Spear Phishing Attacks Most Dangerous to Computers

As per a freshly-obtained report, un-patched software are still a major hazard to thwart any type of cyber attacks. Attackers, who use targeted threats, are particularly dangerous.

The report, covering March-August 2009 and published by the security training company "SANS", used data related to online-attacks that targeted users' computers. According to it, twin security threats namely 'phishing' and 'web-application attacks' are potentially most dangerous.

Security specialists said that the foremost threat was spear phishing attacks, described as e-mail attacks, targeting specific individuals/organizations. These phishing attacks allowed online-criminals to contaminate commonplace software that users hadn't patched like Adobe's Flash and PDF Reader, QuickTime, and Microsoft's Office.

The infected computers subsequently spread the infection and help hijack more un-patched PCs and servers in large organizations, facilitating malicious attackers in stealing information and planting backdoor trojans that would transmit information to them.

Moreover, the research discovered that enterprises were patching client-side security flaws 3-5 times slower compared to operating-software flaws, stated Alan Paller, Research Director at SANS Institute, as reported by Sfgate on September 15, 2009.

Paller stated that unlike before, they (entrepreneurs) knew the areas criminals were attacking but unfortunately those weren't the ones that were being protected.

SANS said - the next area of concern was vulnerable websites. Direct attacks on Web applications were responsible for around 60% of the total Internet threats. The attackers often sought to destabilize websites and manipulating the same for distributing malware.

Further, Web-application flaws like cross-site scripting and SQL injection vulnerabilities in custom-built and open-source applications were responsible for around 80% of overall vulnerabilities found during Q3 2009, SANS stated.

The study also discovered that numerous individuals detected zero-day flaws over the last 3 years. This indicates to a new trend of discovering and exploiting flaws by attackers before security researchers could find them (flaws). Moreover, security researchers fail to prepare safeguards against them.

Rohit Dhamankar, Director of DVLabs Security Research Team, TippingPoint, said that organizations should first understand the attacks that exploit zero-day flaws within their networks to be able to develop a successful security strategy, as reported by V3 on September 15, 2009.

Related article: Spyware Detection Programs Track Advertisers’ Cookies

» SPAMfighter News - 10/6/2009