Cyber Crimes 2010-2011 Round Up
“What sort of security measures are to be employed, the act of Cyber Crime tends to be picking up” surely it. not our quotes but quotes from Cyber crime pundits & researchers .An Upcoming trends in phishing attacks,increase in mobile attacks,threat to large organizations .Heard the recent Reuters news? “Cyber crime costs UK $43.5 billion a year: “and it’s a Global issue of expense as a result of Cyber crimes.It’s really a busy time for top security pundits to debate and research on.Well this post is a collated news on Cyber crime overview ,trends 2010- 2011 ,recent events & terms involved.
If it’s in UK then it’s in China,India, and globally so on…Specific country related Gov: are employing new serious offensive measures & laws regarding Cyber Crime.According to Cyber Crime research study The number of phishing attacks was up to 12% in 1st Quarter of 2011 as compared to the same period a year ago.The research also highlights the lack of awareness among world-wide IT security personnel regarding Domain name Service Security[DNSSEC] an other related security measures.Among the survey taken ONLY 5% of survey respondents said that their organization has employed DNSSEC.& 16% responds to obtain it in future.
Some notable Events and Points common in Cyber crime Attacks &Trends
- Hacktivism attacks like DDoS attacks-Those attacked included Famous Twitter, blogging platform Like WordPress also Piratebay,Paypal[last December].Also research especially indicates that those attacks were not mainly intended for financial gain too[Interesting isn’t it?]
- Does Cloud service protects from Cyber attacks ?An immediate “No” will be the answer.Malwares have been widely detected in several Cloud sharing services.
- Last famous ” Operation Aurora” attacks in U.S[The attack was first publicly disclosed by Google on January 12, 2010, in a blog post] clearly states that “Attacks with sophisticated and well resourced and consistent with an Advanced Persistent Threat attack” -Aimed at dozens of other organizations, of which Adobe Systems, Yahoo, Symantec indicates major Global threats.This can lead to completely damage a company reputation too.However this sort of ” Operation Aurora” attacks leads to some unprecedented changes too like Private sector firms in U.S[also world-wide] realized the pros and need for having a Secure enterprise environment,Google widely supported by Govt on this public disclose likewise.It was really an eye opener to various giants in Web& also this sort of attacks give advanced ideas to hacker community what to done next.
- Also attacks like “Stuxnet”[a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment] giving rise to threat on defense systems .And most threat as stated by researchers on this attack is that this operation was well Financed.i.e hackers are well sponsored by various organizations and Governments
- Hackers aims at stealing Digital signatures details, SSL details
- Wiki Leaks & Data Loss prevention : Does it’s a real threat? “The philosophy of all information should be public”-A quest remains?.But exposing an Intellectual or personal data & documents to public is a serious threat to countries defensive system.
- Cyber Attacks in the recent incidents against Sony’s PlayStation Network exploited severe software flaws .
- Lots of Government related websites around the world ,whether it’s U.S,India, Russia was mostly aimed by hackers.Research shows that In its first six months, 2011 has already been a banner year for cybercriminals and “hacktivists,” who’ve managed to hack into or disrupt the websites of several high-profile organizations.
- Recent major attacks against also include DDoS attacks against at least eight Tunisian government websites,Egypt’s official government websites,Nasdaq stock exchange attacks,DDoS attacks on Iranian government websites, attacks on Defence Research and Development of Canada,DDoS attack on WordPress,(DDoS) attacks hit various websites in South Korea,RSA security breach,SQL injection attack on MySQL.com[funny isn’t it- technology biting back],attack on Fox Broadcasting Company,hacker breached a computer server at NASA’s Goddard Space Flight Center ,take over of hundreds of Gmail accounts -Where is it Going?
Below are explanations of different types of cyber crime with the help of computer technology:
- Cyber security Disruptors leading to Business fails i.e some times new innovation , new technologies take time to adapt to the security environment and this will allow cyber attackers to gain into .So updating technology has got another view too.For eg:Mobile platform,IPv6,DNSSEC,Cloud solutions etc..Also TLDS[Top Level Domain System] & IDNS[International Domain Name System] could be a major security disruptor .Why it says so?.A IDNS – like the domain system that suits to a specific country like there would be localized domain names .The impact on this is blacklist[IP addresses] become unmanageable at enterprise level.Adopting IPV6 researchers claim that IP management & Deployment becomes a complex way.
- Cyber Espionage & Advance persistent threat::Most of the commercial industry in web are aware about Cyber Espionage:Cyber spying or Cyber espionage is the act or practice of obtaining secrets without the permission of the holder of the information (personal, sensitive, proprietary or of classified nature), from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using illegal exploitation methods on the Internet, networks or individual computers through the use of cracking techniques and malicious software including Trojan horses and spyware.
- Cyber contraband is transferring of illegal items through the internet.
- Cyber laundering is the electronic transfer of illegally obtained monies with the goal of hiding its source and possibly its destination
- Cyber stalking is expressed or implied physical threats that creates fear through the use to computer technology such as email, phones, test messages, webcam, websites or videos.
- Cyber terrorism & Cyber Warfare: usually is politically motivated violence committed against civilians through the use or help of computer technology.Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
- Cyber-bullying is “the use of information and communication technologies to support deliberate, repeated, and hostile behavior by an individual or group, that is intended to harm others”.
- Cyber theft refers the use to a computer to steal not just money but identity theft, fraud, malicious hacking, plagiarism and piracy.
- Cyber trespass is to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system. But instead going through private files and reading emails just for fun (snooping) and using wireless internet connection because they are available.
- Cyber vandalism is damaging or destroying data. This is when a network service is stopped or disrupted. Such an action deprives the owners and viewers to manage the information contained on the network.
- Assault by threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network such as email, videos, or phones.
- Child pornography: involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children
Now what preventions to be employed against these attacks.Most Security pundits claims of having a separate security culture whether it’s in an organization or as for personal.Having Govt: to have a better financial support specifically for Cyber security measures,research & innovative technologies .Preventing highly official intellectual data exposed to web or network.Selling authentication business to Security service providers For eg:Versign allowing Symantec,also Live cyber crime reporting service globally.
Also can refer to our earlier post on Web Hacking Threats
Note:This is just a collated news ,Due to lack of info if we miss any or gone wrong pls comment