Hacking and Cybercrime Essay

The Symantec Global cyberspace Security Threat Report noted a shift in malicious activity to be emerging. The growing level of malicious figure activity has also resulted in the proposal of a new cybercrime bill. despiteful activity tends to addition in rapid growth in broadband infrastructure and connectivity. In January 2010, reports emerged that dozens of large companies had been compromised by attackers using the serpent Trojan. Typically, this typeface of attack begins with some reconnaissance on the part of attackers. Typically, this type of attack begins with some reconnaissance on the part of attackers.This displace imply publicly avail fitted information about the company and its employees, such as from favorable meshing sites. This information is then used to create specifically crafted phishing netmail messages, often referred to as spear phishing, that target the company or sluice specific staff members. These email messages often contain attachments that exp loit vulnerabilities in client-side application or links to websites that exploit vulnerabilities in web browsers or browser plug-ins. In 2009, 60 percent of identities exposed were compromised by hacking attacks.Which be another form of targeted attack. The hackers gained access to the company payment processing network using an SQL injection attack. The attackers then interjected malicious code design to assemble sensitive information from the network, which allowed them to easily access the network at their convenience. The attacks resulted in the theft of approximately 130 million credit card numbers. Web-based attacks lead replaced the mass mailing worm in this position. Attackers may use social engineering, such as in netmail messages, to lure a exploiter to a website that exploit browser and plug-in vulnerabilities.These attacks are then used to install malicious code or other applications such as rapscallion security software on the victims computer. Four of the sack five being exploited were client-side vulnerabilities were frequently targeted by web-based attacks. Two of these vulnerabilities were in Adobe Reader, while one was in Microsoft Internet Explorer and the stern was in an Active X Control. A Crimeware Kit is a musical instrumentkit that that allows slew to customize a piece of malicious code design to take away data and other person personal information.Crimeware Kits like zues make it easier for unequal to(p) attackers to compromise computers and steal information. These kit allow anyone who buys them to customize them to their own needs. The SpyEye Kit, is adjunct to stealing information, also has the ability to detect if a computer already has Zues installed and if so, to intercept its communications. Fragus Exploit Kit contains mechanisms to prevent buyers from reselling their copies of it. A side imprint of these kits is the creation of tens of thousands of new malicious code variants that may only be seen by a single use r.The volume of financial services e-mail also remained relatively unchanged in 2009, while the levels of financially point spam and phishing have remained relatively constant despite the recent economical downturn, attackers have made adjustments in their tactics. Symantec observed more messages advertising refinancing of debts and mortgages along with offers of loans or opportunities to earn money while working from home. This shows that attackers are able to rapidly adapt their social engineering techniques to better take expediency of current events and situations.Symantec expects attacks against web browsers and malicious code variants installed through these attacks to increase. One of the botnets joined to this ISP was Pandex. This botnet was responsible for as much as 35 percent of spam observed globally before dropping to 8 percent after(prenominal) the ISP was shut down. Spam Zombies that lack a critical command body are unable to send out spam. Additionally, a secu rity research worker allegedly attacked and disabled 250,000 computers associated with the Ozdok botnet.The volume of spam sent by both(prenominal) botnets recovered several days afterwards because unaffected zombies were instructed to significantly increase their spam output, indicating that these events may have been a large factor in the decrease of spam zombies in the United States. Symantec advises end users to use antivirus software, antispam software, firewalls, tool bar blockers, and other software- detection methods. Symantec also advises end users to never fracture any confidential personal or financial information unless and until they can confirm that any request for such information is legitimate.