Saturday, August 27, 2011

Cyber Threats report :Emerging threats for…all data-driven![cyber warfare]

Emerging threats for…all data-driven!

Cyber Warfare

Security experts consulted by GTISC believe cyber warfare will accompany conventional military interaction more often inside the many years ahead. They expect it's going to also play a much more shadowy role in attempts by antagonist nations to subvert the U.S. economy and infrastructure.

Consider the cyber attacks that occurred between Russia and Georgia earlier this year like a type for military
cyber engagements in 2009 and beyond. 
Don Jackson, director of threat intelligence for SecureWorks, compiled the right after research to implicate direct Russian government involvement in cyber attacks against Georgia:

Physical and cyber attack targets and timing align:
• Logs of DDoS targeted visitors and changes in network routing indicate that Russian cyber warfare operations coincided virtually exactly in the final “all clear” for Russian Air Force attacks sometime between 0600 and 0700 on August 9, 2008.
• Both cyber attack targets (media outlets and local government communication systems) and air force targets were located within inside Georgian city of Gori.
• The exact timing of cyber attacks against new classes of targets in Gori and Russian Air Force attacks indicated coordination among known hacking groups and military operators.
Source of Russian cyber attacks against Georgia:
• The vast majority of Georgian Web traffic is routed throughTurkey and Russia. As of August 10, 2008, visitors routed through Turkey was almost completely blocked, and IP traffic through Russia (via Azerbaijan) was slow and efficiently unusable.
• Russian government-run Rostelecom conducted most of the routing changes that blocked site visitors to
Georgian IP address space.
• The Moscow-based COMSTAR network also cooperated with government  demands to follow suit, as did other network operators that control routing from your ostensibly neutral Moscow Internet Exchange (MSK-IX).
• DDoS and cache poisoning attempts targeting DNS servers for major Georgian networks were also launched during the state-operated Rostelecom and Moscow-based COMSTAR networks. 

These attempts used the same tools, tactics and target lists as attacks from portions of Turkish networks controlled by former associates of the Russian Organization Network (RBN).
The associates are believed to have connections to local St. Petersburg government, the former powerbase of Putin and those people now in charge of the FSB state security organization.

Attack types:

• Along with DDoS attacks against Georgian media outlets and federal government Internet sites, researchers observed:

— Route hijacking
— Brute force server compromise
— Information theft
— Multi-factor DDoS attacking network and computer software layers
— Defacement and hosting of fake Georgian Web pages containing misinformation and propaganda.

Some DDoS attacks, route hijacking, and system intrusions originated from sources not previously
affiliated with identified hacking groups and appear to have been coordinated inside a manner that would allow attackers to disable or intercept Georgian government communications according to Russian military and intelligence objectives.
Jon Ramsey, chief technology officer for SecureWorks attributes increasing cyber warfare exercising to the following:
• The low cost to launch cyber attacks compared with physical attacks
• The lack of cyber defenses
• The “plausible deniability” the internet affords
• The lack of “cyber rules of engagement” in conflicts among country states

George Heron, founder of BlueFin Security and former chief scientist for McAfee believes cyber warfare will play a significant role in between China and the U.S. “Cyber threats originating from China are incredibly real and growing,” said Heron.
“Other evidence supports this, just like the majority of bot masters being traced back to China, along with malware along with other disruptive threats.”
Heron pointed towards U.S. transportation system infrastructure, the telecommunications system, nuclear energy plant communications, the water provide IT infrastructure and other entities as prime cyber targets of enemy nations.
“We now know that it only takes infiltrating the DNS operator vulnerability to subvert an entire DNS sector,”
Heron continued. “Cyber warfare efforts could eat this approach to exploit vulnerable servers and gateways
controlling the power grid or water/dam flow control.”
Howard A. Schmidt, a GTISC professor of practice agrees.

“Our essential infrastructure systems are fundamentally dependent on the internet and IP-based technology,
and there are interdependencies between them that our enemies will seek to exploit,” stated Schmidt.

“Cyber warfare completely evens the playing field as developing nations and large countries with a formidable military presence can both launch both equally dangerous attacks more than the Web.”
The U.S. federal government is already bracing for the inevitability of cyber warfare and hosted the second annual Cyber Storm activity in March 2008—involving nine states, four foreign governments, 18 federal agencies and 40 individual firms in a weeklong cyber attack scenario3.

“Cyber Storm II is really a successful example of public and private partnership to identify cyber warfare threats and plan powerful countermeasures,” said Heron.
“We need more information sharing and additional collaboration like this to defend our national interests against an onslaught of cyber terrorism.”

