What's with attack toolkits and malicious websites?

What do you do with attack toolkits and malicious websites? Well, nothing much, unless you are attacked! And then, you run around, trying to restore your lost website!

According to Shantanu Ghosh, VP, India Product Operations, Symantec, attack kits are more accessible, relatively easy to use, and are being utilized much more widely. They are also driving faster proliferation of attacks. The profitability of attack kits has attracted criminals who would otherwise lack the technical expertise for cybercrime, fueling the growth of a self-sustaining, profitable, and increasingly organized global underground economy. These are the key findings from Symantec.

Attack kits allow unskilled attackers to enter the market with sophisticated tools. Attack kits feature easy to use icon-driven GUIs that include checkboxes and pull down menus. Centralized administrative interfaces provide easy access to various toolkit functions. Also, the increasing sophistication and “user-friendly” features is further evidence of the increasing organization and profitability of the underground economy.

Ease of use
Statistics and information on compromised hosts can be gathered for further use. Tasks can now easily be done with a few clicks of the mouse.Complex exploits are simplified for the toolkit user.

Increased utilization
Toolkits account for nearly two-thirds of all threat activity on malicious websites. As kits become more robust and easier to use, this number will likely climb

Faster proliferation of attacks
New exploits are quickly incorporated into kits. This allows newer attacks to proliferate rapidly so they are seen by more users soon after release. A single attack kit installed on a popular website can exploit a large number of users in a short period of time.

Profitability
Toolkits are relatively easy to find for purchase through simple Web searches. Advertisements can be found on the underground economy and web forums. Both creators and users of kits profit from them. Creators profit by selling the kits while users profit through information theft.

Malicious web pages
During this reporting period, Symantec observed more than 310,000 unique domains that were found to be malicious. On average, this resulted in the detection of more than 4.4 million malicious Web pages per month.

Attack frequency
Frequency of attacks rises when new exploits are released, then declines over time. As new kits become well known, sites hosting them are shut down faster and more often.

Malicious websites by search terms

Malicious websites: Source: Symantec.

Here are the categories of search terms that led to malicious websites. Blackhat search engine optimization is often used to lead users to malicious sites through searches

The Symantec Report on Attack Toolkits and Malicious Websites, developed by the company’s Security Technology and Response (STAR) organization, is an in-depth analysis of attack toolkits.

The report includes an overview of these kits as well as attack methods, kit types, notable attacks and attack kit evolution. It also includes a discussion of attack kit features, traffic generation and attack kit activity.

12.971606 77.594376

Round-up 2010: Best of electronics, telecom and technology

Year 2010 has been a good year for the global electronics industry, rather, the technology industry, coming right after a couple of years of recession. Well, it is time to look back on 2010 and see the good, bad and ugly sides, if any, of electronics, telecom and technology.

Presenting my list of top posts for 2010 from these three segments.

ELECTRONICS

Electronics for energy efficient powertrain

Photonics rocks in India @ APW 2010, Cochin!

Plastic Logic’s QUE proReader looks to mean business!

Growing Indian power electronics market provides host of opportunities

Philips focuses on how interoperability, content sharing drive CE devices!

Apple never ceases to amaze!

Is this a war of tablets, or Apple OS vs. Google Android?

India needs to become major hardware player!

Roundup of day 2 @ Electronica India 2010

Strategic roadmap for electronics enabling energy efficient usage: Venkat Rajaraman, Su-Kam

NI stresses on innovation, launches LabVIEW 2010!

What’s Farnell (element14) up to? And, semicon equipment bubble burst? Whoa!!

Bluetooth set as short range wireless standard for smart energy!

View 3D TV, without glasses, today!

Indian medical electronics equipment industry to grow at 17 percent CAGR over next five years: ISA

Top 10 electronics industry trends for 2011

TELECOMMUNICATIONS

LTE will see larger deployments, higher volumes than WiMAX!

LTE should benefit from WiMAX beachhead!

Context-aware traffic mediation software could help telcos manage data tsunami: Openwave

Mobile WiMAX deployment and migration/upgrade strategies

Upgrade to WiMAX 2 uncertain as TD-LTE gains in momentum!

Tejas celebrates 10 years with new products for 3G/BWA backhaul

Focus on gyroscopes for mobile phone apps: Yole

Bluetooth low energy should contribute to WSN via remote monitoring

INSIDE Contactless unveils SecuRead NFC solution for mobile handset market

How are femtocells enhancing CDMA networks?

Top 10 telecom industry trends for 2011

TECHNOLOGY

Symantec’s Internet threat security report on India has few surprises!

Epic — first ever web browser for India, from India!

