Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


CA Predicts More Attacks on Experienced Users



 By: Matt Hines
2007-01-25
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The security company's researchers say sophisticated threats such as Trojan viruses and kernel rootkits will proliferate in 2007.

The continued rise of IT threats that seek to trick even the most careful, experienced PC users ranks among the top issues highlighted by software maker CA in its latest online security research report.

Published on Jan. 25, the CA 2007 Internet Threat Outlook highlights the most pressing online security trends projected to have an impact over the next 12 months by researchers at the IT systems management and authentication applications provider.

According to the CA Security Advisor Team, malware writers will continue to blend multiple threat formats and utilize new, covert distribution methods in 2007, making it harder for even the most informed users to discern the difference between legitimate content and attacks.

CA rolls out support for Windows Vista. Click here to read more.

CA, based in Islandia, N.Y., said malware brokers will continue to piece together threats such as Trojan horse viruses, worms and the many forms of spyware to hide their attacks and evade technological defenses employed by both enterprises and consumers. With the level of professionalism rising quickly among the most sophisticated virus distributors, CA predicts that zero-day exploits, drive-by malware downloads and extremely intricate phishing schemes will continue to become more dangerous and harder to detect.

Resource Library:
Of particular danger to PC users will be blended threats that combine different elements of the various attack models, such as spam-borne Trojans and cross-site scripting code loaded onto legitimate Web sites, which go to greater lengths to cloak their activity on PCs and circumvent anti-virus systems.

According to the CA report, Trojan viruses—which load small, hard-to-find programs onto PCs and then call out to external sources to pull additional malware threats onto the infected device—accounted for 62 percent of all malware in 2006, while worms—which specialize in propagating themselves from one machine to another—represented 24 percent of attacks.

In a prelude to the types of threats CA expects to encounter over the next year, 2006 also marked the first time that researchers tracked a spyware program that used a so-called zero-day exploit to take advantage of vulnerabilities previously unidentified by software vendors or security researchers. The term "zero day" comes from the idea that users are unable to prepare for attacks on such vulnerabilities before they arrive, unlike in the case of malware that takes aim at known product flaws.

The research report contends that phishers—proprietors of fraudulent Web sites designed to look like legitimate URLs—will also become more sophisticated in 2007.

Phishers will replace the spam e-mails advertising Viagra or mimicking online banking communications that they have traditionally used to trick people into visiting their sites with new social engineering ploys, fooling new legions of consumers into swallowing the bait, CA said. For example, phishers may use messages that mirror common administrative e-mails such as e-mail delivery failure notices.

After slowing slightly during 2005, spam volume increased more rapidly again in 2006, powered largely by botnets, the networks of compromised PCs used to send spam through an ever-shifting list of IP addresses. CA predicts that along with continued adoption of botnets to distribute spam, attackers will also continue to use image spam—which hides the content of the e-mails in graphics files to evade filtering applications—and to load more of their messages with Trojan programs.

Attacks targeted at specific companies or individuals are also expected to increase next year, according to the report, as criminals look for new ways to aim their threats at potentially lucrative subjects. From keystroke-logging programs, which spy on users Web travels and attempt to steal passwords and other protected data, to one-off insider threats crafted by privileged users who know best how to exploit corporate security loopholes at their own companies, such targeted threats are expected to continue to proliferate.

Another type of targeted threat expected to grow in popularity is ransomware, through which attackers seek to take over or encrypt important files and then demand payment from the contents owners to release the information. In addition to using more complex methods of obscuring the data involved in such attacks, criminals have found new ways to collect their payments while staying out of view of law enforcement officials, CA researchers said.

Kernel rootkits, which cloak their activity by replacing a portion of a programs software kernel with modified code, are also expected to continue to be big in 2007. While rootkit-fighting technologies such as the PatchGuard kernel protection system built into 64-bit versions of Microsofts new Windows Vista operating system are arriving, most PC users will still be left open to the attacks over the next twelve months, CA said.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

Researchers are predicting that malware threats that take advantage of vulnerabilities in popular applications will continue to dominate the enterprise security landscape. As users are increasingly adopting tools for stopping traditional viruses such as those delivered via e-mail, hackers will continue to aim their efforts at finding and exploiting application-level flaws, the report said.

