In this third and final part of our article series about risk factors, we will examine Human attack factors and Physical factors.
The previous article discussed different procedures and systems that could be invoked in order to mitigate risk. In subsequent parts we will examine areas at risk, starting with Electronic factors.
The aim of this type of initial risk analysis is to identify potentially vulnerable points that may be exploited if they are not sufficiently secured.
The special feature that THC-SSL-DOS offers, is that a DoS attack against a secure web server can be performed from one computer or just a few computers.
The ease involved in creating QR codes that links to web pages implies that this will be a popular way to facilitate the propagation of malware for mobile devices.
A successful attack is not particularly easy to carry out, as it depends on several prerequisites.
Computers do what they are told. This may result in consequences that are funny as well as dangerous.
You should exercise extreme caution if you are allowing access to your social network account from any application.
It seems obvious that the current certificate security model needs to be replaced by something that is less vulnerable for attacks from dedicated persons, organizations or governments.
Malware authors continue to pursue delivery mechanisms that can confuse different malware detection systems.
The target should be the illegal act itself, rather than the communication mediums that may be used in planning undesired activities.
Coordinated efforts between experts/authorities against cybercriminals seem like the most efficient method for combating cybercriminals. Different experts and authorities are then able to focus on the part of the criminal chain that corresponds to their ability and expertise.
Computer systems are becoming increasingly sophisticated and complex with components that are individually computerized. This increases the attack surface for cybercriminals, and represents a challenge for users and the security industry.
The steps that private users and organizations can take to protect themselves, are quite similar in character to protection of traditional computers.
Since the cybercriminals seem to shift from randomly directed mass attacks to more focused attacks, the total volume of spam will decrease.
It is almost impossible to protect completely against a targeted cyberattack against an organization.
We shall in this article focus on the PPI ecosystem and how this is used for malware distribution.
Even organizations, which presumably are more security conscious than most, have vulnerabilities that may be exploited by an attacker who has sufficient resources and determination at her disposal.
The web site (usually an infected site) that displays the message checks the browser visiting the site, and displays a warning message similar to the browser's real warning.
A default restrictive approach to public sharing of personal information will result in less information shared.
Recent weeks have shown that images are used as a malware spreading technique; particularly images that appear after performing a Google image search.
Users of the operating system Mac OS X have so far been quite safe from malware infections compared to those who have chosen Windows as the operating system platform.
As one of the largest companies in the software industry, Microsoft's policy will influence the way vulnerabilities are handled.
Blocked access to important information - particularly if adequate backup routines are not in place - may be disastrous for the person who becomes the victim of ransomware.
Anonymous characterizes itself as a hive and a nest. One potential issue with such free structures is the potential for different actions that may conflict with each other.
Whenever malware authors find new vehicles to spread their malware, the probability for success increases immensely.
Bots and botnets comprise one of the biggest threats to the Internet and its users. However, recent news report of a success story: beheading the spam botnet Rustock.
In previous security articles, we discussed the fact that cybercriminals use big events to spread malware. Not surprisingly - nevertheless disgusting - the recent events in Japan have inspired shameless exploitations by cybercriminals.
The RSA Conferences are among the most important annual security conferences. This year's US conference was held in San Francisco 14 - 18 February.
Dumpster diving is known as examining trash to find interesting items that have been discarded. This security article's title refers to examining digital trash, which for certain purposes may turn out to be useful.
In our security article last week, we discussed cybercriminals who targeted financial institutions in an indirect way. However, the major bulk of malware aimed at the finance sector puts the finance sector's customers at peril. One obvious reason is that the average end user's system presumably is less secure than the systems used by the financial sector.
During the last weekend, The Wall Street Journal published information that intruders had penetrated computer systems controlled by the company that runs the U.S. Nasdaq Stock Market. Nasdaq handles around 19% if all stock trading in the U.S. The trading system itself should not have been compromised.
Advertisements (ads) on the web have become part of a multi-billion industry. These days it is almost impossible to read news on the web without being overwhelmed by a plethora of ads for everything from cars to diapers. However, it is presumably not optimal to display the car ads to children. Nor are most teenagers particularly interested in diapers.
A new report, “Reducing Systemic Cybersecurity Risk”, has received quite a lot of attention. The report is part of the Organisation for Economic Co-operation and Development (OECD) Project on “Future Global Shocks”, and addresses the question: "How far could cyber-related hazards be as devastating as events like large-scale pandemics and the 2007-10 banking crisis?"
