In efforts to boost security, Paypal, one of the premier internet online payment providers is moving to block users who use older browsers to prevent weaknesses that these browsers possess. They have found that many users online still use old Microsoft IE 3.0 and 4.0 which have ended their support life a long time ago hence they do not have the needed updated security updates that are necessary to conduct safe and secure online transactions with regards to payments and other related business. Paypal has had a lot of bad publicity with regards to phishing and infiltration where people intercept and go on fake bidding sprees just to get at the vital financial information that people usually share over the network. In hopes of boosting security, they will be using script detection to begin blocking users and that they do apologize for all the inconvenience this may cause the millions of users who may be affected by their move. This comes as the amount of identity theft and other crimes have increasingly entered their ranks ending in much stolen information that leads to credit card fraud. Being the biggest, they are the most viable target for such hackers and they are trying to boost security on that front of the deal.
This would hopefully prevent more cases from developing and that any new ones will be ‘nipped in the bud’ so to speak.
Paypal and eBay have offered select users with a distinct security keys using VeriSign passwords that is to be transmitted during payment transactions which aims to prevent interception of the transaction information as it travels through the internet. Unlike specific credit card transactions that travel through dedicated lines which are now slowly being protected by PCI-DSS for improved security, regular PC do not have that much security hardware installed to protect them from interception by hackers who could tap into the network getting all credit card information for illegal purchases.
Sans Institute – Gotcha!
The Sans Institute has identified and determined the source of infections to some 20,000 web sites since January through research and extensive review of web sites and how they work. They have identified the point of entry for these attacks which capitalizes on a sneaky tool that uses Google’s search engine as it searches for specific types of vulnerable applications. They have also found that the process is automated, meaning they were not “live” attacks which has a user on the other end initiating it. The search tool works by finding vulnerable software and then executes a simple SQL statement that injects a script tag onto the discovered site. The exploit was designed to target Microsoft Window’s ISS which once infected, has the ability to infect all who visit the site. The sad side is that again, the malware is found and has been traced to report back to China which enforces more need for security on their side of the globe.
Their people were so thrilled at the discovery which they called a “GEM” due to the scarcity of such discoveries in the wild (internet). Discovery of such Trojans and other malware allows prompt response and sending out of updated signatures to anti-virus software and other intrusion prevention tools that prevents the spread to continue. They may have been lucky this time for the majority of malware out in the wild are not only very complex in terms of coding but have the ability to morph into totally different forms as they travel from computer to computer through the internet. The best way to avoid such problems would be to stay off the internet, which is next to impossible due to the current prevalence of the said technology in our everyday lives.
Anti-Virus Programs – Losing Teeth
Recent studies are showing that having merely traditional Anti-Virus Programs Installed onto a computer is proving to be highly ineffective with today’s code morphing malware. The complexity and uncanny ability of these malware to change signatures defeats most if not all intrusion prevention systems. Hackers have also capitalized on the fact that users trust content that is seemingly from legitimate sources like the recent incident with a Goggle Mail application which is used to archive email from the email company’s servers which incorporated information gathering code. The problem was only found when a programmer unknowingly de-compiled the program and found an email address along with a log-in password to the program author’s mailbox. Upon using the derived information to get into the email account, he found several user information along with usernames and passwords of others who have used the program. He took drastic steps and deleted all information (email) he found not to be the author’s and informed the company which released the program about the incident. The developer simply said an error checking routine or some draft code was arbitrarily left within the released version. They promise not to do so in the upcoming versions of the said archiving program…. Yeah Right.
People have been warned again and again regarding the risk of getting free software and other free stuff that seemingly comes from legitimate sources (not the developer’s page) for they may have embedded payload which they unload once installed. Current Trojans also use swift actions to copy itself onto all peripherals(flash disk, digital camera, digital media players, PDA’s and other similar devices which can hide the code) attached to the system it infected so even a complete Operating System reinstall would only result in reinstallation if re connected to the same system. Other malware simply use the email addresses within certain programs like outlook and messenger sending out copies of itself to all those listed and infecting further computers as it travels all over the world.