Schmidt advocates a three-step method to bolstering U.S. cyber defenses:
• Identify the Internet-enabled systems we depend on and the interdependencies between them.
• Develop a comprehensive plan to protect those systems, such as  roles and responsibilities, vulnerability identification and remediation, threat mitigation and response.
• Model facts security for your future as software improvements, network enhancements and new  echnologies like mobile communications accomplish traction.



“The future threat goes beyond what we think of as cyber-espionage and intellectual property theft,
although that certainly remains a factor,” said Heron. “I think we’re going to see more technologically savvy,
state-sponsored attacks to the IT systems that support foundational services here in the U.S.”
George Heron - Founder, BlueFin Security
See Also:
Cyber Crime:Threats to VoIP and Mobile Convergence...

Friday, August 26, 2011

Cyber Threats report 2009:Emerging threats for…all data-driven!(2)


Emerging threats for…all data-driven!

BOTNETS

Most botnet command and manage websites is also traced back to China2. But Lee cautions that this statistic could be misinterpreted since "a good deal of Chinese are usingpirated software program which doesn’t receive security updates.”

According to Lee, “That techniques numerous Chinese computers are rife with vulnerabilities, doing them a haven for botnet command and manage sites.”
Botnets en masse are considered a bot army and these malicious computing forces could be applied to conduct cyber warfare within the future.

In addition, bot payloads are becoming increasingly complex to avoid evolving security measures.
According to Lee’s research at GTISC, several recent bot variants have exhibited more than 100 distinct binary payloads used to hide the communications path and to vary the command and manage IP address. The net effect creates botnets and bot masters harder to track.

However, new technologies can pinpoint the Internet communications among botnets and bot masters and
shut down the vital links required for cyber crime and cyber warfare. Signature-based defenses like antivirus
and intrusion detection are no match to your subtle communications between bot and bot master.
But newer behavior analysis approaches can support identify bots without signatures.

Lee’s search team at GTISC is developing algorithms to analyze targeted visitors patterns from internal machines to outside machines. Strange anomalies in connection duration, time of day, or type of information uploaded/downloaded can indicate a botnet command and control attempt. Lee’s research also examines how botnets use the internet infrastructure.
For example, look-up requests to DNS servers may perhaps provide information on which domain is applied for botnet communications. In addtion, global sensor networks are now using specialized algorithms to pinpoint bot army communications.
Once the command and control links are observed and disrupted, the bot army threat can be neutralized as long as layered security is already in location
Related Articles:
Cyber Crime:Threats to VoIP and Mobile Convergence...

Cyber Threats report 2009:Emerging threats for…all data-driven!




Emerging threats for…all data-driven!


BOTNETS

In 2008, botnets have turn into worse—a trend expected to continue following year.
GTISC estimated in last year’s report that 10 percent of on-line computers have been component of botnets,groups of computers infected with malicious code and unknowingly controlled by a malicious master.
This year, GTISC researchers estimate that botnet-affected machines may comprise 15 percent of on-line computers.

“Compared with viruses and spam, botnets are growing at a faster rate,” mentioned Wenke Lee, an associate professor at GTISC along with a leading botnet researcher. Lee cites three unavoidable factors which are spurring botnet growth:
Infection can occur even through legitimate Web sites
• Bot exploits/malware delivery mechanismsnare gaining sophistication and better obfuscation techniques
• Users don't need to do anything to become infected; simply rendering a Web page can launch a botnet exploit

Bots can also be delivered to a machine in a variety of ways—
via Trojans, emails, an unauthorized instant message client or an infected Internet site. Once installed, bots lie low to avoid notice by antivirus and anti-spyware technology.
Periodically, the bot communicates to a “command and control” server and waits for your response.

The communication— using the command and manage server as an intermediary—can preserve the malicious bot master’s identity hidden.
Lee issues out the distinction among botnets and malware: “What we think of as malware can be responsible for turning a machine into a bot,” mentioned Lee.
“But conventional malware is often a single-purpose attack.

A bot really remains over a machine, maintains a command and manage mechanism to enable communication with the bot master, and can update itself based on people communications. 
The updates enable new bot communication and malicious capabilities, and are often applied to avoid detection.”

Bot communications are designed to seem like normal (Web) targeted visitors using accepted ports, so even firewalls and intrusion prevention systems have a tough time isolating bot messages.
Lee agreed, “It’s incredibly tough to filter bot traffic at the network edge since it uses http and every
enterprise allows http traffic.”