Several organizations, which monitor the email spam situation around the world, have reported that the amount of spam decined significantly during the end of 2010. This led to some speculation regarding whether email spam as a technique was being abandoned, and newer ways of tricking users were upcoming and preferred.
Sony's PlayStation 3 (PS3) has been viewed as one of the most secure gaming devices. Applications and games from other sources than Sony could not be installed and run on PS3, and a firmware update early in 2010 disallowed using other operating systems than the one set up by Sony. All this is now changed.
December is the month to look back on the year that is coming to an end. We will attempt to sum up the situation seen from a security company's point of view. The most significant data security incidents to mention from the year are the sophisticated malware Stuxnet and incidents in the wake of WikiLeaks publication of U.S. embassy cables late November.
Major events, happenings and in general all kind of things that create much notice, also leave in their wake a stream of malicious software.
Some years ago it was an established "fact" that a computer could not be infected by malicious software by visiting a web page. But technology evolves quickly and some facts may change when new technology emerges. These days web pages are perhaps the most used propagation vector for malware.
According to a posting 15 November on the blog belonging to the UK based organization Get Safe Online, one in four UK web users have been targeted by so-called cold calls.
In recent months there have been lots of rumors about the upcoming email system closely integrated with Facebook. More detaileds about this have recently been disclosed by Facebook, and we will examine some aspects of the new offerings.
This is the third article in a series about privacy and security in social networks.
This is the second article in a series about privacy and security in social networks.
This is the first article in a series, which will focus on security and privacy issues involved in participating in social networks.
We have previously advocated the view that endpoint security is just one of several tools needed to accomplish secure environments. This article will examine one particular threat against the Internet community and discuss how it may be overcome.
In a press release 25 October the Dutch High Tech Crime Team (THTC) of the National Crime Squad announced a successful takedown of a major botnet. 143 malicious computer servers were taken down from the internet resulting from collaboration with a Dutch hosting provider, the Dutch Forensic Institute (NFI), the internet security company Fox IT and GOVCERT.NL and the Dutch computer emergency response team.
The product testing organization NSS Labs has recently published its test report for the 3rd quarter 2010 - test results for 11 antimalware products for consumers. The most interesting finding from this report is that the security products' performance have deteriorated compared to last year. In this security article we shall examine the implications of this.
A message similar to the one in this article's title may seem like a nightmare for most of us, as we have become increasingly dependent - some even addicted - to using resources available on the Internet for necessary as well as trivial tasks.
Computer software evolves, and popular interpretation is to introduce new generations whenever fundamental changes arrive. If one looks at malware in the same manner, one may also classify different types into various generations.
This article will not go in depth with regard to how the different botnets function technically. We shall rather examine some of the ways botnets may be used, study one successful method used for fighting this threat, and finally discuss the idea of botnets used for benign purposes.
In August IBM Security X-Force published its Mid-Year Trend and Risk Report. The X-Force reports are always interesting reading, and this latest addition maintains the high standards. Lots of topics are discussed in the report. In our security article, we shall however focus on one particular finding.
Introduction Last week it was announced that the Dutch company NXP was selected to produce the new identification (ID) card for Germany. Starting from the beginning of ...
In later years dangerous malicious software for mobile phones and other handheld devices has been predicted and expected by several analysts. Norman, however has traditionally been among those more reluctant in predicting that the explosion of if malicious software for mobile devices is imminent. In retrospective it seems safe to say that our view has proven correct (so far).
An interesting news item has appeared in several UK-based media lately. Several end users have received phone calls from someone who present themselves as security personnel. The caller informs that the computer is infected by malware and offers to help. Varying social engineering techniques are used to persuade the recipient to allow the use of remote access software in order to "fix the problem".
In this Norman report on security issues during the first half of 2010, we will go through some incidents and tendencies. We will focus on those that Norman perceives as most important in these past six months.
A few days ago the Australian House of Representatives' Standing Committee on Communications published its report on cyber crime and security. This document has the ambitious title "Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime", and is an impressive, almost 300 pages reading with statistics, examples, and of course suggestions on how to solve the cyber crime problem.
Last week a researcher from Google, Tavis Ormandy, posted information about and exploit code for a new vulnerability in Microsoft's help and Support center.