Finally, CA said hackers will continue to ramp up efforts to poison search engine rankings and to perpetrate click-fraud on advertising networks. By creating malware-laden sites that appear near the top of search results, including pages that mimic legitimate sites and URLs that are typos of popular Web destinations, CA said, attackers will continue to successfully target both experienced and new Web surfers.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.



  Reader Comments: CA Predicts More Attacks on Experienced Users
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}r㶲s\@♵MQH)ْZc[^f&uT I)|IN~b:?qtMJe2{<5D 74Aȹ=!1(ٟ9ЧGLzIj}ݻ@AiFN)##3rD廚fw2'v#S;^ > \?g#Q;Y|v@ߨV9AÙML}! {|HJKd/B(?cs?#=z'Ț_h@aUw0vK]K{<$#oAUVekV:6^ ;4r9Fȹ3z$fPr&NWw#25IRZ@[ 4ԘHGeCc`Ww,ǃɩT* TjQ3cmfZ35-3ǀؾQ̀A3E5L_C($fҀ[8#/׌<{eAuӱaGǍP5#o8sheynJ\WkQZ x>oچs[=0Q9n^wf?͇_煊B=ʑGA GfnGkp[N^ԢZ\}ꜟGr ] m%& jDTV*bh$" P}jCG'I_H5}(D~ZzQ-GjR;ғ,f3}3+iH,-?Z:u!usX&R*CA-tV1㝩S9m<_rt/۽>9]vSGR=Bg#j`Bmiqe_Zr\?-z??,rG=jiT뒒vdCu{Br,Od=h . !O}fr2GrI/o"$cM|`AmdƱ(|ǺrN~cE'zf-Mf "dh|]w P3Z$923z%Ke}7p@W-}rlNTW꒬2Wb{gHK\zcOuMW~?]t8^%glh|X.B2iK1QWG5MGZǦcWPT;*R85|Qnl 2XbXvP7X[A^݇lA:~f>QÜ#ͶOCGs>h2胆6ml-h$ ,70}Hw@zQI $oqpy4ڭ-%H_ >< FNJ$ nh-DCw 0Ie&3@yGLν݂23fC?F{7t$4,/= 0/ Z- Be^~m̢8ѵO>{0g`sDokwii#1).aHd˕F ] cRR,HHt"BђF 4  gscX"C"'Ǐ@@7;.Vʥ\.3=ry !sg r\B;7քRZ z)0 eVRiG]W-&D7r"e.G7Kᙖ6Z5oY*T^#&tcS7a #@.kiK0Pl;ik`0Ԑ(ʲMg9@Ϲhm'ȓcQmA 9g߃)兏u5TfB7g ƩOI|Ehs 2!jԹǦYg5׵Lj{ TF`ߒ^86h{Ͱ&PUM?>{BOM\naDP$:ϧHږiM-ȇroBo+څP!_.dI_fMblȌu>I!VBg';oW fnR>ra*j +)djz#JC͸^`é3h{q#%Ag=e河@tYKnuooEI8ۥi]hk%\<7Bɶ/^¢xmP2֡R(kӲ=2Pc62&C 7u(= > XU.