Click here to receive your FREE subscription to Campus Technology
Opinion
The (Campus) Empire Strikes Back
7/1/2008
CURRENT THREAT LANDSCAPE: Stealth Malware and the Lurking Botnet Pandemic
Simply put, the malicious software or "malware" threat has evolved substantially in recent years. Originally, viruses, worms, and spyware were characterized as single-vector threats; they set out to attack a sole vulnerability. They were fast and propagated randomly, victim machines were infected (but not remotely controlled), and hackers were motivated largely by fame. Signature-based solutions were effective in curtailing this type of activity for the most part.
Today's biggest security threats, however, are dynamic, multivector or blended threats that either combine weapons (worm, virus, spyware) to attack one vulnerability, utilize one weapon to target multiple vulnerabilities, or any combination thereof. For example, a directory harvesting attack could provide e-mail addresses, allowing attackers to send malware-laden e-mails that can infiltrate specific machines and then download further malware payloads.
Modern stealth malware evades traditional security controls through a variety of sophisticated schemes including disguise, mutation, and self-propagation. What's more, malware is now designed to move from one vector to another to exploit new vulnerabilities when former targets have been safeguarded. And operating systems have become more robust, making the application layer an attractive hunting ground for hackers.
Stealth malware is designed to covertly infiltrate or damage a computer system without the owner's consent or knowledge, and with the objective of controlling the victim's device to generate a profit. Once hackers gain control over a computer, they can execute any number of elaborate moneymaking plots. The compromised machines, known as "zombies" or "bots," are typically tied together by the thousands to create a complex, high-availability "botnet" capable of nearly any demise.
From data mining, espionage, and identity theft, to stock pump-and-dump scams and cyberterrorism targeting government infrastructures, "bot herders" (as bot hackers are known) leverage stolen computer power and unauthorized access to their fullest. Botnets are rented out, bought and sold, leveraged for particular projects, and otherwise utilized to generate recurring revenue streams.
In fact, botnets have changed the business of malware. Yesterday's attacks were crude attempts to derail business-as-usual, where hackers had little to gain other than some short-lived notoriety and a sense of conquest. Today's targeted attacks carry out criminal objectives with surgical precision. The spread of malware is driven by economic gain, and with each success the malware economy grows.
Not surprisingly, botnets now feed an entire black market economy run by organized crime rings that have little to lose and much to gain. So lucrative is the business model that experts estimate one quarter of the approximate 600 million web-enabled computers worldwide have been compromised by botnet malware.
Recommended Reading
- Emerging Tech Challenges
- Interesting Developments
New projector technologies and features offer improved picture quality, reductions in operation and installation costs, and challenge our ideas about where and how projectors can be used.
- 'N' is for Now!
With final approval of the emerging 802.11n standard tantalizingly close, forward-looking colleges and universities are deploying wireless "n" networks. Here's what you'll need to know for your own "n" initiative.
- Put It Online
- The Argument for Open
Is open source business intelligence software ready for prime time? Our feature contributor offers BI watchers the open source ammunition they've been waiting for.
- CT Briefs