We should have been expecting it - some did. Late May this year a researcher in the U.K. claims to be the first person in the world infected by a computer virus.
Over the years new ingenious words for security issues have come up. We have seen the neologisms pharming, vishing, clickjacking and slurping, just to mention some. This week a new one was born - tabnabbing. Which turns out to be more scary than most.
We have now looked into our crystal ball and believe that we see new types of systems, which in the near future will rapidly climb on attackers' ladder of priorities.
Lately some interesting news regarding Facebook and Facebook users have emerged on the Internet. We will use this as the basis for a general discussion about Facebook and some of the issues involved in using / depending on Facebook.
Earlier this month we wrote about a vulnerability in the PDF specification that could be utilized to run malicious programs embedded in a PDF file. Proof-of-concept code was published, and it was expected that real-life malware that used this technique might appear soon.
Malicious programs do increasingly rely on social engineering techniques to be able to propagate and successfully execute. Gone are the days when a tempting file name in an email sufficed. In this security article we shall examine variants of one of the more successful social engineering schemes.
The title may imply that this article is about subscription services for email checking, like Norman Online Protection. Rather not! This time we shall examine yet another way that criminal activity imitates legitimate business.
Domain names are a crucial part of the Internet's infrastructure. However, as we have shown in previous security articles, registration of special domain names may be used as an attack vector for spreading malware.
In our regular security articles, we have several times pointed out that security vulnerabilities and exploits are not restricted to "traditional" computers. We have predicted that several of the devices that our daily lives are filled with, may be exploited in the (near) future.
We have earlier discussed the fact that cyber criminals are getting increasingly sophisticated in their attempts to succeed in obtaining illegitimate gain. We will now look into an example of how illegitimate businesses imitate legitimate.
The Internet Crime Complaint Center's (IC3) report for 2009 has just been published, and is interesting reading. Not the least when comparing the actual submitted complaints to what is focused upon in the media.
December is the month to look back on the year that is coming to an end, and we will attempt to sum up the situation seen from a security company's point of view. The most significant observation to make from this year's malware activity, is that different social networks became a major target for authors of malicious programs.
Major events, happenings and in general all kind of things that create much notice, also leave in their wake a stream of malicious software.
Introduction Various aspects, which have to do with social networks like Facebook, Twitter, LinkedIn and MySpace, have been discussed in different security articles this year. This time we ...
In several security articles we have discussed the fact that new media and communication devices are successful vehicles for malware propagation. This time we will examine a type of application, which has not been focused upon - (presumably) neither by the malware authors yet, nor by commentators.
Identity theft is a term, which has become familiar during the latest years. More exotic - until recently - has been identity production with malicious intent. A new version of Koobface does exactly that - automatically.
This security article's title is perhaps slightly more "popular" than the article's contents may meet. Only slightly though. As we shall see, serious organizations consider the swine flu to affect the Internet severely.
Website advertising is an expanding industry. Several of the websites, which we visit each and every day - for leisure or as part of our work - have advertisements as a major part of their owner's income. Suffice to mention online newspapers and other magazines, search engines, information resources of other kinds and more. Unfortunately website advertising is also a substantial spreading vector for malicious software.
Open source development is an approach to the design, development, and distribution of software, offering practical accessibility to the software’s source code. The open source approach claims to have several benefits and advantages compared to a more closed approach to source development.
In the security article this week we will discuss using a particular type of computers - dedicated servers - as part of a botnet.
A new report about security risks was published this week. This report - "The Top Cyber Security Risks" - is a joint effort from the security organizations TippingPoint, Qualys, and SANS. In this week's security article we shall discuss one particular issue in the report - patching software.
Recently Norman's senior virus analyst Snorre Fagerland wrote about the malware W32/Induc.A in our security blog. This is a virus which infects the programming language Delphi. The result is that applications that are created with an infected Delphi environment are infected themselves. This has interesting implications as we shall see.
Last week the media was flooded by information about an attack on social networking sites like Twitter, LiveJournal and Facebook, allegedly with the intent to stop one Georgian blogger.
The time has arrived when it is useful to look back on the first half of this year, and attempt to sum up the situation seen from Norman as a security company's point of view.
The short URL functionality obviously has its merits. However, there are shortcomings and security issues that make the system in itself less secure than desired.
