|
|
By Dennis Fisher
November 26, 2003
The outlook for 2004 for the technology industry may be bright, as many experts say we are in the beginning stages of a rebound, but there are more dark days ahead for the security community.
Using the spate of DDoS (distributed denial of service) attacks against a handful of high-profile Web sites in early 2000 as a starting point, the last three years have been marked by a steady parade of increasingly malicious viruses, denial-of-service attacks, network worms, and attacks on businesses and home users. Code Red, Blaster, SoBig, Slammer, Bugbear, Nimda, Love Bug, Mimailthese are just a sampling of the digital detritus that users have had to wade through since then.
Hard as it is to believe, things may in fact get worse next year, security experts say.
There's no reason to think they'll slow down significantly. We've been seeing on average 50 new vulnerabilities a week, and 80 percent of those are remotely exploitable, said Vincent Weafer, senior director of security response at Symantec Corp., based in Cupertino, Calif. And that's what hackers are looking for. It's harder for companies to respond because of the complexity of corporate environments.
Weafer said a couple of the main drivers behind the increase in attacks and malware lately are more people writing viruses and attacking systems, and the rise of a global market for exploit code and compromised machines. PCs that have been compromised and loaded with a Trojan or IRC bot are hot commodities in the security underground, and crackers often trade or sell these machines to each other. There is anecdotal evidence of some individuals amassing networks of several thousand compromised PCs.
The general level of knowledge is up, and the barrier to entry is going down, Weafer said. There are more people doing attacks, and the prize is you want to do it on a global basis. It's a numbers game. Even if half of [your zombies] get discovered, who cares? You have 5,000 more.
Building up a network of that many zombies is also the cracker equivalent of athletes who are already filthy rich signing massive endorsement contracts: It's a way to keep score. If you have 10,000 compromised PCs under your control, then you can go on your favorite IRC channel and brag that you're the baddest kid on the block. But you can also make a nice return on your investment if you have the right contacts.
Ownership of these machines is worth money because people use them as proxies for spam, Weafer said. The genesis of all of this is all of the remotely exploitable vulnerabilities.
Weafer said he believes there will be more zero-day attacks next year, but probably not the massive, crippling event that some experts have been predicting. It takes a great deal of luck for something like that to happen, he said. Even if people don't have a patch to apply, there are usually other mitigation techniques they can use. But we'll almost certainly see more zero-day attacks.
Source: eWeek
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