*r_- }d2waZPK[ ʸASF͐`ADLl5KW)թw⸀4=".H{Lcg@>`ǟG(a!w1JkX$ U)=̔:Y[ ^|@'K |e@m\:55{qq88_ZO;žtْ/xNp ;Dh2f ñiH5ߴ!ӞWʈ>(-JPTIO5@&^`Ge d^s`M[`R9cDzlĠL#k# CQZ>-L.L{ jpj Rqqf~~i~R`X88l]p 2q͝a&?@&R)Ö13gdiG{ǙXT&j/AbPI}&Xk5F><}*O|qNxxO E .҈ Z D(rHUX#±U鬢cKQ0SKm{hAy-X\>(Dtm?`"!>}ڧnssQ*/sW3 TOfZV,֪16P+Rj _=>2z4Ebwc:1оs@,|tqZELYO`s!AvЎ@Oez\Nb!<,`(\pRj ͔ݛyh 䂲h3 ]lW 19M__)j7Gd٤S,H-qR#Y= w7ZAU[K[3]V< OQ: lz#x `QtEa:JiM[ `wIMz*O))"cqe@Y@zC-3b_@7B^+*5"X썿KCbRTh^{p jN:jFB-89k*RWo鸙 ĨhyU-'Fۂf038ʃz28c՞yu \=wzoCU%t+]/ wm>s7ѻMklޥ0͜6@yZWIdmPPu^J`gOpTcHj;QKć`w*f fӳP.T*E0=k"a^&k꾬=MY։46(!W ϣ DʜYߐ@ZhO ]k89bvv迌2KVV8<V6jRaokA~fZX)#=gR T>O3(~ (zC>ku uAL>a\TS,.mDUPU,UU\Hz,pe]T1n?cVVW`j-^2۹a n.E9[ 4˷ʨK^͖K%4e3/쌸-9DX<ybhaL%Q;o]Ah secn=’fDs,*.i, -e 4Cf"SkZ%,< 7Cd',-LGI4~:&.2O%ss]`_A|7=j#S$GR%*m\䎾ߓN\cĵ) JA)ݣ,D$d0JP-֫`W%ʠK= J;! ]DZq|{W !i*m oRٟ:sɖBy_I(4܌ xϰL'Vqm?3 cC7Wj(1A A D@";nC߱?% ?S-l8F::~ݕDw{tۃCRT>ir .5_AwyHDмG}6 ﵲRi5 }E^;:$#{/R&Ӹoٷ)P K N#bwmɾW2zV^{隿F>;"$r zE}R|Iw޻Gy#%{;Oj܉Z, Y# BwZ ǧͦ5vpRdQȔqH/=^q@һnw9`B4c5Ig AE׏u8eVxy~¯n-,$"0. I5:;> Bp$`$X*XU2_>GG2sy5^S PW"REH%IAڝu_f bt<~Ut"tPo)J!~_!c&o8~ PhLVb:n~"B2^'68ϻ}hp19ޏH%a.A-H7ԹJ9$S0QJh"g8QE;6?m[=`Rr(SJ&M'i. [5Kb-ȔRJ4:<ad2Y$iYIzJ,bTeH(SQSKFI3>eޞ,Hu=Ym@ybZӽK3%݋;/GX ;[ .ViH_8_`tOZ",GXɫI)j껰ΫT~DC>lj9l0 z>¼*,S^Jl7`ҵ^g]s6ͥO̴E{wmhG(V#w)c990vY?{xXL3mb{7 A皴.?@ W$ N޼=2oQP]9Yz$ACvgN~ℜ71n7~v6Şa6tͥoV<i?{޽¾"CWq:i)@^l"$$yEQjF/W3$]Bn/:L9zd< ,fsx3DoӼ4iAxnlOoC\pb_#y~cq.~(TR/aO,J骇9]MT-/^\RK>^ϫ< h`#[!0N Ģ7i62~1OO=rcǏ]MNi zc{ƹ39x l;oݭn T v_!O!%FJMc-!