Changing battleground: security against targeted, low-profile attacks
Abhilash Sonwane Cyberoam
Corporate stream: Wednesday 19 September 2007, 11:40 - 12:20.
download slides (PDF)
If Code Red, Netsky, Nimda and Slammer were the attention seeking, boisterous bunch of Internet threats that struck at
random, today's attacks are crafty in their silence. Methodical and highly targeted, they avoid the limelight. What
looks like a lull today is, in reality, a false sense of calm as attackers continue to launch silent attacks,
siphoning funds, stealing personal identities and confidential information, and carrying out attacks of vendetta
and exploitation.
These threats stalk the Internet world, targeting the lesser known, less defense-ready counterparts and individuals
rather than the well-known entities. As a result, these attacks go unreported.
And it doesn't take a genius to carry out these attacks. All it takes is one ordinary hacker to obtain freely and
openly available malware, crimeware and phishing toolkits to sniff out weak links and exploit individuals and
enterprises.
This paper studies loopholes in individual and enterprise security, and how they are exploited, along with the
existence of current threats and their evolution. It explores how innovation in the security industry must move
towards defense-readiness, taking into account the human factor to recognize anomalous activity and deviation in
user behaviour patterns.
With a new set of samples to measure detection against, a new platform on new hardware and a selection of new products in the mix, John Hawes had his work cut out in this comparative review on Windows XP SP3.