Prompted to act in unison, bots turn into bot armies that harness considerable computing power to engage in a
variety of malicious activities, including:
Information theft (social security numbers, credit card information, trade secrets, etc.)
— Denial of program attacks
— Spam delivery
— DNS server spoofing

According to a report compiled by Panda Labs, in 2Q 2008, 10 million bot computers had been applied to distribute spam and malware across the internet every day1.
Damballa continues to find that 3-5 percent of enterprise assets are compromised on average by targeted
threats for instance bots—even during the presence in the best and most up-to-date security.
Leading industry analysts predict this range to be even higher.

Monday, August 22, 2011

Emerging threats for…all data-driven!:Malware

Emerging threats for…all data-driven!

Data will continue to become the principal motive behind future cyber crime—whether targeting conventional fixed computing or cellular applications.
According to security expert George Heron, “It’s all within the data,”
whether botnets, malware, blended threats, cellular threats or cyber warfare attacks. And Heron expects data
to drive cyber attacks for many years to come. The details motive is woven through all 5 emerging threat categories,
beginning with malware-
                                                                          Malware

Ryan Naraine, security evangelist for Kaspersky, believes that malware delivery—the very first step in generating a bot—will turn into much more insidious by taking advantage of poorly configured Web sites, social networking sites and false domains.

“We are projecting a 10-fold increase in malware objects detected in 2008,”    stated Naraine.
“This is ‘hockey-stick’ growth driven by identity theft and data-focused cyber crime.”
Naraine expects criminal senders to use far better social engineering techniques to cloak malcode in what appears to become legitimate email with acceptable Net links.

For example:
A Facebook message sent from 1 friend to another includes a link to a YouTube video of interest to the recipient. The recipient clicks over a link supposedly sent by his/her friend, and then sees a prompt to install the latest version of Flash Player to be able to watch the video clip.
The user clicks to install the update, but actually installs a piece of malware on the machine, effectively involving the pc inside a botnet.

As cyber criminals move beyond mass-distribution style phishing scams, they're learning how to localize and personalize their attacks for far better penetration. 
Social networking sites like MySpace, Facebook and others will likely be applied as delivery mechanisms for getting unsuspecting users to a malicious Website link in order to deliver malware.

During the coming year, GTISC along with other security experts also expect a lot more targeted spear-phishing vehicles to install malware and/or steal data.
For example:
Attackers may target clients of a local credit union with a spoofed email referencing a local news story of
interest. Once clients click the bogus link inside the email, the malware is installed and can log keystrokes and mine other individual information| to be sent back to a malicious bot master or cyber criminal.

Naraine cited computing mono-cultures and slow or non-existent desktop computer software patching as fueling the malware/botnet crisis. “When you've almost 100 percent of users standardized on the single application, it approaches that a single issue of security failure can bring about infection of an entire computing ecosystem,” stated Naraine.

Naraine’s research implies that some of the largest botnets are comprised of corporate machines. “It takes
the average business2 to 3 months to apply a Windows patch across all devices, so malware and botnets
will continue to take in advantage of identified vulnerabilities within business environments.”
On the bright side,several software program vendors are now shipping auto-patch/update ability with every new software release.


Firefox, Adobe and Apple all do this And Naraine believes that Microsoft operating system security has improved with each successive release. The auto-update features support both corporate and consumer end users stay up to date with patches—which eliminates a lot of “low-hanging fruit” |for ones cyber crime community.



A total of 28940 different malicious and potentially unwanted programs were detected on users’ computers
in August. That is an increase of more than 8,000 on July's figures and points to a significant increase in the
number of in-the-wild threats.
                                                                                  http://www.kaspersky.com/news?id=207575678
“We are so conditioned to click on links, and the bad guys know this,” said Naraine. “The email lures, the
enticements and the personalization of malware attacks are getting much better. Social engineering attacks
on social networks are beginning to explode and will only get worse.”
                                                            Ryan Naraine - Security Evangelist, Kaspersky Lab, Americas

Wednesday, August 17, 2011

Prevalence of tobacco consumption:Rates


Rates

From the table b of WHO Report on the Global Tobacco Epidemic the following is taken. From the initial survey the data is adjusted making it comparable between countries. Because of this, however, it is not for inferring the prevalence within those countries (table a provides for this).It contains 135 "Countries with recent internationally comparable adjusted data", 18 "Countries with national data that are neither recent nor comparable internationally", and 41 "Countries with no data". The data represents smoking any tobacco product at the time of the survey including daily and non-daily smoking; the error is with a 95% confidence interval 

