The high-profile disclosure over the weekend of the GhostNet cyberespionage ring that targeted 1295 computers in more than 100 countries underscores howhighly targeted and sophisticated attacks, often run by criminals, arechanging the security landscape, according to a security researcher atSymantec.
"How much is the (security) landscape changing? It's changingdrastically," said Joe Pasqua, vice president of research at SymantecResearch Labs.
GhostNet, documented in a reportreleased on Sunday by the SecDev Group's Information Warfare Monitorand the Munk Center for International Studies at the University ofToronto, used malware and social engineering to give attackers fullaccess to compromised computers. It also let attackers control thevideo cameras and microphones of these computers, letting them remotelymonitor activity in the room where the computer was located.
Editor's Musings: Geez, given that they would have "full acccess" I wonder if they would also be able to see PIN's clicked by a mouse with a software-based PIN Debit application. Nah...according to Acculynk's CEO it's designed "to frustrate hackers." Here's an excerpt from a previous PIN Payments Blog Post...but first, a sarcastic animated gif!
"Acculynk’s CEO Ashish Bahl counters that each click is encrypted in ways intended to frustrate hackers. Editor's Note: That's an interesting one. No details I can understand, but when hackers get frustrated they get motivated. Frustrating hackers, in my mind is not the level of security I want associated with PIN Debit for the Web)...The article continues:
At the same time, he adds, the resources necessary to predict when to start and stop screen scraping with each click would be cost-prohibitive even for determined fraudsters. Editor's Note: Cost prohibitive is relative to the potential return. Personal Identification Numbers are the "holy grail" for hackers. You have the PIN's and you the capability to empty bank accounts. So, in my humble opinion, there's no such thing as a "cost prohibitive" barrier when it comes to PIN's. Especially, if they're "determined." The "Holy Grail" is NOT a cost-prohibitive entity. It's something hackers would want to get their hands on "at all costs."
Read the entire blog post: Acculynk Most Closely Mimics Grocery Store Experience?
"It's another example of the sophistication of the types of attacks that are being put together," Pasqua said.
The highly targeted nature of GhostNet and similar attacks makes it difficult for antivirus vendors to respond quickly.
"Inthe old days, you had a threat that targeted hundreds of thousands ofpeople. It was extremely likely that Symantec was going to have a copyof it very early on and the vast majority of those hundreds ofthousands of people were going to be protected," Pasqua said. "Now youhave these targeted attacks that may only target a handful of people."
"Bythe time we get a sample, it can be too late. They've already gone andmorphed into another variant," he said. "There's no end in sight."
While there has been a lot of speculation that GhostNet was developed and controlled by the Chinese government, criminal groups are just as likely to be responsible for these types of attacks.
Continue Reading at PC World