Web Browsers Under Siege From Organized Crime
February 13th, 2008 Leave a comment Visited 43 times, 3 so far today
Web Browsers Under Siege From Organized Crime
IBM (NYSE: IBM) today released the findings of the 2007 X-Force Security report, detailing a disturbing rise in the sophistication of attacks by criminals on Web browsers worldwide. According to IBM, by attacking the browsers of computer users, cybercriminals are now stealing the identities and controlling the computers of consumers at a rate never before seen on the Internet.
The study finds that a complex and sophisticated criminal economy has developed to capitalize on Web vulnerabilities. Underground brokers are delivering tools to aid in obfuscation, or camouflaging attacks on browsers, so cybercriminals can avoid detection by security software. In 2006, only a small percentage of attackers employed camouflaging techniques, but this number soared to 80 percent during the first half of 2007, and reached nearly 100 percent by the end of the year. The X-Force believes the criminal element will contribute to a proliferation of attacks in 2008.
Using these techniques, cybercriminals can infiltrate a user’s system and steal their IDs and passwords or obtain personal information like National Identification numbers, Social Security numbers and credit card information. When attackers invade an enterprise machine, they could steal sensitive company information or use the compromised machine to gain access to other corporate assets behind the firewall.
“Never before have such aggressive measures been sustained by Internet attackers towards infection, propagation and security evasion. While computer security professionals can claim some victories, attackers are adapting their approaches and continuing to have an impact on users’ experiences,” said Kris Lamb, operations manager, X-Force Research and Development for IBM Internet Security Systems. “The Storm Worm provides a microcosm of the kinds of threats users faced in 2007. All in all, the exploits used to spread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by-downloads by way of Web browser exploitation.”
|
TechWhack on Facebook
|