_к õcVǴ p8|+؊wf_O6oN{kA|;-e\1kp௩_Lo-)Bsh3[a@)w#OƥG/>qlh`jox?̴afw.krxV>q<~Q JPByeYs9 ǾvfGqR{㙾Typ-SwmNLX֌z7_=}Ut/ uD8LbnHзJzDECҲq. xxs4}|Yx/Gg4E&1W{ `:I?6Cߚ.0q>,5<7_̗ ĩBO)Ũ8.Q 3L+>>0]~:1,]jjz;VF$1vc@!ϰpdeh\Lx '?erN H˂!aα8Vc"P ?h=zgQńQ?v:iUl! _p&(%X{2Oȕ,IlvA%R{?A$r 2(q3mߦR*q%cq.8_VR8j XmME* HWz#oa3cσLJvـ? Y &o޵'qVbye2…ILZ&]-'U-'jzQ}4,46o;!d|C >[xՉR BPwOj^$Y/'oİrJ'>, %&!Pn* ̐VҞ]4m"ᒂuҒvAsWv(Rٖ֊/."}m2J@4ϥ!}2/j\l%,"`S0X_ 7䢖%ҋ@ ? !o0ye%2X7J~ Fp5.xán^sS'ֺ1Rm>eeI׎ܚA xNԈx#M3pWD3]ytRˀu1+ R5f[,ի%( #_<+!B^zMˤꢴ)c/~4ϖZ#gH~b RefkEx# #|}]TD\hq?Ȋp{f׸&0<]ܚKKKK^ʲRמ樓eK8+(*W1,~}0cGCZv`-_ПuN_kcvez1PVۏ;Cmn]uiyOb}P̜R>ūXk&^$E Ȗ_Lo3X m]ss-gR2K'̝k{bW)&t0|އ){I{f(H~Q7%%;.߹|vn<;N@JUaFh@ +%9C"1g~# W";#+[ʋ9:+%CSJG\L@¨4阂^;pvٌMjh`C§G}Q܆h}qt6_$bJ UmTDt.L{μfo(C$yK"*CߒԪx6ar. ܛրR^/Ut1WL` $lkby _z~ -i砩P92Kz2y7W7W7W7WTUE2>e4{]>1sBA@ x0#2I+P?\[=cmn[Osf`9z3 Xnݵo خ)8~}3yQ57Vy}WH1WnoLgK <;(Iƌ D>q=#j+^`wy-bƕSXE$szɃm{"b'aJ 1_iʯ_[ y&vUt9RIyduD2$ 0E̾ o;5," lNkHzx-k WjU`\hO` ]Gs`D#קOA@ /m/Y'{_*+GyKx4dφVj9 tn&rZAM ϖ#I@ʸ8i븚e)%}M\BW{}/c\#ŷznt.R` Ic *Di1M 찆߼ ) {LfFRro jߦLǀm_uD(J Ո_4ׅ dUoo9wt)5۬RP3W#1mLWLzl~Bif-e։5V(H_O3ƚe8\BOlA|`߱1YW 8wi)@QkHԭ1GV-N /*` bҩd=I^M q&)Zbp]}rEcDžc.g\6]ލi@K^Idũ߳yx ݨA2݀+ZWqi4-s﹆?5Ӑ4qC(u8xJC'* O2A1R9mnbfƆX50Vz^3nolz^C삩M` J }+n'-{sx"(fUJ"Wln84vG>rT<-*< ;,ix=@co@mj|)5,\ <\πJ*jA4`}"hR$>-^awv鮥gs 6JWiUy($ޝJ_$|ͱ@fs;J^aci \N z'W ByF}gz˃ sđjۋuNhO04V4.^ahˊRM<ң]F bd >3lS; Oe]?K m+Wai>U&[Q{Z; 3ZIpxu!.M-<_%ʘqQqŠ TTcЭB)˪M;InP}sY?e=` '24/xqBV{ hM,ku|U:l|%w;^a۶>N /&& )<]Сܛ ꁢߒ_}q4<~ym@ "6r?"IIoH!]U# `xHfꞓM3taCt(M$:}GL05ZEۻGYoN <0xd+ cB-=q٥OV.