Norton cybercrime report: Time to take back your Internet from cybercriminals!

NComputing bets big on desktop virtualization

Brocade launches VDX switches for virtualized, cloud-optimized data centers

It isn’t an easy job tracking so many different segments! 🙂 I will try and do better than this next year!

Best wishes for a very, very happy and prosperous 2011! 🙂

12.971606 77.594376

Norton cybercrime report: Time to take back your Internet from cybercriminals!

Do you possess sound Internet etiquette? Are you careful while using social networking sites? Do you trust others and share your online details? How many of you think cybercrimes are ‘usual’ going to ‘critical’? Are you even aware of any cybercrime? Who would you turn to for help, if you were attacked online?

Norton from Symantec today released the Norton Cybercrime Report: The Human Impact in India. It covers 14 countries: Australia, Brazil, Canada, China, France, Germany, India, Italy, Japan, New Zealand, Spain, Sweden, United Kingdom, USA, covering 7,066 adults. This report tries to answer some (or most) of the questions above!

Norton collaborated with Anne Collier, independent expert advisor on Internet safety.

Effendy Ibrahim, Internet safety advocate and consumer business lead, Asia, highlighted the key points of yhe Norton Cybercrime Report. These include:

* A silent digital epidemic — of victims who feel powerless.
* People feel ripped off and pissed off — and lacking confidence that criminals will be brought to justice.
* Moral compasses not pointing true north — a grey area when it comes to online morals and ethics.
* People trying to protect themselves, but coming up short —  Common sense is not the best defence.

The silent epidemic

Cybercrime -- the silent epidemic!

Globally, 65 percent of the people have fallen victim to cybercrime! However, nobody seems to be talking about it! In India, 76 percent have fallen victim to cybercrimals. Only 3 percent of the global poplulation do not expect to fall victim. In India, this number is only 8 percent!

Also, 79 percent globally do not expect cybercriminals to be brought to justice. And, 57 percent Indians do not expect cybercriminals to be brought to justice either! Not very encouraging figures!

Falling victim to cybercrime can leave people feeling angry, annoyed, frustrated, violated, cheated, upset, helpless, and so on and so forth. I’ve experienced this feeling, and it was definitely similar!

Some other interesting findings from Norton’s report. Indian adults feel highly responsible for phishing — 85 percent, online scams — 81 percent, and computer viruses/malware attacks — 88 percent. It seems that Indians practice bad Internet etiquette!

And, when in trouble, who do the victims contact in India? The survey says, 46 percent call their bank, 40 percent contact the website, and 37 percent call the police!

Around a quarter of victims take a DIY approach to sorting cybercrime. Unfortunately for them, the Norton experts say that the actions they are taking won’t necessarily help them, and may not even be safe.

For instance in India, 53 percent restrict the websites they visit. This only limits people’s enjoyment of the Internet. Security software, with a search advisor tool, will let you know if a site is safe.

Next, 38 percent get a family member or a friend to sort things out. Well, many threats go undetected by out-of-date or incomplete security solutions. So unless your friends are security experts, chances are that you will still be vulnerable. Finally, 32 percent try to identify the criminal and seek justice. This is not easy. Therefore, it is always advisable to work with law enforcement agencies, rather than go it alone. Read more…

12.971606 77.594376

Intel's McAfee buy: Too few answers to too many questions, for now!

Yes I know I am a little late with this due to various reasons, but better late than never! On August 19th, Intel literally shocked the IT and information security world with its acquisition of McAfee for a whopping $7.68 billion approximately! Startled, a lot of folks started asking around as to why Intel did such a thing! Is Intel even doing the right thing in the first place?

The world boasts of several magnificent gadgets and devices — mobile phones and smartphones, Internet connected TVs, Wi-Fi enabled eReaders, the iPads, portable navigation devices with wireless interfaces, and so on and so forth! Now, how many of these devices actually boast of great security? Aren’t most of those unprotected?

With so many devices, besides smartphones, getting connected to the Internet every day, and with little or no on-board or ‘in-house’ security in place, this move is perhaps a masterstroke on Intel’s part!

But then, not all of such devices would run on Intel’s chips either! So? How will Intel control the hardware security market and create a monopoly — as some have been pointing out? Or, is there a much larger, hidden picture, which will get revealed over time?

Or, has this been done with the intention to rule the mobile security market, or well, security within the chip, or even device security or hardware security? Also, will this signal the end of malware?

And what about McAfee itself? Will this signal an end to all of its wonderful product development now that it will be part of Intel? What about its customers? Will some of its top executives march out? Intel says that McAfee will continue to run as is, and one hopes that it is maintained.

