SUMwarePremium
join:2002-05-21
kudos:2
1 edit | Cellphone Botnets, Blackmailing VOIP & Healthy Cybercrime From Dark Reading
October 15, 2008 - quote:
New report from Georgia Tech Information Security Center highlights the top threats for '09 and beyond
Cellphones will become members of botnets. VOIP systems will get hit by blackmailing denial-of-service attacks. The cybercrime economy will thrive, even as the global economy struggles.
"Compared with viruses and spam, botnets are growing at a faster rate," said botnet researcher Wenke Lee, an associate professor at GTISC in the report (pdf), which was released today at the GTISC Security Summit on Emerging Cyber Security Threats.
And it's not just your laptop or desktop that's at risk of botnet recruitment. One of the next big threats will be the bad guys injecting malware onto cellphones to infect them as bots. Those botnets then could be used against the wireless infrastructure.
GTISC's Lee said firewalls and intrusion prevention systems can't necessarily filter bot traffic, which increasingly is sent via HTTP so that it appears to be benign Web communications. Machines can get infected silently, via legitimate Websites booby-trapped with drive-by malware, and bot exploits are stealthier than ever.
Ryan Naraine, security evangelist for Kaspersky Lab, said in the report that corporate machines are members of some of the biggest botnets. "It takes the average corporation two to three months to apply a Windows patch across all devices, so malware and botnets will continue to take advantage of known vulnerabilities within enterprise environments."
Kaspersky said there will be a tenfold jump in malware objects this year, mainly due to identity theft and cybercrime focused on stealing data.
Other mobile threats on tap are increased attacks on smart phones as users deploy these devices for financial transactions, according to the report. And VOIP systems will also be abused. "Most people have been trained to enter social security numbers, credit card numbers, bank account numbers, etc. over the phone while interacting with voice response systems," said Tom Cross, a researcher with IBM ISS's X-Force team in the report. "Criminals will exploit this social conditioning to perpetrate voice phishing and identity theft."
"Malware transitioned to the criminal world just over three years ago," said Gunter Ollmann, chief security strategist for IBM ISS, in the report.
Ollmann says the cyber underground is split into three basic levels: criminals who use these kits to create malware for targeted attacks; skilled developers and technical experts who build components to embed into commercial malware-creation kits; and "managed service providers" who include services with this malware kits to "increase propagation and enabled organized fraud on a global scale, feeding gains back into money laundering chains," according to the report.
|
·
·