Category: Trends

The report summarizes the latest trends in the cybercrime marketplace over the first six months of 2008.

One of the biggest among those trends is the growing commoditization of some kinds of stolen data, according to Yuval Ben-Itzhak, chief technology officer at Finjan. Until recently, he said, credit card numbers and bank accounts with personal identification numbers (PIN) were considered valuable items in the underground market.

Technologies from Citrix Systems Inc. are being used by an increasing number of health care organizations to enable remote network access, Ben-Itzhak said, and stealing Citrix log-in credentials often allows data thieves to gain single sign-on access to a wide range of health-related information from inside hospital networks.

There’s a growing focus on stealing log-in credentials that provide remote access to business networks as well. For instance, Finjan recently discovered a Argentina-based server containing over 500MB of stolen data and another server containing over 1.4GB of similar information in Malaysia. For instance, one of the servers had a cache of data that included passenger reservation data and flight scheduling information stolen from a major airline.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9100338&source=NLT_AM&nlid=1

“We can’t control everything [in the network] anymore,” MacDonald says.

Among the key features of an adaptive security infrastructure are security platforms that share and correlate information rather than point solutions, so the heuristics system could communicate its suspicions to the firewall, for example. “Then the firewall could block the IP address” while the signature-based scanner could create a new signature for the threat, MacDonald says.

Other features would be finer-grained controls, automation (in addition to human intervention), on-demand security services, security as a service, and integration of security and management data.

A major change with this model of real-time, adaptive security is shifting authorization management and policy to an on-demand service that contains details and policy enforcement that matches compliance and can adapt to the user’s situation when he or she is trying to access an application, for instance.

MacDonald admits that the reality of an adaptive security infrastructure seems futuristic and faces plenty of challenges in adoption, but there are some of the building blocks available today, such as virtualization, authorization management, and deep packet inspection, for example.

Among the trends driving this vision is the increase in targeted attacks, as well as what Gartner sees as an explosion in the number of perimeters given mobile users, network guests, and business partners, for instance.

http://www.darkreading.com/document.asp?doc_id=155538&f_src=darkreading_section_296

· 86 percent of respondents indicate that cyber crime has become a concern.

To help stem the tide, the survey recommends that a national cyber crime center be established where law enforcement and other agencies can work together to combat the problem.

http://www.securityinfowatch.com/article/article.jsp?siteSection=364&id=15726

“Customer and public confidence will drive security up the priority list, based on the increasing impact that evolving threats have on the reputation and issues relating to privacy violations,” stated the report stated.

About three-quarters of the security practitioners polled believe that worm and virus attacks are the top threat to their systems, followed by external attackers and inside employees. Half of those polled planned to gain additional training in security administration, and approximately a third planned to study either application and system-development security or network security.

http://www.securityfocus.com/brief/732?ref=rss

Howard Schmidt, a former White House security advisor, said the future of security lies in it being baked into systems, networks and processes. Schmidt added that consolidation in the sector was aiding that process with deals in the last couple of years, such as EMC buying RSA Security and Symantec combining with Veritas.

ISC2 board director Richard Nealon said security chiefs need increasingly to play a role in broader risk management, and applauded the role of regulations in mandating more secure regimes at organisations. “Until now, we’ve led a blessed life and our biggest threat was people who didn’t have a lot of malice, motivation, technology or education… They were script kiddies or enthusiasts, and most of the threats came from that vector.”

Now there is motivation and there is money to be made. They’ll produce a business plan, seek funding, allocate resources, and they basically do it for profit motives.

“Security used to be mainly technology then process, so you would have a technology control such as anti-virus or intrusion-detection, and a process such as patching and updating.”

ISC2 board director and consultant Peter Berlich said that although the profile of security is much greater than previously, the roles of chief security officers were still dependent on the nature of employers and industries.

http://www.cio.co.uk/news/index.cfm?RSS&ArticleID=2761

Secondly, the new malicious programs which had appeared in the last few months were also absent from the rankings, although there had been no indication that this would happen.

And finally, this month’s chart contains an increased number of worms which we’ve been detecting for years.This epidemic indicated that someone was preparing to create an enormous botnet.

Our old friend, NetSky.q, continues to lead the rankings this month, and Mydoom.m rose a significant nine places to come in second. The last time these two worms were in such close competition with each other was way back in 2004.

The only program which could more or less be termed new in the entire Top Twenty is another Trojan-Downloader.

All the representatives of the Zhelatin (Storm Worm) and Warezov families have disappeared from the rankings. Worms from the NetSky family have come to fill the void created by the absence of new epidemics, with three of the five programs re-entering the rankings in March belonging to this family.

Overall, March has been the most peaceful month that we’ve seen for a while.

http://www.net-security.org/qualys2008/rsa2008c.html