Personally, I was keen to know what Symantec thought of this acquisition. The company stated: The announcement by Intel to acquire McAfee emphasizes the growing relevance and need for security protection that extends beyond the PC and acknowledges Symantec’s ongoing strategy.

However, Symantec believes it is important to focus security on identities and the information people need to access, independent of the device they may be using. That will require security to work seamlessly across multiple platforms as users switch devices to use, store and transmit information anytime and anywhere. Symantec offers a broad portfolio of security and management solutions that protects customers from the largest enterprises to SMBs to consumers. Read more…

12.971606 77.594376

Symantec's Internet threat security report on India has few surprises!

Actually, no surprise, really! India is definitely shooting up — in the wrong direction — as far as Internet threats are concerned! The India edition of Symantec’s Internet threat security report, presented by Vishal Dhupar, managing director, Symantec India, has several key findings that will make you sit up and think! Let’s start!!

Vishal Dhupar, managing director, Symantec India, presenting the Internet threat security report, India edition.

Here are just two among the many data points. One, India, Brazil and Poland — all witnessed growth in malicious activity. In 2009, India accounted for 15 percent of all malicious activity in the APJ region, an increase from 10 percent in 2008. Also, 19 percent of the attacks targeting India, originated in India itself in 2009. So, India is rising — both as the country of origin and a target for attacks! Wonderful!

Another one: after the US, Brazil and India are prominent among the countries where Web-based attacks originate. Okay, India was also one of the highest ranked countries for Zeus infections in 2009!

So, the key findiings of the threat landscape are as follows: The underground economy remains unaffected by the global economy. Hence, users are still plagued by Web-based attacks. Targeted attacks focus on enterprises — no surprise! Next, attack kits make it easier for novices to indulge in information theft. Finally, malicious activity takes place in emerging countries (read India, among them). I will deal with all of these a bit later.

Dhupar elaborated on some best practices as well that we all — enterprises and end users need to follow. These include:
* Defense-in-depth strategies
* Proactive policy based approach to security
* Test security, and update definitions and patches.
* Educate management on security.
* Emergency response procedures with backup and restore.

As for the way ahead, cybercriminals will continue to innovate to fuel the underground economy. New age Internet technologies and usage will encourage novel propagation vectors. The global scale and origin of attacks requires international co-operation. Read more…

12.971606 77.594376

Reputation based security protects you from malware

(L-R): Shantanu Ghosh, VP, India Product Operations, Symantec and Joe Pasqua, VP, Research, Symantec.

Information is everything in today’s connected world! According to Joe Pasqua, VP, Research, Symantec Corp., there are 487 exabytes of data globally, growing at 51 percent annually.

Speaking about the innovative work being done at Symantec Research Labs, he said, it was the Labs’ endeavor to bring together technologies and products in new and interesting ways and help solve problems. “We have a customer centric approach to innovation,” he said.

Symantec Research Labs develops cutting edge technologies to solve real-world customer challenges in security, storage and systems management. It does core research, advanced concepts and collaboratve research.

According to Pasqua, reputation based security changes the manner in which you can protect yourself from malware. It was noticed a number of years ago that there were more of malware. “So, we decided to create a reputation score for every piece of software.”

Symantec Research Labs has an extensive and successful track record. These include core security technologies such as reputation-based security and Browser Defender. Other areas include consumer cloud services, infrastructure software, etc. Pasqua provided a sneak peak of the Symantec Mobile Reputation Security (SMRS) research prototype as well.

More details in a while.

12.971606 77.594376

Top trends in cyber crimes you need to watch out for!

Here’s part two of my conversation with Gaurav Kanwal, Country Sales Manager – India, Consumer Products & Solutions, Symantec. Here, we discussed trends in cyber crimes, how users can protect themselves against malware, phishing and other attacks, and some India based statistics.

Top trends in cyber crimes
What are the trends that Symantec has been seeing in cyber crimes today? Are any new trends appearing?

According to Kanwal, today’s online thieves will stop at nothing to steal anything you’ve got: your money, your identity, even your good name. Their methods are getting more devious and sophisticated every day. Cyber criminals then sell the information on the online black market. Some trends that Symantec has recently witnessed include:

Explosion of malware variants: Significant changes in the threat landscape over the last few years have dramatically altered the distribution profile for new malware. Today, instead of a single malware strain infecting millions of machines, it is much more common to see many millions of malware strains, each targeting a handful of machines.

Advanced Web Threats: Threats are becoming increasingly sneaky and complex. New scams, such as drive-by downloads, or exploits that come from seemingly legitimate sites, can be almost impossible for the average user to detect. Before the user knows it, malicious content has been downloaded onto their computer.

