News
News
1/18/2005
03:15 PM
50%
50%

Slurpware: You Heard It Here First

The newest term in Internet security threats has just been coined: slurpware.

The newest term in Internet security threats has just been coined: slurpware.

"It's when all the effective Internet attack elements come together to potentially steal a lot of money," said Jay Heiser, a vice president and research director at Gartner said Tuesday. "'Slurpware' requires a community of trusted users, phishing mail, password slurping malware, and sponsorship of the Russia Mafia," he added.

Such convergence-style attacks aren't new, but they are the future, said Heiser, noting that organized crime-operated, slurpware-style assaults have hit e-commerce companies like eBay and PayPal, as well as some major financial institutions.

"This is indicative of a certain level of attack sophistication, and it's unreasonable to think that there won't be further convergence [of techniques]," he said.

By combining the automated properties of massive e-mail campaigns and keylogger-style spyware, the bad guys have the upper hand at the moment. "The criminals figured out how to automate their offense before we automated our defense," said Heiser.

The answer, he predicted, will have to be stronger authentication that goes beyond the simple usernames and passwords that most e-commerce or e-banking sites now use. "The viability of simple passwords on e-commerce sites won't be viable much longer."

Among the defenses being tried, said Heiser, are hardware-based tokens required to access confidential sites, such as banks and credit card companies. While the "U.S. is way behind on this," he said, other regions are moving fast. "Brazil is, and it's not because it's a hotbed of technology, but because there's been a lot of [online] theft there." Other areas with a head start on America include Western European countries like the Netherlands and the Scandinavian nations.

But unlike some prognosticators, Heiser doesn't' fear for the viability of online commerce. "The online market is too appealing to both buyers and sellers," he said. "They'll solve the problems as they come up, or maybe after they appear, but generally it will work its way out."

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of June 21, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.