Cyber attack toolkits pose huge threat
Dubai, January 19, 2011
Cyber attack toolkits are being used much more widely as they have become more accessible and relatively easier to use, according to a Symantec report.
Attack toolkits are software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers. These kits enable the attacker to easily launch numerous pre-written threats against computer systems. They also provide the ability to customise threats in order to evade detection, as well as automating the attack process.
The relative simplicity and effectiveness of attack kits has contributed to their increased use in cybercrime — these kits are now being used in the majority of malicious Internet attacks, said the report on ‘Attack Toolkits and Malicious Websites’.
For example, one major kit called Zeus poses a serious threat to small businesses. The main objective of Zeus is to steal bank account credentials. Unfortunately, small businesses have fewer safeguards in place to guard their financial transactions, making them a prime target for Zeus, it said.
The profitability of malicious code attacks using Zeus was recently illustrated by the September 2010 arrests of a ring of cybercriminals who allegedly used a Zeus botnet in the theft of more than $70 million from online banking and trading accounts over an 18-month period.
These kits are now often sold on a subscription-based model with regular updates, components that extend capabilities, and support services, it said.
Cybercriminals routinely advertise installation services, rent limited access to kit consoles, and use commercial anti-piracy tools to prevent attackers from using the tools without paying.
Faster Proliferation of Attacks
The speed at which new vulnerabilities and their exploits spread around the globe has increased due to innovations that attack kit developers have integrated into their products. Attack kits are now fairly easy to update, which allows developers to quickly add exploit code for new vulnerabilities, the study said.
The result is that some exploits are in the wild just days after the associated vulnerability becomes public. Attackers who can easily update their attack kits with recent exploits are able to target potential victims before they apply necessary patches.
Because attack kits are becoming easier to use, cybercrime is no longer limited to those with advanced programming skills. Participants now include a mix of individuals with computer skills and those with expertise in traditional criminal activities such as money laundering. Symantec expects that this much larger pool of criminals entering the space will lead to an increase in the number of attacks.
“In the past, hackers had to create their own threats from scratch. This complex process limited the number of attackers to a small pool of highly skilled cybercriminals,” said Johnny Karam, regional director – Mena, Symantec.
“Today’s attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized.” - TradeArabia News Service
More IT & Telecommunications Stories
- Du offers free smarphones on tablet purchase
- Batelco launches double credit promotion
- Cyber threats focus of Bahrain security talks
- Bahrain tech expo to honour innovators
- Scope ME named distributor for InfoWatch
- Nawras quadruples 3G+ mobile services
- Menatelecom expands bill paying network
- Du joins new global cable consortium
- Kuwait moves to create telecoms watchdog
- Batelco backs Royal Fund for Martyrs
- Egypt's Global Telecom posts $749m Q4 loss
- Red Hat launches open source BPM suite
- Batelco announces new board
- Batelco offers improved broadband
- You don't own phone numbers, warns TRA
- Tech giants back top Qatar ICT event
- Du to provide wifi access in public areas
- Zain finalises $800m, five-year loan facility
- Ooredoo Q4 net profit falls 36pc to $140m
- Mobily, Etisalat team up for LTE roaming
- Batelco approves $84m dividends for 2013
- Etisalat Q4 profit rises 70pc to $394m
- Kenya telecom firm to join Etisalat SmartHub
- Aruba appoints new sales director
- Du enters $1.17 billion financing deals
- VIVA extends 4G LTE offer
- Batelco to update students with latest technologies
- Etisalat SmartHub seals IPX agreement
- Etisalat picks Alcatel for LTE network expansion
- Boeing, QCRI host machine learning forum