Jump to content

Hackers Change Tactics


Buff-horns

Recommended Posts

Hackers change tactics to crack open computers

A major change in the methods used by hackers to break into computers has been revealed in a report issued by an influential research institute on Tuesday.

The study suggests that computer criminals have shifted attention away from bugs in operating system software, such as Microsoft's Windows platform, to focus on flaws in individual software packages.

The non-profit SANS Institute, based in Maryland, US, reveals the change in tactics in its Top 20 report on software vulnerabilities.

"We are seeing a trend to exploit not only Windows, but other vendor programs installed on large numbers of systems," says Rohit Dhamankar, project manager for the report. "These include back-up software, anti-virus software, database software and even media players."

The report says that, over the last five years, hackers focused predominantly on operating systems. The shift away from this has been brought about by greater focus on security from operating system developers, the researchers write.

They note, for example, that Microsoft now issues regular monthly software updates to plug holes in its operating system, prompting hackers to pursue bugs in individual software packages instead.

Entire networks

The types of bugs affecting operating systems and individual software packages are similar. Although the packages do not operate at the fundamental level of an operating system they can often access important parts of a computer, such as its temporary memory.

Dhamankar says targeting bugs in packages can be just as effective for attackers. "Flaws in these programs put critical national and corporate resources at risk and have the potential to compromise entire networks," he says.

According to the SANS report, software used to back-up data is most commonly targeted by hackers. Ironically, anti-virus software is the next most popular target.

Buffer-overflow bugs

Several critical flaws have been discovered with back-up software over the course of 2005. The report notes that gaining access to a machine running back-up software will often provide large amounts of potentially valuable data, as well as broader access to a computer network.

Anti-virus software is particularly attractive to hackers because it is installed very widely and runs unobtrusively in the background on a machine. The Top 20 report notes that "buffer overflow" bugs have been reported with most leading anti-virus programs over the past year. This type of bug can be used to overwrite key portions of a computer's memory, causing a system to crash or to rewrite key information.

The SANS Institute is one of the leading computer security certification organisations in the world. The report was compiled with the help of researchers from seven organisations, including the US government's Computer Emergency Response Team (CERT), the British government's National Infrastructure Security Co-Ordination Centre (NISCC) and companies Tipping Point and Qualys.

Link to comment
Share on other sites

Yeah lots of programs nowadays connect to the net without your permission (to check for updates etc.)

I guess for a cracker is quite easy to add a spy app. to these programs.

That's why I use zone alarm to check wich program wants to access the net.

I always deny access if it isn't strictly necessary.

Beware expecially of software bought in Pantip Plaza and the like and downloaded from untrusted sources(bit torrent etc).

I can think of a million way to screw people with a spy app. on their Pcs :o

Edited by KhunMarco
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...