&h c>r*圭#+^bʑf2$[ѹp}/ E̜^fÈGs{WŰDƤ c 4Q? ~3&N;"(G6@א0H`l=gFp 0c1CDǤIi֜iĄ~"GxAt|u#@[?d 6C;b<1cRLe@bG~Hm 0d)vqY@y+DL͂`Aa~L­!P)awS0Zmnɤ X`k,2E<CezY<6swe~rt6f^5KqfldaQZ(G71<Tg0Y"*[7ΥI`EV<' .yHcI ^iN4X/d MO_zwj =/2">G/3 ?eAYF?P~Q{1?s w1=/=? ː/W@Wq_e sA?}?c}?cA Z_c}}OY0O(*ɠh& K:ICP.Np3˹q+ /ޯ?e4R zvAX^eR51 ௟dnleҽ:鵓 aq)z^U^xڙipۭ]PKG{1*,xW&^>&c˼XH{R}tEI>t+qLw<_[nNJ>s\ȜH8V0'fY !kG"\5½p'oe)cAR̤-}@#]~̬(AG.v:)n7wpK|0: 7WwiMnڧn\v<2kݫ++〚+p'k͠~%sS$iN^Zqz`~uw= !Y>YcP,hMdB'pZc(+"D74\9KqbB]SKt-ӯ.1 vC21Ar|$UJZR[TJ=DDS_R(B]N-U+zT,.g /(@#غM{%}C3<8fȳRLq u+J!'\BxKm!+2dof2 @%aw8a+h;Rq X~Y8P*`!K؞:F^G$r*gMvb{MAÆ^Ėٵv"n<4Nwz:e/4ǝaƹr2@8v[h xqfڔSz Ls\hn2#&3!Mť{:Tx| "e*sMYf-Nؒ1"QURۨWyɑ "9<20wHvP,皩cV}< (luy9o"dxCd,0GZ1i,| @cśI VݍΊZqM @bWa5}*˷3|6bRF5sN㣭A{@1b V$ǖ1x_05:%xlӍ]krꦶ\BrץO_ G<'@MduBlk8sXK1wUWw.j~K5 X 9cL o>&1DLDLL47D6?i.'<4`&^_ϘsӞ?z. l}0CD-yaO,|Ŷ/G㿄$M[0|K b?94vL9 H\}T.q 5" "kHH "s{B|%IgVߞsQH頲;y86Mo.9ao5RFXk;^̀Zԝ:6Zd;\A >%v jf\gHa)xD(1H YY/j5ptwkd9HR=I*4UMf΢ْszn%0)% KBlmyTXfc.Lc0ŬBCh=)ObQ޺%76x}҂Χ^pgUvy*s*>`H6A1^<;z>νE C2z d|$_Oxƪ~Saxr=F=з57b([|ӼǼˍt_$%\!dW<l43@FWD0;"ZYc,#sE%X,8/ kuf㿴; ƝMQ .9-Bu6 ^|:yGW}Q'Fa|dt%+^FzM`Wpۂ{XiWeRpCV)tO˞}狰CNx3AEk,^rXտb/opSGgp#b uu+y!.1: f.X=l׉Q#nȅ+` jkD]YtA&Ǹ[0tcz7^=W-lI12ePCik5ZK 0Dq] XǢȖWqTR:!; /D?8 ciL ;acXJYF!Ƨۅ 7'TS*4.v>ϝ?^9?rϢy9qGg#^HVw9k+[Ѐ7H>Y;PE"1w1GN= `5>gvC%z1w~X0~v19&Y>6s3a=d>]x OgWPэX-f1!Dv88)ҡCCĚR!*aڇl*~H&/3,{+нD~xFs-^ χ"@Ă+"e}q$Y":xqea Vt*N睥 P.i{TO34[;?; otˌhT*.㉋o:g'u Fɇ׽m)h!/=R$Du $RzWv{>Y/uK+_1dF-<#@g5Vj"4&o(FҢ̰ \岞 ZqKmN~늘P%On6%c(\ɜKBS+$Z/WiQm&' Cfan؄;66BJF:6L]_[ PR_(