Sony, Google, RSA and now Citigroup are just some of the prominent victims of cyber attacks as defenses at large organizations prove porous and attackers elude detection
By Larry Greenemeier | June 11, 2011 |19
PHISH AND CHIPS: Cyber attackers are known to break into poorly secured computers and use those hijacked systems as proxies through which they can launch and route attacks worldwide. Image: COURTESY OF ERWO1 VIA ISTOCKPHOTO.COM
Cyber attacks may not be a new phenomenon but the recent successes scored against high-profile targets including CitiGroup, Google, RSA and government contractors such as Lockheed Martin underscore the targets' current failure to block security threats enabled by the Internet. Malicious hackers use the very same technology that enables online banking, entertainment and myriad other communication services to attack these very applications, steal user data, and then cover their own tracks.
One common practice that attackers employ to evade detection is to break into poorly secured computers and use those hijacked systems as proxies through which they can launch and route attacks worldwide. Although such attacks are an international problem, there is no international response, which frustrates local law enforcement seeking cooperation from countries where these proxy servers typically reside.
Address unknown
Every day seems to bring news of some new cyber attack. "We're seeing more reports on invasive attacks on a much more regular basis," says Chris Bronk, an information technology policy research fellow at Rice University's James A. Baker III Institute for Public Policy and a former U.S. State Department diplomat.
The hardest problem in finding the source of these attacks is attribution. Each data packet sent over the Internet contains information about its source and its destination. "The source field can be changed [spoofed] by an attacker to make it seem like it's coming from someplace it's not," says Sami Saydjari, president of the cyber-security consultancy Cyber Defense Agency and a former program manager of information assurance at the Defense Advanced Projects Agency (DARPA).
"If your network is under attack and you're trying to find out who's doing it, purely technical means are insufficient for that," says David Nicol, director of the Information Trust Institute at the University of Illinois, Urbana–Champaign. "The way that we assemble complicated networks of computers until recently hasn't been done at all with security in mind except in a cursory way, and that's the fundamental problem."
By way of example, Nicol points out that he uses a virtual private network that connects to a proxy server before connecting him to the Internet. This enables him to encrypt data he sends over the network and protect the identity of his own Internet protocol (IP) address. "I do this to thwart information harvesting that commercial Web sites usually have," he adds. "I've got nothing to hide but that doesn't mean I want information about me harvested and sold."
Unfortunately, such tactics are also employed for malicious purposes. Cyber attackers use viruses, worms and other malware to take control of Internet servers or even personal computers, creating a network of "zombie" computers (also called botnets) under their control that they can use to launch their attacks. As a result, an attack may appear to come from a particular server or computer, but this does not mean the attack originated at that device, Nicol says, adding that often a string of proxies located in different countries are used in an attack, "greatly complicating the legal process of trying to piece it all together."
Ref:.blogs.scientificamerican.com
Popular Posts!
-
Levi’s 501 Shrink-To-Fit (STF) Denim – The Ultimate Guide AUG 15, 2013 | | by Alexander Ramos If I can summarize Shrink-To-Fit (STF) in ...
-
Chinese buyer pays CNY 180,000 for endangered fish By Mark Godfrey-June 30, 2016 See video- https://www.facebook.com/wunna.htun.94/videos/74...
-
Latest Blow For Thailand: No Longer World’s Tastiest Rice By Sameer Mohindru ...
-
The Best Bitcoin Exchanges Last Updated: 12 October 2017 When it comes to finding the best bitcoin exchange things are not all t...
-
Bitcoin exchange operator sued in Singapore An electronic market maker ...
-
我又来唱新年歌啦 翻唱一首歌,改了歌词,这首歌里拥有4种语言的分别为(马来语,华语,卡达山(沙巴民族),和英语。 希望大家喜欢 :) Here I come, covering a Chinese new year song. I did some changes t...
-
Design Th ere is no practical position of protecting patents and design per se in Myanmar although there has been the Science and T...
-
Mac OS X Server: How to reset the Open Directory administrator password Learn how to reset the Open Directory administrator password. ...
LEVIS JEAN SHOP!
Wednesday, December 21, 2011
Seeking Address: Why Cyber Attacks Are So Difficult to Trace Back to Hackers
Subscribe to:
Post Comments (Atom)
My Blog List
ONLINE SOFTWARE!
- Sophos Anti-Virus for Mac Home Edition version 8
- Adobe PhotpshopCS6 for MAC
- Adobe for for Macintosh!
- Antivirus for Mac - Complete Virus Protection
- Audio, Video, Business and More Software for Mac OS X!
- Avira Free Antivirus for Mac!
- ClamXav The Free Anti-Virus Solution for Mac OS X
- Download free software from Softonic!
- Freemacware!
- Mac Keeper Security Software!
- Opensourcemac!
- avast! Free Antivirus for Mac!
No comments:
Post a Comment