Hacking and Cybercrime Essay

The Symantec Global Internet Security Threat Report noted a shift in malevolent activity to be emerging. The growing level of malicious encrypt activity has also resulted in the proposal of a new cybercrime bill. Malicious activity tends to cast up in rapid growth in broadband infrastructure and connectivity. In January 2010, reports emerged that dozens of large companies had been compromised by attackers using the Hydra Trojan. Typically, this type of attack begins with around reconnaissance on the part of attackers. Typically, this type of attack begins with some reconnaissance on the part of attackers.This can include publicly available information around the society and its employees, such as from social intercommunicateing sites. This information is then used to create specifically crafted phishing email messages, often referred to as spear phishing, that target the comp all or even specific staff members. These email messages often contain attachments that exploit vulner abilities in client-side application or links to weather vanesites that exploit vulnerabilities in web browsers or browser plug-ins. In 2009, 60 percent of identities exposed were compromised by hacking attacks.Which are another form of targeted attack. The hackers gained access to the company payment processing network using an SQL injection attack. The attackers then installed malicious code design to gather sensitive information from the network, which allowed them to easily access the network at their convenience. The attacks resulted in the theft of approximately 130 million credit card numbers. Web-based attacks rent replaced the mass mailing worm in this position. Attackers may use social engineering, such as in spam messages, to lure a user to a website that exploit browser and plug-in vulnerabilities.These attacks are then used to install malicious code or other applications such as rogue hostage software on the victims computer. Four of the top five being exploited wer e client-side vulnerabilities were oft targeted by web-based attacks. Two of these vulnerabilities were in Adobe Reader, while one was in Microsoft Internet Explorer and the fourth was in an Active X Control. A Crimeware equip is a toolkit that that allows people to customize a piece of malicious code design to steal data and other person personal information.Crimeware Kits like zues trade name it easier for unskilled attackers to compromise computers and steal information. These kit allow anyone who buys them to customize them to their own needs. The SpyEye Kit, is addition to stealing information, also has the ability to detect if a computer already has Zues installed and if so, to intercept its communications. Fragus Exploit Kit contains mechanisms to prevent buyers from reselling their copies of it. A side effect of these kits is the creation of tens of thousands of new malicious code variants that may only be seen by a single user.The volume of financial services spam also r emained relatively unchanged in 2009, while the levels of financially oriented spam and phishing have remained relatively constant despite the recent economic downturn, attackers have made adjustments in their tactics. Symantec observed more messages advertising refinancing of debts and mortgages along with offers of loans or opportunities to earn notes while working from home. This shows that attackers are able to rapidly adapt their social engineering techniques to better take advantage of current events and situations.Symantec expects attacks against web browsers and malicious code variants installed through these attacks to amplify. One of the botnets linked to this ISP was Pandex. This botnet was responsible for as much as 35 percent of spam observed globally before dropping to 8 percent after the ISP was shut down. Spam Zombies that lack a critical command system are unable to send out spam. Additionally, a security researcher allegedly attacked and disabled 250,000 computer s associated with the Ozdok botnet.The volume of spam sent by both botnets recovered several days afterwards because unaffected zombies were instructed to significantly increase their spam output, indicating that these events may have been a large factor in the decrease of spam zombies in the United States. Symantec advises end users to use antivirus software, antispam software, firewalls, tool demote blockers, and other software- detection methods. Symantec also advises end users to never disclose any confidential personal or financial information unless and until they can confirm that any request for such information is legitimate.