Posted on 12/27/2008 8:31:40 PM PST by Swordmaker
Twenty years after the release of the Morris Worm, one of the first worms discovered on the Internet, the Web has proven to be the primary place where bad guys lurk, looking for poorly secured websites to plant malicious code. And, they find plenty.
According to the 2009 Security Threat Report [PDF] from Sophos, one new infected Web page is discovered every 4.5 seconds. With that in mind, we thought we'd take a look at the top security threats you should be looking out for in 2009.
The Sophos research showed that over the past year the number of SQL injection attacks against innocent websites increased, a trend Sophos expects will continue next year.
Web insecurity, notably weakness against automated remote attacks such as SQL injections, will continue to be the primary way of distributing web-borne malware.
A recent report from the Internet Crime Complaint Center also points to an increase in SQL injection attacks in 2008, specifically relating to financial services and the online retail industry. Unfortunately, cyber criminals prey on the needs of Web users at any given time, and this time the economic crisis is their meal ticket.
The article is well worth reading if you're interested in how attackers compromise websites by SQL Injection or if you want ideas on how to reduce the likelihood of intruders gaining access to your private data.
In February 2008, Sophos confirmed a 'poisoned Web advertising campaign' on BBC competitor ITV's website that affected both Windows and Mac machines. While we've all seen Scareware, the pop ups designed to scare people into buying anti-virus software, this is the first time it has been seen for the Mac.
According to Sohpos, a Flash file was injected into traffic served up by ITV.com via third party advertising agencies. Designed to promote a program called Cleanator (Windows) or MacSweeper (Macs), the programs claimed to detect "compromising files" and encouraged users to purchase a full version of the package.
As websites often use third parties to serve up their advertising, Graham Cluley, senior technology consultant at Sophos suggests taking care when selecting agencies. "Website owners should ask the third party agencies they use what procedures they have implemented to positively vet the adverts that they deliver for malicious content or unsavory links.
With social networking on the rise, the bad guys have found yet another playground on the Web. The Sophos report reveals 1800 Facebook users had their profiles defaced in August by an attack that installed a Trojan while displaying an animated graphic of a court jester.
Gated sites appeal to the bad guys because they form a "launching pad" for mass distributing malware attacks and spam, like the recent Koobface Trojan which attacked both MySpace and Facebook and transformed victim machines into zombie computers to form botnets.
Twitter too has become a tool for cyber criminals to distribute malware and marketing messages. In many cases, the bad guys steal members' usernames and passwords and bombard the victims' friends with marketing messages or direct them to third party websites. With Twitter especially, it is difficult to discern where links are going due to the 140 character limit and the use of services that shorten URLs.
On the flip side however, Chris Boyd of FaceTime Security Labs at this years RSA Conference explained that social networking sites are incredibly useful for security researchers. "The people that create these things have been on social networking sites since the beginning; they need to be on them a lot to understand them intimately enough to exploit them. But many times they leave a trail online that we can use to track them, to find out things like their names, ages and friends."
While Mac malware is miniscule compared to Windows malware, Sophos recommends Mac users follow safe computing best practices and avoid complacency even though cyber criminals are more likely to stick to attacking Windows computers in the foreseeable future due to the higher financial incentive.
With so many Windows home users seemingly incapable of properly defending themselves against malware and spyware, it seems sensible to suggest that some of them should consider switching to the Apple Mac platform. This is not because Mac OS X is superior, but simply because there is significantly less malware currently being written for it.
Along with the scareware attack mentioned earlier, there have been other attempts to infect Mac computers in 2008: the OSX/Hovdy-A Trojan, the Troj/RKOSX-A Trojan, and the OSX/Jahlav-A Trojan.
While most malware and spam is produced as a result of financial incentive, with smartphones, Sophos believes malware will more likely be written by those wanting to make headlines. As neither the iPhone or the G1 has yet been the target of a significant attack, someone will want to be the first and claim the title.
Apple iPhone
According to Sohpos, iPhone users are more vulnerable to phishing attacks than their desktop counterparts for three reasons:
Google Android
Hackers are only just getting a real look at the Android OS so there is not much to report however, one security flaw was revealed only days after the G1 went on sale. The flaw, discovered by Charles Miller, a principal security analyst at Independent Security Evaluators, was in the browser partition of the phone. According to the New York Times, the flaw enabled keystroke logging software to be installed, making it an easy trick to steal identity information and passwords.
Additionally, while many are impressed with Google's open attitude to applications, others are concerned about the ease in which malicious software could be distributed and caution when it comes to downloading third party apps is advised.
Sophos predicts as more people purchase smartphones, creating threats will become increasingly attractive to cyber criminals: Imagine a generic Mac OS X attack made for the iPhone that could also cripple the Mac computer.
Cyber criminals will always be ahead of security experts simply because most of what the anti-malware providers discover is generally published for the public; the bad guys aren't as open with what they do. But, being aware of trends, keeping security patches up to date, and installing firewalls will do much to thwart the majority of attacks.
What security threats do you think we should be thinking about in 2009?
If you want on or off the Mac Ping List, Freepmail me.
We run Linux and Windows Vista, but all the same I would disagree with the comment here that the Mac OS isn’t superior. It is, it is inherently more difficult for outsiders to abuse, and if you don’t know anything about how to protect yourself, you should buy a Mac (or Linux) computer.
4 later
I don’t understand why these people aren’t in jail. Can you explain?
I couldn't do a key board shut down with it running...
