Jump to content

As Hacking Increases, Being Anonymous Getting Harder

Recommended Posts


As Hacking Increases, Being Anonymous Getting Harder


Anonymous isn’t so anonymous anymore.

Companies like Sony will continue to witness more breaches of their virtual networks until top level executives start taking hackers, and the cyber gangs that run many of them, as seriously as they take their client base. Not only do Sony PlayStation gamers want their IDs and internet protocol addresses kept secret, companies like Sony want their computer systems, housing thousands of sacred corporate data, protected just the same. In the tug of war between software security and cyber criminals, the red ribbon on the rope is still squarely in the middle, which means this is one battle the security guys have not fully won. In fact, it is doubtful that they ever will. For every malware companies like Kaspersky Lab have destroyed, two more have popped up in its place.

Tim Armstrong, a virus researcher at the Massachusetts based headquarters of Russian IT security firm Kaspersky Lab said on the company’s website Wednesday that corporations were not doing enough to protect their data, and the personal information of their clients.

“Companies have a lack of high level education that these threats are important to deal with,” he said. “Until they do, more security breaches will happen.”

Sony has become the poster child of bad corporate IT. The company’s online gaming division was hacked again last month.

Hacking has become somewhat glamorous. But hackers operate in different worlds. There’s thee advanced persistent threat, or APT, which is usually the mastermind of governments. There’s various cyber criminals and gangs from China to Russia who are after bank accounts and harvesting personal identities. Then there’s the new hacktivism group, like Anonymous, and even LulzSec who once said that hackers should target Sony’s PlayStation site in order to get Americans off the couch.

Many companies might not understand internet security, but the backside of a security breach is often more costly than it is to set up a security wall around a product, or network; a network that a growing number of corporate customers are linked into through QR codes and, of course, the now famous “cloud” of virtual networks that are making personal hard drives obsolete.

On Oct. 21, I spoke with Kaspersky Lab analyst Sergey Golovanov about the latest security threats from the APTs to botnets, and whether or not the top three software security firms had it under control.

Rapoza: Your CEO Eugene Kaspersky says computer networks are increasingly under attack. Is it getting worse?

Golovanov: I think we all have the malicious security issues under control at present. But if individuals and companies do not see just how big of a problem these code writers are becoming, and if they let their guard down, then the malware writers will definitely win. All the world is connected by computers. Your electric power is run by computer networks. Stuxnet, a worm IT security analysts found last year, shut down all of Iran’s electricity. If we are talking about a common user, whether a company or a personal computer or smart phone, malware writers can do anything they want with the data they mine from a network. They will still your data. They will steal your money. They will steal your identity. It is becoming a bigger problem.

Experts at Kaspersky Lab are continuing an ongoing investigation into what has become the biggest malware program to date, known as Duqu. Golovanov said last month that Duqu shares some characteristics with the infamous Stuxnet worm that targeted industrial installations in Iran. Though the ultimate objective of the creators of this new cyber threat is still unknown nearly two months later, what is clear is that Duqu is being used for carrying out targeted attacks on a limited number of objects, included those in Iran.

Commenting on the new findings, Alexander Gostev, Chief Security Expert at Kaspersky Lab, was quoted saying on the company’s website: “Despite the fact that the location of the systems attacked by Duqu are located in Iran, to date there is no evidence of their being industrial or nuclear program-related systems (like Stuxnet). As such, it is impossible to confirm that the target of the new malicious program is the same as that of Stuxnet. Nevertheless, it is clear that every infection by Duqu is unique. This information allows one to say with certainty that Duqu is being used for targeted attacks on pre-determined objects.”

Duqu is most likely an APT. That type of program isn’t going to hack into a person’s X Box Live account, or their Android. In fact, the malware gunning for Microsoft and Google networks are numerous and potentially just as damaging. Not only does a company, like Sony, start to lose credibility in its fight against cybercrime, but smartphones running Android are more susceptible to attacks than iPhones. Bad for Google. Great for Apple.

All told, on computer devices running Kaspersky Lab security software alone, 213,602,142 network attacks were blocked. Over 263 million malware programs were detected and neutralized. By comparison, in August 193.9 million network attacks were blocked and 258 million malware programs were detected and eliminated. That’s just on machine’s running Kaspersky Lab IT software, so the number is actually much bigger when considering devices using Symantec’s Norton brand security products and McAfee.

KR: What’s making Android more attractive to hackers than iPhone?

SG: We haven’t found any iPhone malware yet. Everyone is looking for the Android users and that’s probably because the iPhone is a closed operating system and the Android is an open operating system so it is easier to create malicious software for them.

KR: The new quick response (QR) codes, those crazy scanable boxes you see with scrambled crossword puzzle-like squares inside on everything from the local newspaper to a box of cereal now; they seem to be the new favorite of hackers. How do they work and how do you stop them?

SG: You can use security software applications to stop them, for the most part. The first known instance of QR code malware we found in Russia in September. Russians thought they were downloading a new Android app called Jimm, but instead when they swiped their phone over that bar code it ended up sending numerous text messages to a long distance number that they had to pay for. We’ve found a few of them in Russia and know who is spreading them and who is making them.

KR: Who is it?

SG: It’s a hacker network in Russia. Mostly Russian. The Russians are like the project managers of the group and the QR codes are just spread out through malware writers within that network through blogs or on news websites that were hacked. The code brings users to a fake application. It’s all about exploiting people, and once you’re infected, the hackers have your phone number and can access info on your smartphone.

KR: What’s a recent malware program you guys helped neutralize?

SG: The Hlux botnet. We did that with Microsoft mostly. We were tracking it since early in the year. It was mostly steeling personal data, phising, spamming and sending out denial of service attacks on computers. We have full control over it now and are working with U.S. law enforcement on the case. The roots of the operation is in the U.S., but we are pretty sure their base of operations is in Russia.

KR: How do you stay on top of hacker groups?

SG: We infiltrate their online chat forums, especially through the invisible web or by using Tor, an anonymous network where hackers like LulzSec and Anonymous often hang out.

KR: A black market internet. Deep cover cyberspace. That’s as anonymous as you get, I guess.

SG: Yes. We’re in there. We have to weed through a lot of nonsense, but you can get a sense of what those groups are doing in that hidden internet. They’re usually up to no good.

Sursa: http://www.forbes.com/sites/kenrapoza/2011/11/03/as-hacking-increases-being-anonymous-getting-harder/

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...