Security Experts Warned against Cyber-attacks on Super Bowl

The security experts at Websense highlighted the vulnerability of Super Bowl against cyber criminals who wish to intensify the effect of their swindles.

Dan Hubbard, VP, Security Research, Websense, on January 24, 2008, told SCMagazineUS, that the probable mode of attack might be phishing e-mails generated by botnet. These e-mails would contain messages on the subjects, which are related to Super Bowl. The attack might materialize on February 3, 2008 when New England Patriots would clash with New York Giants.

Hubbard also added that the attackers, who were responsible for nasty Storm Worm and botnet, sent holiday inspired fraud e-mail and they wouldn't be able to stop themselves from unleashing e-mails on the championship game of NFL.

Moreover, Hubbard also added that the domains, similar to Super Bowl related URLs, have already been registered though recipient websites for which these domains would work are not materialized yet.

Hubbard emphasized that increased sensitivity and interactive functionality of all the websites of Super Bowl make them more vulnerable. He also added that websites could be hacked in a number of ways, there is no specific method for hacking.

In 2007, Dolphins Stadium's website hosting Super Bowl XLI was attacked. In that attack, a Trojan with integrated JavaScript tried to exploit the weaknesses of handling vector markup language of the Internet Explorer. The Trojan was included in the homepage of the website and it enabled attackers to plunder information of visitors before the alerts were sent across to users.

As per the data gathered by Websense Inc., around 51% of the websites were recorded malicious in the second half of 2007. Those websites were compromised and contained malicious attack code, which infected uncorrupted machines, visited their URLs. Remaining 49% were deliberately built to launch the attack on the systems of users, as per the news reported by Computerworld on January 23, 2008.

Trend Micro Trendlabs, a security firm, also gave data similar to Websense on its blog. Trend Micro stated that it detected two malware-infected websites with similar URLs as that of the official website of Super Bowl XLII game, as reported by SCMagazineUS on January 23, 2008.

Related article: Securities Push Up A Must For Web Companies

» SPAMfighter News - 2/2/2008