I’d say the top consistent threat is idiotic users that despite multiple infections and hundreds of warnings still click on spyware ads and e-mail attachments.
SQL injection attacks still happen? I thought everybody learned how to code against this a long time ago. Most major database systems also have built-in safeguards.
IMHO, the only reason these may still exist is idiot programmers.
There are techniques that will popup what appear to be a window on Webpages... they are actually just a displayed movable, HTML graphic that looks like a Window... most of the time they look like MS Windows windows. They also demand that you click on them before you can do anything in the browser. If you get it again, try clicking on an area of the desktop that might be showing. That should clear your keyboard... however, the browser may still be waiting for input.
Same reason the Nigerian scammers aren't in jail... most of the malware authors are outside of our jurisdiction.
Listening to Kim Commando the other day and she said
-Spybot and Windows Defender at same time
-Zone Alarm
- Anti virus -— I like free Avira
Microsoft could have incorporated this into Windows at any time but were afraid of anti trust
Apple being the scrappy little competitor had no anti-trust concerns so was able to seamlessly integrate all these into the O/S so computer illiterates knew their computer was secure
I'd be willing to pay more for internet service restricted to the United State. And yeah, I won't be able to visit foreign news outlets, but that's a small price to pay. Why can't a US secure net exist?
Why don't you admit you really don't know anything about Mac OSX? There are no equivalents to Windows Defender, Spybot, Zone Alarm, or any anti-virus ware in OSX; it is just more robustly designed and built than is Windows. There are no daily or weekly scans done looking for spyware or viruses, no downloading of viral or spyware definitions, no cycle eating background security software needed.
By-the-way, most of the Mac users I know are far from "computer illiterates." Many of them are familiar with both Windows and Mac OSX. You are only familiar with Windows and are Mac illiterate.
Both of my home computers have become infected recently with scareware, specifically one telling me I have viruses and hawking something called Virus Remover 2009. I got both computers clean, but it took a lot of time and effort to do so.
I’d like to catch the @&*#^ who puts this kind of crap out and beat their sorry asses to within an inch of their life.
I was looking into a mac mini for a friend who expressed interest in one
This guy has never used computers, He is 75 or so
And you guys say Apples are easier for techno phobes
Maybe its Apple policy but no minis there
Only the other stuff which I test drove
Why don't you admit you really don't know anything about Mac OSX? There are no equivalents to Windows Defender, Spybot, Zone Alarm, or any anti-virus ware in OSX; it is just more robustly designed and built than is Windows. There are no daily or weekly scans done looking for spyware or viruses, no downloading of viral or spyware definitions, no cycle eating background security software needed.
Sorry for being so sloppy
You are undoubtedly more accurate on that one
Are there other programs or features you get right out of the box that smaller Apple can get away with but not anti-trust wary Microsoft?
Since Apple does not sell an OS for OEM purposes, it is not constrained by such anti-competitive quibbles as Microsoft who has been convicted of anti-trust violations for using their superior access to their OS to lock out other competing products.
Apple sells Mac a computer SYSTEM... the whole widget, with certain software included. They include, as part of that system, certain software that the user may choose to use. They do not "integrate" it into the OS so that other products that compete in those areas are at a disadvantage. In fact, Apple provides the tools to create competing applications of which there are numerous examples.
Apple will never be mainstream in corporate environments and either will linux as a desktop os. At least Microsoft has the will to produce server operating systems that integrate with its desktop os and support them. Sure they have made some mistakes but frankly apple doesn’t show any desire to move into that market with their gay little “widgets” and every version of linux is some sort of abortion. Microsoft applications are also superior and more widely used because they focus on individual aspects rather than the “whole”.
Obviously, you have never used a Mac, any of its software, xServe, or OSX Server... or are aware that Macs are one of the three completely POSIX compliant, certified UNIX™ operating systems in the world which has all of the UNIX networking and support options available.
Most Mac users are intimately familiar with the Windows environment and have chosen to use Macs for the personal computers instead of Windows because it truly IS superior to Windows. They have made an informed decision.
For example, I work in IT, running my own business supporting SMB in both Windows and Mac. I carry my MacBook Pro to all of my client, regardless of which OS they run. With a Mac, I no longer have to own any Windows machines to support my Windows using customers because the Mac can run Windows natively (faster and better than a dedicated machine) or in a Virtual Machine.
By the way, welcome to FreeRepublic.
Apple's only problem in the business market is that they don't aggressively market their products. OS X Server is a fully-functional UNIX™ with all the bells and whistles you expect from a server. More, it is easier to set up than other UNIXes.
Even better, OS X Server coupled with OS X is a much more tightly integrated solution than Windows. And since Apple knows all the hardware, that can even be controlled through group policy.
You probably heard the military cut off the use of USB keys and other external media. To enforce this they bought a certain piece of software at great expense, tested it, and installed it on tens of thousands of clients. Then they had to configure it and maintain it. They probably had some conflicts with other apps on the way too. What a pain!
On a Mac solution they would have used Workgroup Manager to disable external disk mounting across all clients on the network. One clicked checkbox, and it's done.
Also, the OS X monitoring and remote management tools are either included for free or cost a lot less than their Microsoft counterparts.
Microsoft applications are also superior and more widely used because they focus on individual aspects rather than the “whole”.
I don't quite get that comment. Mac applications focus on individual aspects as much as Winodws ones, but they work very well together. In fact, Microsoft Office for the Mac is generally considered superior to the Windows version.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.