In the past week several US media groups and one of the world?s most popular social networks admitted they had fallen victim to hacking attacks.
The spike in security breach disclosures highlights the persistent nature of hacking attempts on targets large and small ? and the relative scarcity with which they are made public. However, researchers say that the nature of those attacks are changing, from broad sweeps to more focused incursions seeking specific kinds of information.
Within days of each other, the New York Times, Wall Street Journal, Washington Post and Twitter all said that hackers had attempted or succeeded in gaining access to their systems.
Twitter said on Friday that up to 250,000 accounts ? many of them apparently belonging to its longest-serving users and employees ? may have been affected by an attack that it caught in progress.
Security researchers, who have long urged greater information sharing between organisations to help track attacks, have noted that one prominent admission of a breach makes it easier, or less embarrassing, for others to follow.
?After NYT, WSJ and Washington Post came out of the closet, this week was the perfect time to publish any news on getting hacked,? said Mikko Hypponen, chief research officer at F-Secure, a security firm. ?Maybe that?s why [Twitter] came out now.?
The string of attacks has raised concerns in Washington, where the White House is this week preparing an executive order to call for greater information sharing between the government and private companies around cybersecurity.
The National Security Council said it had ?substantial and growing concerns about the threats to US economic and national security posed by cyber intrusions, including the theft of commercial information?.
?We have repeatedly raised our concerns with senior Chinese officials, including in the military, and we will continue to do so,? the NSC said. ?It is vital that we continue a sustained, meaningful dialogue and work together to develop an understanding of acceptable behaviour in cyberspace.?
While Twitter did not provide any details on the nature or source of the incursion to its systems, the newspapers blamed Chinese attackers for the attacks on them. China?s foreign ministry has said such accusations were ?groundless?.
?I don?t think the Twitter and [newspaper] hacks are related?.?.?.? but they all fit the same profile,? said Ryan Sherstobitoff, senior threat researcher at McAfee Labs. ?What we are really looking at is an uptick in targeted attacks .?.?.? A trending topic now is the shift from mass data exposures to the more targeted aspects.?
In these cases, a likely method of hacking might see an employee tricked into visiting an infected website by a ?spear phishing? email that was designed specifically for its individual recipient, experts say.
The internet security world has been on heightened alert since mid-January, when a vulnerability was discovered in Java, a widely used software platform, estimated to put tens of millions of PCs at risk.
Oracle has issued patches for the vulnerability, but it can take time for personal users and corporate IT departments to install the patches. In the meantime, many experts, including at the US Department of Homeland Security, have recommended that users and companies disable Java altogether in their web browsers.
?If I had to guess, I would think that Twitter suffered a targeted attack ? and that the attack was linked to a Java exploit,? said Sean Sullivan, a security adviser at F-Secure Labs. ?Any number of developers could have been targeted and may have had Java engaged.?
Browsing the web provides many opportunities for attackers to gain access to a PC through an insecure web browser. From there, depending on the user?s security clearances, other parts of a corporate IT network may become accessible to the hacker, including more sensitive information not normally stored on PCs.
?Usually these attacks target a specific asset within the organisation, which they can then use as a beachhead,? said McAfee?s Mr Sherstobitoff.
Such a wide threat, as created by the Java weakness, puts not only users of online services at risks, but potentially their providers too. Twitter said it believed other internet services had also been targeted by its attackers, although none have yet come forward.
Social networks and providers of other internet services such as email have always had to keep a careful balance between ensuring sufficient levels of security and making their products easy to use ? often an awkward compromise.
?The problem is security and usability are two things that never go hand in hand,? Stefan Tanase, senior security researcher at Kaspersky Lab, a security software provider, said in a blogpost preceding Twitter?s announcement. ?If you want one, you have to forget about the other.?
Nonetheless, internet companies have stepped up their efforts to secure their users. For example, Facebook uses several security companies, including McAfee and Kaspersky, to screen links to malicious websites and prevent its users from clicking through. Google offers a free smartphone app that can be used to generate a second password.
The scale of the problems caused by the new wave of ?bespoke? malicious software is hard to guess.
?The whole point is that siloed malware will not be detected that quickly,? said Mr Tanase. ?There are thousands of organisations that do not know they are infected and some that do but are not willing to speak.?
Additional reporting by James Politi in Washington
encyclopedia brittanica nfl free agency jonbenet ramsey jason campbell doobie brothers jennie garth peter facinelli marques colston
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.