s cybercrime unit, told some 6,500 attendees in a keynote address.
Jon Stewart, Dell SecureWorks’ director of malware research, presented research detailing the activities of two large cyber gangs — one based in Shanghai, the other in Beijing — that have cracked into the networks of thousands of companies over the past halfdozen years.
The attacks invariably begin by infecting the computer of one employee, then using that machine as a toehold to patiently probe deep into the company’s network. The end game: to steal customer lists, patents, bidding proposals and other sensitive documents.
Each gang is made up of dozens of employees playing complementary roles in attacks that are “stealthy and persistent,” Stewart said. “Even if they do get discovered and get kicked out of a network, they come back, targeting a different employee.”
Another gang, analyzed by Dell SecureWorks researcher Brett Stone-Gross, has been blasting out spam, designed to slip past spam filters.
The messages carry instructions to click on a link to read bogus delivery invoices, airline reservations or cellphone bills.
The link, however, takes the user to a web page that installs malicious software.
Stone-Gross said the gang currently has access to 678,000 infected PCs, some of which are used to carry out its lucrative specialty: orchestrating fraudulent wire transfers from online banking accounts.
Meanwhile, a different category of hacker is stepping up attacks, not on individual PCs, but on company websites. Website attacks now routinely occur, as criminals probe for ways to breach databases carrying usernames, passwords and other valuable data, said David Koretz, general manager of website security firm Mykonos, a division of Juniper Networks.
Some successful website hackers enjoy boasting — by publicly posting some, if not most, of the stolen data.