Software // Information Management
Commentary
12/9/2008
09:34 AM
Randy George
Randy George
Commentary
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

Crimeware-As-A-Service Will Emerge In 2009

Many ISP's are selling your Web surfing habits to the highest bidder. That's a fact, but it's not a crime. Now take that concept to the next level. Envision vast databases full of credit card information, valid FTP site account data, and valid network credentials available for purchase by cybercriminals. A new and nefarious industry is born.

Many ISP's are selling your Web surfing habits to the highest bidder. That's a fact, but it's not a crime. Now take that concept to the next level. Envision vast databases full of credit card information, valid FTP site account data, and valid network credentials available for purchase by cybercriminals. A new and nefarious industry is born.Allow me to profile a truly helpless cybercrime victim. No, I'm not talking about the Generation-Y computer user who frequents social networking sites and runs Kazaa, LimeWire, Grokster, and eDonkey simultaneously. I'm talking about a user who is careful about which sites he or she browses, and what attachments he or she opens. Common sense dictates that if you compute in "safe neighborhoods" then you are safe from the payloads that malware and Trojans typically carry for their victims. If that is still your take on the state of security on the Internet today, you might as well turn off your computer and start skipping down the yellow brick road with Dorothy and Toto.

Once thought of as harmless, the active content packed into PDF files and Flash banner ads is quickly becoming the portal of choice for hackers who are committed to harvesting as much of your personal data as possible. Few people give a second thought to opening PDF attachments. Unfortunately, few people understand that PDF files aren't static documents anymore. It's easier than ever to purchase crimeware toolkits for the purpose of turning a harmless PDF file into a full-blown virus using the active coding and scripting capabilities of Adobe PDF Reader.

Additionally, malware infection is getting increasingly out of control thanks to new techniques being used by hackers. There have been seemingly countless victims of the omnipresent Antivirus XP 2009 malware package over the last couple months. If you have personally fallen victim, the very mention of Antivirus XP 2009 might fill you with rage. Constant popups, no uninstallation program, persistent paging to disk for no reason, countless banner ads stating that you're infected and you must license Antivirus XP 2009 now. It's enough to drive you mad. But just as important as how you clean up the mess left by malware, IT needs to understand how it got there in the first place.

Like most malware, your users will tell you that they didn't open any attachments. You check their antivirus and its up to date, and their local firewall is on and running normally. The culprit? Remember that seemingly harmless Flash-based banner ad that jumped across your screen as you browsed from legitimate Web site to legitimate Web site? Well, it wasn't so harmless. Increasingly, cybercrime syndicates are compromising the Flash-based ads being served out by ad networks in order to stage their attacks. The robustness of the Flash ActionScript programming language, coupled with the wide distribution base and cross-platform compatibility of the Flash player, all make for a perfect storm of capabilities that can and are being used against you.

Finjan just released a cybercrime trends report for 4Q of 2008 detailing some of the methods the more-advanced cybercriminals are using to extract your most sensitive data from your PC. While Finjan just so happens to offer a security appliance that provides a solution for the real-time active inspection of dynamic content, the report itself is a must-read for IT admins. In the enterprise, it's no longer enough to simply install a firewall and virus protection software and go to sleep. And simply patching your servers and workstations isn't enough, either. Beyond Windows updates, it's now necessary to update and patch any application which might be used to run active content, including the formerly harmless Adobe Acrobat Reader. It's more important than ever to study the enemy and their techniques if we are to stand a chance, and this report does a great job at exposing some of the tools and techniques being used in the ever emerging crimeware industry.

Follow this link to read the report in its entirety.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, don’t look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.