Social Networks: Online social networking continues to rise in popularity due to the numerous opportunities it provides. Social networking also provides phishers with a lot more bait than they used to have. Threats can come from all sorts of avenues within a networking site. Games, links and notifications are easy starting points for phishers. As society picks up one end of the social networking stick, it inevitably picks up the security problems on the other end.

Rising Spam Levels: We may not want it, but it still keeps coming. In October 2009, about 90 percent of all email messages were spam. The overall amount does fluctuate, but on average, the levels of spam have primarily risen rather than fallen. Big headlines almost always lead to more spam, and major headlines from 2009, such as the death of Michael Jackson, the H1N1 flu outbreak and the Diwali festival are examples of this. Furthermore, according to a recent Symantec report, spam and phishing information was the 2nd most requested item on the cyber mafia’s underground economy.

Malvertisements and scareware: Cybercriminals have figured out how to deceive people by presenting counterfeit messages. Examples of this include malicious advertisements or “malvertisments,” which redirect people to malicious sites, or “scareware,” which parade as antivirus scanners and scare people into thinking that their computer is infected when that’s not the case.

To encourage users to install rogue software, cybercriminals place website ads that prey on users’ fears of security threats. These ads typically include false claims such as “If this ad is flashing, your computer may be at risk or infected,” urging the user to follow a link to scan their computer or get software to remove the threat.

According to a recent Symantec study, 93 percent of software installations for the top 50 rogue security software scams were intentionally downloaded by the user.

As of June 2009, Symantec has detected more than 250 distinct rogue security software programs. To make matters worse, some rogue software installs malicious code that puts users at risk of attack from additional threats.

Read more…

Top 10 Oxymorons in IT management

These are based on comments from Mike Vizard, Editorial Director, Ziff Davis Enterprises at Symantec Vision 2007 in Las Vegas. Would love to hear from you about your preferences, and what you feel about these.

1. Systems management — Well, you can’t manage what you don’t know you have!

2. Storage management — Seeing the utilization rates of 10-15 percent today would suggest that there is very little management of storage going on today!

3. Security management — We have lots of cops for security and IT, but it seems there are no headquarters for them to report to!

4. Network management — Sending packets is like launching a fleet of trucks, hoping that they will reach somewhere, in some shape!

5. Applications management — Does anyone really know how many applications an organization use?

6. License management — Does anyone really know which users in an organization are authorized to use?

7. Business process management — You cannot manage what you can’t see, or for that matter, understand.

8. Asset management — How much stuff do you own that’s not listed in the database?

9. DRM — You have no rights as people will still use your content, regardless of what you have to say about it.

10. Data management — The last one we have is, at a minimum, 10 copies of everything ever produced, suggests that data is managing us, rather than the other way around.

So, what needs to be done? The industry needs to move toward a more holistic approach to the management of enterprise computing that will no longer make ‘IT management’ the biggest oxymoron of all. What do you think?

Enabling confidence in connected world!

 

The Venetian @ Las Vegas!

According to John W. Thompson, chairman and CEO, Symantec Corp., the exponential growth in information had fueled equally explosive growth in infrastructure complexity. Simultaneously, it had multiplied risks to security, availability, performance and compliance. He was delivering the keynote at the ongoing Symantec Vision 2007 Summit in Las Vegas, at the sprawling Venetian.

 

 

Today’s extended enterprise included employees, partners, suppliers, and customers, collaborating across time zones with laptops and Blackberries, on email, IM and wikis, just to name a few. We’re now living in an era of more collaboration and online interactions, an era, in which the user is in charge.”

 

Thompson added that the growth of the connected world had blurred the lines between enterprises and consumers. New business models, from 24/7, R&D organizations to global supply chains were introducing new ways of serving customers. IT systems were currently the essential drivers of collaboration, innovation and growth.

 

Enterprises needed to be confident that they have systems and software in place to keep data secure, and that they could make information available, as and when, and where it is needed. Finally, they also needed to be confident of getting the maximum out of their IT investments.

 

Similarly, customers needed to be confident too, that their interactions as well as the information they are providing online, and the various devices they were using were both secure and reliable. It was not easy for both customers and enterprises alike to gain such a level of confidence.

 

Thompson added: “IT leaders recognize that the convergence of security, storage and management is a reality in today’s IT markets. That the domains of security and infrastructure management are intertwined, and that you cannot separate security risks from the applications or systems infrastructure. As a result, we have seen a fundamental shift, businesses are now more focused on managing risks across their organizations.”

 

He said Symantec was now in a unique position to address customers needs to reduce IT complexity, cut costs and improve efficiency. Symantec is said to be offering the industry’s broadest portfolio focused on risk management to a wide range of customers.