Software to set up any computer as an Internet resource has been freely available for a long time. However, the threshold to do so has been so high that not everyone has felt that this can be accomplished without some special skills. This situation may now change with a new initiative.
This security article's title may look like the intro to a fairytale told to by a criminal to her child. However, a family of malicious software (malware) that has appeared this year seems to make this fairytale come true for some…
Security organizations of different types have notified about perils involved for individuals as well as corporations, and the public sector in using the Internet. Unfortunately these warnings have often not been recognized with the sincerity they deserve. President Obama's speech is therefore a welcomed acknowledgement from the highest political level.
The first Internet killer application is by many considered to be email. Unfortunately email as a secure and reliable communication method has recently been threatened by ... email!
Another use of web servers has been on the rise as malware spreaders. This approach exploits popular terms to trick users to visit web sites that are by intent malicious.
The social network Twitter has become extremely popular in quite a short time. This time we will discuss this technological phenomenon from a sociological perspective, and use the most talked-about incident these days as a kind of case study - the swine flu.
"My house is ready for burglars", is not what you would typically shout in public or write as an advertisement in the local newspaper. Nevertheless this is exactly what lots and lots of computer users do on a regular basis, without reflecting upon what they really do.
This week started with significant media attention about a report, which showed that several computers owned by governments and international organizations were compromized. This includes several embassies world-wide and a NATO computer.
A new type of malicious software has recently been getting some media attention. The most interesting part of this is the fact that the malware's targets are not traditional computers. Rather does this malware attack different types of devices, namely routers and modems.
ATLAS views computer attacks from a global perspective and helps users predict future network attacks. It does this by analyzing data gathered from a variety of sensors.
"The cloud" is one of the new magic words used to describe new and fancy technology. Briefly the idea is that resources outside the organization's (or person's) own premises are used for computing. The use of resources outside the organization itself has some obvious advantages. However, it also has disadvantages - some of which are less obvious.
Security organizations are in constant battle with malware authors, trying to protect end users from being infected by "bad stuff". As we shall see in this week's security article, some undesirable side effects unfortunately occur from time to time.
The title of this week's security information does not refer to the celebration of an anniversary for the legacy PC operating system DOS. It is another of those neologisms that pop up continuously.
So far there has been no really dangerous malicious software targeting mobile phones. The New Year 2009 started with a new, interesting threat to mobile phones, which may change this picture.
In dit artikel over beveiliging richten we ons op de waargenomen beveiligingstrends in 2008 en kijken we kort in de glazen bol om te zien wat ons te wachten staat in 2009.
Major events, happenings and in general all kind of things that create much notice, also leave in their wake a stream of malicious software.
The use of money involved in online gaming has traditionally been only as an entrance fee to buy the game itself (if it is not free). This no longer holds true.
Recently we have seen that some of the major players on "the dark side" of the Internet community have been removed from the Internet. Malicious activity dropped instantly - and by an amazingly significant quantity.
There are some issues with security patches that in fact may render certain users more vulnerable. This apparent contradiction will be examined in this article.
The Internet Crime Complaint Center's report for 2007 was published this month. As usual, this is interesting reading.
Experts - self-appointed and a few other - often claim that malicious software (malware) is the ultimate tool for terrorist groups. This Security Information will attempt to analyze this claim.
Compared to the relatively innocent scheme of malware in the early age, it has changed into an activity for "geeks" that caused major problems for individuals and organizations, and further into an industry dominated by criminals.
The US' Internet Crime Complaint Center Internet Fraud Crime Report for 2006 has just been published and is interesting reading.
Het aantal veiligheidsincidenten is snel aan het stijgen en een recente studie toont in feite aan dat bijna 9 van de 10 bedrijven in 2005 ervaringen hadden met beveiliging incidenten.
The main security events during 3rd quarter 2006.
During the latest couple of years we have seen a significant shift in malicious software. This enforces new requirements to software that is supposed to protect against malware.
The Norman article from last year Big Brother is HEARING you ends with: "For now, happy VoIP, but... Be careful, you never know who will be listening in!"
Leading financial institutions are increasingly exposed to hacker attacks, malicious code and fraud attempts. According to a recent study the number of attacked organisations grew with 78 % the last year.
"Vishing" is combined of the two terms "Voice over IP" and "Phishing", and is exactly that: Using the increasing use of Voice over IP to trick someone revealing personal information, with the intent to commit fraud.