The scenario has come to the point experts are talking about implementing a white list of sorts of all valid applications, sources for all legal and safe systems which are to be allowed access to their systems. This would have a sort of inventory program which keeps track from online sources of trusted sites and sources of files and rejecting those which are not included. Manual inclusion would be the Achilles’ heel of such an audit system for any wrong addition would again make it vulnerable to attack.
Economics – the driving force of Mobile Spying Malware
Experts have said it again and again and history has shown us that money is the root of all evil and so it goes the same for the development and eventual spread of more sophisticated malware intended for the ever growing mobile computing environment. Current malware is simple yet experts are warning users and other experts alike that it would only be time before some hacker develops a more robust and discreet form of malware that would circumvent standard virus scanners. As we have seen and read in news articles, these viruses, Trojans and other forms of malware are evolving so fast that removal and detection experts are finding it very hard to get one step ahead of them. In the time it takes to read this post, about 35 or so new types of malware would have been released into the wild to infect any of the millions of unprotected systems over the internet. The problem has gone into the pandemic stage that no system is safe for long. The soonest a new and more robust intrusion prevention and security system is in place, several new vulnerabilities in the computer systems we use are found and immediately exploited by hackers and their minion.
Economics or the promise of earning a buck from such malware creation and spreading is the major motivation for hackers. Say you get into the cell phone of your favorite Celebrity and get hold of private pictures, or get hold of a confidential report which lists the amount of funds along with the corresponding account information and much more information that one can sell quite profitably over the internet.
The Internet? Broken?!!? Naaahhh!!!
The internet has evolved into an uncontrollable organism or entity that no one can control. The wide scope and the millions of interconnected computers that make it up are all part of the system which makes it possible. Most IT experts that the internet is in need of an overhaul but the huge cost of making it better and removing all the problems that have been answered, that gave birth to several more problems is proving to be so hard to stop they defer it to the next time they get to it. There is much to be done with the internet, such as the establishment and replacement of ageing fiber optic networks that have failed before. Better equipment such as routers, switches and the implementation of back-up data transmission systems which would make it fail-proof would be a nice idea. Vulnerabilities which hackers capitalize on could be patched and repaired leaving less room for attacks. DOS attacks wherein data hubs are overloaded
True to this, most of the equipment in use by the internet has been gradually replaced with better and newer hardware but very vital links which cannot be turned off or hot swapped are prone to fail at a time or another. The failure of just one major link in the chain of inter-linked fiber networks can impact millions of users causing delays in internet use, millions of dollars of lost revenue for Internet based firms and other more sinister effects which could result in world turmoil. Imagine the network system of a small country which bought nuclear weapons off the black market can have these nukes launched beginning the end of all human life on earth. Banks which now use the internet for their transactional data transmission would have back-logged processing causing delays in millions of customer’s transactions.
The internet is indeed in need of a major overhaul yet the burden of cost and disruption is to prohibitive of such a move. It may happen sometime soon but with the current financial market crisis which is currently sweeping the globe, not in the too near future.
Financial Institutions – Prime Phishing Targets
Banks and other financial institutions are the most attacked institutions in the world which accounts for millions in losses according to RSA, one of the IT Industry’s leading security firms. The rise has been foreseen and predicted for many years yet banks are simply not taking it too seriously. Phishing involves the leeching of client information from bank networks for use in scams and fraud. This type of attack sits next to identity fraud and credit card fraud as the most expensive financial loss generators for the banking industry. The phishing attacks target mostly US based firms with the UK ranking second. Many countries are following as targets for phishing by hackers who aim to use the information they obtain for personal gains.
The banking industry is considered to be one of the most secure and IT dependent industries in the world but the diversity and sheer number of attacks is taking its toll on their systems prompting them to take notice. Credit Card fraud alone accounts for billions in losses worldwide that is suffered by financial institutions adding to that the newer types of attacks making it an IT Security Managers worst nightmare. In Europe, Germany is hailed to be the financial hub in the region yet it has managed to repel attacks which isn’t the same with it’s other neighboring countries. More strict legislation might be needed to deter criminals who now opt to use computers rather than a gun which is safer and involves less effort.
The Credit card Fraud problem is being addressed by the implementation of PCI DSS which is to secure and prevent hackers from getting card customer information while it is in transit over the network. The attacks now focus on more public domain which is the internet through social networks which is where most phishing attacks usually occur.