Top Security Threats
IS317: Hacker Techniques Tools and Incident Handling
The report highlights dramatic increases in targeted attacks on enterprises; the continued growth of social networking sites as an attack distribution platform; and a change in attackers’ infection tactics, increasingly targeting vulnerabilities in Java to break into traditional computer systems. In addition, the report explores how attackers are exhibiting a notable shift in focus toward mobile devices.
Targeted attacks such as Hydraq and Stuxnet posed a growing threat to enterprises in 2010. To increase the likelihood of ...view middle of the document...
Zero-day vulnerabilities and rootkits
Once inside an organization, a targeted attack attempts to avoid detection until its objective is met. Exploiting zero-day vulnerabilities is one part of keeping an attack stealthy since these enable attackers to get malicious applications installed on a computer without the user’s knowledge. Zero-day vulnerabilities become everyday vulnerabilities via attack kits; inevitably, some of the vulnerabilities used on Stuxnet as well as the other 6,253 new vulnerabilities discovered in 2010 will find their way into attack kits sold in the underground economy.
In 2010, attack toolkits, software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers, continued to see widespread use. These kits increasingly target vulnerabilities in the popular Java system, which accounted for 17 percent of all vulnerabilities affecting browser plug-ins in 2010. As a popular cross-browser, multi-platform technology, Java is an appealing target for attackers.
The Phoenix toolkit was responsible for the most Web-based attack activity in 2010. This kit, as well as many others, incorporates exploits against Java vulnerabilities. The sixth highest ranked Web-based attack during the reporting period was also an attempt to exploit Java technologies.
In 2010, most malware attacks against mobile devices took the form of Trojan Horse programs that pose as legitimate applications....