Malware

SPOTLIGHT ON SECURITY

White House Pushes Cyberlaw as Online Crooks Frolic

The Obama administration is urging Congress to pass cybersecurity legislation the White House first proposed in May.

That proposal incorporates many of the ideas of Senate and House leaders, White House Cybersecurity Coordinator Howard Schmidt pointed out.

Since then, there have been several cybersecurity breaches, Schmidt said, pointing out that there’s no general national requirement that companies alert the federal government to serious intrusions.

Meanwhile, cybercriminals appear to be having things pretty much their own way.

Symantec found that awareness of government critical infrastructure program (CIP) protection efforts worldwide has fallen.

Internet Identity has found that malware distribution rose sharply in Q3 2011 and that the scope of cyberthreats has broadened, among other things.

Finally, spammers are setting up their own URL-shortening sites to better evade traditional anti-spam measures.

There’s Gotta Be a Law

On May 12, the Office of Management and Budget (OMB) presented a proposal by the Obama administration that would require businesses to notify consumers in the event of a data breach.

The proposal also included suggestions on penalties for computer crimes, critical infrastructure protection and improving the United States’ federal IT infrastructure, practices and hiring.

A recent survey by the OMB found that federal CIOs are overworked and have other, highly demanding roles in addition to their IT positions. Another found that many government agencies and departments haven’t implemented reforms they agreed to after their IT infrastructure was audited by the OMB.

Slouching Towards CIP

Meanwhile, a telephone survey of almost 3,500 companies in 37 countries conducted by Applied Research in August and September on behalf of Symantec found that awareness of government critical infrastructure protection (CIP) programs among companies involved with this area has fallen over the past year.

Only 37 percent of the respondents are engaged in government CIP programs now, compared to 56 last year, the survey found.

“Both public and private entities are working to ramp up coordination to keep up with the threats, but … right now, the threats and rate of attack are outpacing the coordination,” Dean Turner, director of Symantec’s global intelligence network, told TechNewsWorld.

The survey covered firms in 14 areas, including finance, telecommunications, public services, energy, information technology, aviation, government and mass transit.

Cybercriminals Thinking Big

The need to enhance organizational cybersecurity is growing.

The cyberthreat landscape has expanded to include large-scale domain hijackings, DNS exploits, and other breaches of global targets, Internet Identity said in its Ecrime trends report for Q3, released Tuesday.

These types of threats are increasing steadily from quarter to quarter, the report stated.

Increasingly, cybercriminals are using poisoned websites — sites containing malware. These are infecting victims’ computers with variants of Zeus, the banking-information-stealing Trojan Horse, Internet Identity CEO Lars Harvey told TechNewsWorld.

The techniques uses are similar to those used by the Avalanche cybercrime gang, which accounted for 36 percent of all phishing attacks in Q3 2009, Harvey said.

Avalanche “uses a complex routing infrastructure that includes fraudulently registered domain names and compromised URL shorteners,” Harvey stated.

Too Legit to Quit

In the past month, spammers have put a new twist on shortened URLs, a known security threat. They are setting up their own URL shortening sites, Symantec warned.

Spammers have set up close to 90 URL shortening services, Paul Wood, a senior intelligence analyst at Symantec, told TechNewsWorld. In all, about 190 domains that spammers might use to host URL shortening service fronts have been set up, he said.

Short URLs are “very powerful from a spammer’s perspective, as, behind many legitimate short URL services is valuable information about the visitors to that URL,” Wood elaborated. So even if the shortener is legitimate — i.e., it provides a shortened URL that will take a user to the intended site — spammers could still use the info they glean with it for nefarious purposes.

This can help spammers figure out how successful one approach is over another and adjust their tactics accordingly.

Standard antivirus products can’t protect you because they “scan neither shortened nor ordinary URLs,” Ed Rowley, a senior product manager at M86 Security, told TechNewsWorld.

“In cases like this, true protection comes from secure Web gateway vendors, who use a combination of techniques,” Rowley stated.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Malware

Technewsworld Channels