Sexy Jihad

Sexy Jihad header image 2
Apple to switch from IBM to Intel :-( Tokyo Geek Walhalla

Attack Trends: 2004 and 2005 - According to Schneier

June 7th, 2005 · No Comments

Computer with it\'s hands up

Mr. Schneier has written a piece on his blog about the kind of attacks his company has monitored this past year:

Counterpane Internet Security, Inc., monitors more than 450 networks in 35 countries, in every time zone. In 2004 we saw 523 billion network events, and our analysts investigated 648,000 security “tickets.” What follows is an overview of what’s happening on the Internet right now, and what we expect to happen in the coming months.

In 2004, 41 percent of the attacks we saw were unauthorized activity of some kind, 21 percent were scanning, 26 percent were unauthorized access, 9 percent were DoS (denial of service), and 3 percent were misuse of applications.

Over the past few months, the two attack vectors that we saw in volume were against the Windows DCOM (Distributed Component Object Model) interface of the RPC (remote procedure call) service and against the Windows LSASS (Local Security Authority Subsystem Service). These seem to be the current favorites for virus and worm writers, and we expect this trend to continue.

The virus trend doesn’t look good. In the last six months of 2004, we saw a plethora of attacks based on browser vulnerabilities (such as GDI-JPEG image vulnerability and IFRAME) and an increase in sophisticated worm and virus attacks. More than 1,000 new worms and viruses were discovered in the last six months alone.

In 2005, we expect to see ever-more-complex worms and viruses in the wild, incorporating complex behavior: polymorphic worms, metamorphic worms, and worms that make use of entry-point obscuration. For example, SpyBot.

KEG is a sophisticated vulnerability assessment worm that reports discovered vulnerabilities back to the author via IRC channels.

We expect to see more blended threats: exploit code that combines malicious code with vulnerabilities in order to launch an attack. We expect Microsoft’s IIS (Internet Information Services) Web server to continue to be an attractive target. As more and more companies migrate to Windows 2003 and IIS 6, however, we expect attacks against IIS to decrease.

Seing as they monitor so many networks, I think this gives a good idea of where security is going. An interesting read.

Bluetooth Sniper Rifle Howto

Apple To Release Tablet PC?

Bluetooth Easily Crackable

SHA-1 Bites The Dust

Banks Should Be Held Responsible For Phishing


Tags: Security · Internet

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment