Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42866
  • Total Topics: 16075
  • Online Today: 1585
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Cyber Criminals Gain in Sophistication With Integrity Attacks  (Read 2218 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Cyber Criminals Gain in Sophistication With Integrity Attacks



One constant in cybersecurity is the continual rise of sophistication and creativity of attackers. In 2016, we will see a fundamental expansion of their techniques, including the rise of integrity attacks.

The industry has become accustomed to traditional availability and confidentiality attacks, which are typically crude but often effective.

Denial of service attacks, for example, undermine the availability of websites, services, and resources. Flooding networks, deleting files, and redirecting traffic are some of the brute tactics. Such maneuvers have been around for a long time and are well understood. Security tools and services can control such risks.

Recent data breaches are a great example of confidentiality attacks, which have exposed the personal and business data of millions. Attackers tend to break in, grab all they data they can, and run. Not especially elegant, but it works. The security industry is rapidly gaining traction with tools and practices to prevent such compromises.

IntegrityIntegrity attacks are something new. They are more sophisticated, well planned, and executed. This effort to discreetly modify specific data or transactions and can be much more devastating.

The scale of impact is vastly different. It is not about selling credit card data or compromising ATMs for a few thousand dollars. Instead, it can create huge windfalls for organized criminals and advanced threats.

Last year researchers detected Carbanak, a malicious banking campaign that selectively modified a relatively small number of very specific transactions. This organized group stole $300 million to $1 billion in total from more than 100 banks, just by altering a few transactions. Successes like that reinforce continued activities and further investment by the attackers.

Modifying trusted communications is also on the rise. Even something as simple as taking control of a company’s email system can allow an attacker to conduct fraudulent transactions. Several incidents have emerged in which accounts payable departments have received “urgent” emails from executives to immediately send checks to overseas vendors. Completely fraudulent. The attackers were able to have an interactive discussion in email, successfully impersonating executives, to instruct funds to be transferred.

Ransomware, another example of compromising the integrity of just a few files that remain on a victim’s system, is also growing rapidly. Ransomware will be one of the scourges of 2016. CryptoWall, a popular ransomware package, fleeced more than $320 million last year from unfortunate victims who paid the extortion. Consumers, businesses, and even government agencies paid to have their access restored. The scale of ransomware has never been so great, and it continues to grow, fueled by its own success. The criminals benefit from the distinct advantages of this type of attack and will greedily continue for as long as they can.

When will these integrity problems be solved? Not for some time. They are just beginning to pick up. Integrity attacks are difficult to protect, detect, and recover from. The security industry has not yet adjusted to these emerging challenges, and attackers are taking advantage of the opportunity.

In 2016, sophisticated actors will pursue integrity attacks. This will be a challenging shift in the industry that everyone will have to work to overcome.

Original article: https://blogs.mcafee.com/mcafee-labs/cyber-criminals-gain-sophistication/
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising