Tech: Trens in Malware: Whaling?
Subject: Tech: Trens in Malware: Whaling?|
Date: 04 Oct 11 - 02:57 AM
Security people are predicting some significant changes in malware distribution that people need to be aware of in order to know what can be trusted and what should be avoided on the web - - - and now on the 'phone.
A good general summary of the coming threats expected to become more common is at:
The future of malware
By Jeff Vance | Network World US | 03 October 11
The whole article is worth reading for the general view of expected trends.
Almost everyone by now should know what "phishing" is, and most have probably heard of "spear phishing" in which a communication is disguised to look like a note from an office supervisor or corporate executive, sent to a subordinate.
In a new form:
Chris Larsen, head of Blue Coat Systems' research lab, says the most common social engineering attack their lab catches is for fake security products. He also explained that social networks aren't just being used to target individuals.
Larsen outlined a recent attack attempt where the bad guys targeted executives of a major corporation through their spouses. The logic was that at least one executive would have a poorly secured PC at home shared with a non-tech savvy spouse, which would then provide the backdoor needed to compromise the executive and gain access into the target company.
They're calling this one "whaling," and:
"Whaling is definitely on the rise," says Paul Wood, senior intelligence analyst for Symantec.cloud. "Just a couple years ago, we saw one or two of these sorts of attacks per day. Today, we catch as many as 80 daily."
According to Wood, social engineering is by far the most potent weapon in the cyber-criminal's toolbox (automated, widely available malware and hacking toolkits are No.2). Combine that with the fact that many senior executives circumvent IT security because they want the latest and trendiest devices, and cyber-crooks have many valuable, easy-to-hit targets in their sights.
There's been quite a lot of chatter about threats to the new phones and mini devices:
While smartphone threats are clearly on the rise, we've yet to see a major incident. Part of the reason is platform fragmentation. Malware creators still get more bang for their buck by targeting Windows PCs or websites.
Larsen of Blue Coat believes that platform-agnostic, web-based worms represent the new frontier of malware. Platform-agnostic malware lets legitimate developers do some of the heavy lifting for malware writers. As developers re-engineer websites and apps to work on a variety of devices, hackers can then target the commonalities, such as HTML, XML, JPEGs, etc., that render on any device, anywhere.
Smartphones are also poised to become e-wallets, and if there's one trait you can count on in cyber-criminals, it's that they're eager to follow the money.
Platform fragmentation also elicited the comment:
Today, Android is the big smartphone target, but don't be surprised if attackers turn their attention to the iPhone, especially if third-party antivirus programs become more or less standard on Androids. IPhone demographics are appealing to attackers, and when you talk to security pros, they'll tell you that Apple products are notoriously insecure.
Apple is extremely reluctant to provide third-party security entities with the kind of platform access they need to improve the security of iPhones, iPads, MacBook Airs, etc. "Apple is very much on its own with security," Maiffret says. "It almost mirrors late-90's Microsoft, and it'll probably take a major incident or two to incite change."
And even your auto isn't safe:
During the Black Hat and Defcon conferences in early August, researchers demonstrated a number of disturbing attack scenarios. One particularly scary hack showcased the possibility of hijacking a car. Hackers could disable the alarm, unlock its doors and remotely start it through text messages sent over cell phone links to wireless devices in the vehicle.
Other at-risk embedded devices include airbags, radios, power seats, anti-lock braking systems, electronic stability controls, autonomous cruise controls and communication systems. Another type of attack could compromise a driver's privacy by tracking RFID tags used to monitor tire pressure via powerful long-distance readers.
"As more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases," says Stuart McClure, senior vice president and general manager, McAfee. "Many examples of research-based hacks show the potential threats and depth of compromise that expose the consumer. It's one thing to have your email or laptop compromised but having your car hacked could translate to dire risks to your personal safety."
We should expect governments to be involved in all of the above, although it's hard to say which side they'll be on. I'd say we should split our bets.
Subject: RE: Tech: Trends in Malware: Whaling?|
Date: 04 Oct 11 - 02:58 AM
Of course I meant "trens" to be "trends." Mudelves help?
Subject: RE: Tech: Trens in Malware: Whaling?|
From: Nigel Parsons
Date: 04 Oct 11 - 06:07 AM
Okay, so 'Whaling' is like phishing, only for bigger targets!
They could have followed precedent by miss-spelling it, to make it clear that it is a new word.
Subject: RE: Tech: Trens in Malware: Whaling?|
From: Jack Campin
Date: 04 Oct 11 - 06:30 AM
Apple is extremely reluctant to provide third-party security entities with the kind of platform access they need to improve the security of iPhones, iPads, MacBook Airs, etc.
This being a third-party security entity talking. He would say that, wouldn't he?
Apple have done very much better at securing their equipment from malware than the third-party anti-malware industry has, and given this factor also quoted in the article
the most common social engineering attack their lab catches is for fake security products
it really is better for the average Apple user if they never even consider using any such products (which is more or less the situation now).