Category: Trends

The painful indication of these 2006 attacks is that there seems to be a trend of e-commerce businesses themselves using e-space to launch DDoS attacks or hack websites of their rivals. Mr. Nguyen Hoa Binh (Director of PeaceSofts chodientu.com), Mr. Phung Minh Bao (VietCo JSC) and Mr. Vu Trung (Director of Nhan Hoa) all said that somebody must be playing foul.

According to VNCERTs report titled “Increasing Co-operation in Preventing E-Commerce Crimes which was read at the November 9 conference, the most popular unhealthy competition method among Vietnamese e-commerce businesses was to “hire hackers to destroy rivals operations. VNCERT warned of 5 common e-commerce crimes: 1 International swindling through emails (phising); 2 Falsifying, transacting and laundering money through credit cards; 3 Developing bot networks to refuse services, send spam emails and pops-up; 4 Attacking e-commerce systems for business and competition reasons; 5 Sending spam emails to Vietnams e-space on a large scale.

Looking ahead to what will be awaiting e-security in 2007, many worry about the prospect of the large-scale online destruction and mushrooming of botnets developed by Vietnamese hackers for commercial reasons.
These botnets are chiefly engaged in such activities as sending spam emails on a large scale, phising, stealing information, refusing services or laundering money. In the near future, Vietnamese hackers may catch up with foreign ones in setting up their own ingeniously destructive networks. It is now unclear how ISPs and responsible authorities will face the new e-security trend in e-commerce in 2007. But according to Mr. Hoang Ngoc Dieu, an expert on e-commerce solutions in Sydney (Australia), as well as the HVA forums administrator, 2007 will be the threshold year of Vietnamese e-commerce.

http://english.vietnamnet.vn/biz/2007/01/654412/

“Identity theft is a global phenomenon that threatens all of us, which means we all need to become more aware, more vigilant and less trusting to protect ourselves,” said Jeff Green, senior vice president of McAfee Avert Labs.

The white paper reviews identity theft techniques, from non-technical approaches like dumpster diving to sophisticated keyloggers that monitor computer keyboard keystrokes to steal online usernames and passwords. The McAfee Avert Labs white paper concludes with practical guidelines for preventing identity theft and minimising the risks of being victimised.

http://www.itbsoftware.com/pr/11971

Indeed, recognising that money is now the driving force behind most malicious hacking attempts, the local financial sector has already taken steps to tighten security for their Internet transactions. This comes after several attempts by hackers to spoof the online banking portals of local banks, with OCBC falling prey to such a phishing scam earlier this year. To meet a mandate spelt out by the Monetary Authority of Singapore, banks operating in Singapore have all rolled out so-called two-factor authentication tools in the last few months.

Threats have become Web-based and these have exploited those who have become comfortable with making transactions online,’ added Trend Micro’s Mr Chong. While technology-based defences are improving, they must be complemented by a security-conscious mindset to be more effective. ‘It has been especially challenging trying to educate Singaporeans about the risks on the Internet and thus to educate them on how to get protected,’ said Mr Chong. ‘In Asia, consumers are still thinking about virus attacks on a big scale, while the consumers in the US and Europe are already feeling the impact of targeted attacks that have caused financial losses through the compromise of their personal information,’ he added.

http://business-times.asiaone.com/sub/bizit/story/0,4574,218959,00.html?

The fifth most significant danger was identified as zero-day threats, which accounted for between 10 and 15 per cent of all threats blocked by ScanSafe in 2006.

The sixth prediction is the death of the perimeter, where remote and roaming users pose significant challenges to traditional notions of perimeter security.

Even more concerning is that, according to the Business Performance Management Forum, 40 per cent of enterprises do not have policies to secure mobile devices.

While this will result in lower telephony costs, it will also open companies to a wide variety of threats that are not necessarily being contemplated because many companies still do not perceive a VoIP phone as a ‘computer’. The result is that VoIP devices and servers will be subject to the same type of vulnerabilities as any other computer, including denial of service attacks, theft of service, fraud and phishing attacks.

Finally, no 2007 web security predictions would be complete without a reference to Microsoft’s Windows Vista and Internet Explorer 7. ScanSafe believes that Vista will probably not see widespread deployment in enterprises in 2007, and that corporate users will remain the weakest link in the chain because Vista is not designed for centralised management or reporting.

http://www.pcw.co.uk/vnunet/analysis/2171428/christmas-keep-ahead-hackers

This prediction is part of Gartner’s 10 key predictions that showcase the trends and events that will change the nature of business and IT in 2007 and beyond.

http://www.it-observer.com/news/7010/gartner_75_networks_have_undetected_malware/

Sommer said he doesn’t believe there is a “magic number” for calculating when the cost of RFID technology will be low enough to trigger widespread adoption. “We’ve seen where the tag itself, the semiconductor with the antenna, has gotten down to the 10- to 17-cent level,” he said during a recent interview, adding that the prices vary depending on how companies deploy the technology.

Eventually, when RFID is used in personal items such as clothing, retailers are likely to use technology that allows consumers to have the tags “killed” at checkout counters.

First, companies must train or hire people who have mastered the technology. “Few people understand how to tag goods to make sure they’re readable and how to configure readers in order to make sure they work,” Sommer said.

http://www.informationweek.com/news/showArticle.jhtml;jsessionid=GQ2KNKRGEDPBYQSNDLRSKHSCJUNN2JVN?articleID=196603236