Een overzicht van de belangrijkste beveiliging incidenten gedurende het 2e kwartaal van 2006
Hackers that encrypt your files and demand money in order decrypt them are an increasing threat in the world of IT criminality.
One of the most prevalent and fastest increasing threats against IT security is the rise of zombie computers and botnets. Not only do they spread extremely fast, they are also able to do immense damage that can easily lead to large costs.
Beveiligings informatie week 14, 2006Januari 2006 1 januari: MS06-001, beveiligingslek Windows-metabestanden (.wmf)Het jaar begon gelijk goed met een beveiligingslek in de Windows-engine voor het weergeven ...
Researchers of the University of Amsterdam in The Netherlands have succeeded to successfully infect a RFID-chip (Radio Frequency Identification Device) with a computer virus.
Ecommerce en handel via het internet vormen nu al sinds een paar jaar een onderdeel van ons moderne leven. Het aantal transacties dat online plaatsvindt groeit gestadig. Echter ook het aantal pogingen tot fraude en bedreigingen van de veiligheid. Welke gevolgen zal dit hebben voor de toekomst van ecommerce?
Phishers (personen die u proberen op te lichten op het internet) richten traditioneel hun aanvallen op financiële organisaties; dat blijkt echter onlangs te zijn gewijzigd. De laatste tijd bestoken de phishers alle soorten organisaties, zelfs bedrijven in de gezondheidszorg.
The Internet is no longer a limited source of information or communication. Without the Internet you will have severe problems conducting several every-day tasks in today’s western society.
There are several securities issues involved in using the Internet for conducting corporate business, as well as issues involved in protecting individuals for misuse of their personal information. This article will discuss some of those
Threat is maybe not the first word that comes into your mind when talking about spam.
The first worm that spreads through handheld devices, like mobile phones, is observed. This is a "proof of concept" program without malicious code.
It is hardly controversial to claim that the end of February and beginning of March 2004 was the worst period ever regarding the sheer number of new mailicious programs threatening the Internet community. New variants of Bagle, MyDoom and Netsky were spread daily - sometimes even more than once per day.
In September 2003 Internet users and organizations experienced the most severe attack on the Internet infrastructure since the "Morris worm" in November 1988. The outbreak of W32/Sobig.F caused major problems because of the huge amount of emails flooding the infrastructure.
Security Information Week 8, 1999Several viruses have recently been created which utilize Internet protocols and applications in their behaviour.One such familiy is the W97M/Caligula viruses ...
Security Information Week 37, 1999 Introduction There has been some speculation in the media about lots of new viruses with payload 1 January 2000. Apparently this has ...
Security Information Week 49, 1999 As this year (and the millennium) approaches its end, time has come to look back on what we have experienced in ...
Security Information Week 9, 1999The IT department in an organization often uses vast resources to be updated on security risks associated with hardware and software ...
Security Information Week 25, 1999 This year we have seen three instances of malicious programs which caused severe damage all over the world: ...
Security Information Week 32, 2003
Security Information Week 40, 2002IntroductionOne of the ongoing discussions regarding security is about informing the public about new security risks. The two extremes are on ...
Has a person's ability to protect his private life from intrusion of any kind been diminished during the years that has passed since 11 September 2001?
Security Information Week 34, 2002 In August this year some news items appeared, which claimed that the year so far had been a quiet one for ...
Security Information Week 41, 2001 Introduction If the computer security community looks back upon the third quarter this year, this is probably not with happiness and joy. ...
Security Information Week 14, 2001 Introduction It is often claimed that security companies, security consultants and the antivirus vendors, are too eager to warn about different kinds ...
Security Information Week 6, 2001 Since computer viruses appeared for the first time the middle of the 80s, there has been a rapid development of these ...
Security Information Week 1, 1999 The computer magazines as well as other papers have recently published articles about a "new" kind of viruses - the so-called ...
Security Information Week 26, 2000SANS Institute's web site is one of the most useful resources to visit/use for those interested in computer security issues.One of ...
Security Information Week 1, 2000 It seems appropriate to use the Security Information for the first week in the new year to look back on what ...
In April 1999 a lot of people and organizations were paid a visit by the computer virus Melissa. This virus propagated so quickly and extensively that many compared it to the legendary "Morris worm."
