| Spyware authors target businesses
New attacks bypass firewalls to steal identities, drain resources
By Nick Smith, Editor A couple of months back we told you about ransomware, a new form of spyware that injects websites with malicious code, scans infected PCs for critical files, encrypts them, and then demands a ransom for their decryption. It was just the latest example of the continuous evolution of spyware attacks � and another good reason for customers to shy away from Internet banking (and e-commerce in general).
Well, it�s happening again. Now spyware authors are creating code that bypasses anti-virus and firewall configurations, enabling hackers to monitor keystrokes and collect user information directly from corporate networks. And the result is not just the loss of confidential information, but the draining of system resources and productivity, the creation of more spam, and even the generation of Denial of Service attacks against other businesses � from your system.
How are they doing it?
It�s just one method in an ever-increasing arsenal available to spyware authors, whose tactics are growing in sophistication as they team up with spam artists and botnet lords to steal identities and corporate assets on a larger scale than ever before. The methods vary--from the annoying, such as popup generators and browser hijackers (which replace your home page with that of a spy site), to the downright malicious, such as keyloggers and drive-by downloading, in which users automatically download spyware by visiting certain sites. And then there are the search hijackers, which generate results from fraudulent search engines to lead users to illegitimate, spyware-driven sites. We�ll be looking at these methods (and their countermeasures) in detail in an upcoming white paper that we�ll include in next month�s newsletter. How can you protect yourself? | 1. | Intrusion prevention at the network level is the best way to prevent spyware from circumventing your organization�s firewall. | | 2. | Conduct regular vulnerability scans. New vulnerabilities crop up daily, so once a year scans are not enough. | 3.
4.
5. | Switch from Internet Explorer to an alternate browser such as Mozilla's Firefox.
Tighten acceptable use policies for web browsing, email use, IM, and downloading attachments. Prohibit P2P programs like Kazaa, and allow the downloading of reputable search toolbars (e.g., Google, Yahoo) only.
You can use open source programs to supplement your defenses. Ad-Aware and Spybot Search & Destroy are both free and work like virus scanners. If you choose to go this route, though, remember two things: you'll have to do it yourself, and you won't have the technical support. | Resources
The FDIC�s recent Financial Institution Letter (FiL) on spyware is essential guidance on the spyware threat. Check it out here.
|  |  | | |  | | Are your ATM machines secure? Up to 50% of them aren�t, according to a new Gartner report, opening the way for identity thieves to use account information gained in phishing scams to create counterfeit cards and download huge sums � to the tune of $2.75 billion last year alone. How is this happening? Because up to half of ATM machines fail to check the security code in the magnetic stripes on credit cards, leaving banks and credit unions with high withdrawal limits especially vulnerable. Find out what you can do about it. |  | | Hackers spear-phish corporate insiders. We�re all used to mass phishing emails, in which hackers manipulate unsuspecting users into divulging confidential information. Now phishers are adding to their arsenal by personalizing their emails and targeting specific employees at organizations in attempts to gain access to corporate data. How are they doing it? By finding employee information on corporate directories or websites, tailoring the emails to look like (or actually contain) legitimate corporate documents, and then manipulating the users to divulge usernames and passwords on faked extranet sites � or to click on attachments injected with malicious keylogging code (crimeware). How can you defend yourself? | |  | | Speaking of crimeware, this new breed of phishing appears to be overtaking the traditional social engineering email as the primary vehicle phishers use to steal identities. The latest Anti-Phishing Working Group report shows that the number of phishing-related Trojans that plant keyloggers to monitor and record access to online accounts has doubled in the last month � more evidence that phishers are adapting quicker than preventative countermeasures. Read the report. Read the report.
Exploring a brave new world? With users deserting Internet Explorer in droves for alternate browsers such as Firefox, Microsoft hopes to salvage its dominant position in the market with a new version featuring much of the functionality of its competitors. Internet Explorer 7, now in Beta (it will be available to the public in 2006), features tabbed browsing, improved security, and a phishing filter feature that alerts users when they visit suspicious sites. But are the changes enough to stem the tide of fleeing IE refugees? Check out the early review here. |  |  | | | | |
Forward to a Colleague
Forward to a Colleague 
Join List
Unsubscribe
Privacy Policy
No comments:
Post a Comment