Country↓Male [%]↓Error [+/-%]↓Female [%]↓Error [+/-%]↓
undefined Afghanistanno datano datano datano data
 Albania40.513.343.3
 Algeria29.92.50.30.2
 Andorra36.55.729.25.2
 Angolano datano datano datano data
 Antigua and Barbudano datano datano datano data
 Argentina34.63.5525.43.05
 Armenia55.17.953.72.35
 Australia !27.73.421.83.25
undefined Austria46.42.1540.11.95
 Azerbaijanno datano data0.90.55
 Bahamasno datano datano datano data
 Bahrain26.13.752.91.7
 Bangladesh478.93.81.45
 Barbados !18.48.431.65
 Belarus63.710.3521.16.2
 Belgium30.13.124.12.1
 Belizeno datano datano datano data
 Beninno datano datano datano data
 Bhutanno datano datano datano data
 Bolivia34.17.629.23.5
 Bosnia and Herzegovina49.36.5535.16.15
 Botswanano datano datano datano data
 Brazil *no datano datano datano data
 Bruneino datano datano datano data
 Bulgaria47.58.2527.88.1
 Burkina Faso221.9511.21.4
 Burma46.55.913.61.3
 Burundino datano datano datano data
 Cambodia40.55.056.50.65
 Cameroon12.64.152.21.8
 Canada !no datano datano datano data
 Cape Verdeno datano datano datano data
 Central African Republicno datano datano datano data
 Chad165.052.62.1
 Chile !42.18.4533.65.35
 China59.511.83.70.65
 Colombiano datano datano datano data
 Comoros27.7413.53.85
 Congo12.14.211
 Cook Islands36.19.15206.15
 Costa Rica26.14.157.31.55
 Croatia38.91.829.11.15
 Cuba43.417.128.36.75
 Cyprusno datano datano datano data
 Czech Republic36.66.625.47.45
 Côte d'Ivoire15.41.72.40.6
 Democratic Republic of the Congo13.54.752.62.2
 Denmark36.1230.61.9
 Djiboutino datano datano datano data
 Dominicano datano datano datano data
 Dominican Republic17.57.2513.33.65
 Ecuador23.93.155.81.15
 Egypt28.72.251.30.5
 El Salvadorno datano datano datano data
 Equatorial Guineano datano datano datano data
 Eritrea16.92.61.20.65
 Estonia49.92.727.52.15
 Ethiopia7.61.30.90.45
 Fiji23.64.95.11.25
 Finland31.82.3524.42
 France36.60.826.70.7
 Gabonno datano datano datano data
 Gambia29.32.252.90.6
 Georgia57.18.76.33.85
 Germany37.42.5525.81.55
 Ghana10.21.50.80.4
 Greece63.67.5539.85.15
 Grenadano datano datano datano data
 Guatemala24.53.954.10.95
 Guineano datano datano datano data
 Guinea-Bissauno datano datano datano data
 Guyanano datano datano datano data
 Haitino datano datano datano data
 Hondurasno datano data3.41.5
 Hungary45.77.3533.99.35
 Iceland26.12.4526.62.4
 India33.16.43.81.2
 Indonesia65.984.50.5
 Iran29.65.455.51.75
 Iraq25.84.22.51.65
 Ireland26.55.15263.35
 Israel31.14.8517.910.65
 Italy32.82.419.21.45
 Jamaica20.899.22.9
 Japan44.38.914.32.25
 Jordan62.79.159.85.8
 Kazakhstan43.28.259.73.35
 Kenya27.13.152.20.8
 Kiribatino datano datano datano data
 Korea, North58.62.5no datano data
 Korea, South53.315.85.71.1
 Kuwaitno datano datano datano data
 Kyrgyzstan46.98.452.20.85
 Laos658.0515.61.2
 Latvia54.48.7524.13.2
 Lebanon29.14.974.25
 Lesothono datano datano datano data
 Liberiano datano datano datano data
 Libyano datano datano datano data
 Lithuania45.17.220.82.85
 Luxembourg39.13.730.32.95
 Macedoniano datano datano datano data
 Madagascarno datano datano datano data
 Malawi23.72.756.21.7
 Malaysia54.47.22.80.85
 Maldives44.58.411.63.75
 Mali19.51.92.80.85
 Malta32.84.4524.53.45
 Marshall Islandsno datano datano datano data
 Mauritania22.32.43.70.8
 Mauritius35.73.81.10.5
 Mexico36.97.2512.43.5
 Federated States of Micronesiano datano datano datano data
 Moldova45.87.355.81.65
 Monacono datano datano datano data
 Mongolia45.813.76.51.75
 Montenegrono datano datano datano data
 Morocco29.52.250.30.2
 Mozambique222.253.40.9
 Namibia !38.63.910.91.5
 Nauru46.19.4552.411.3
 Nepal34.86.5526.48.4
 Netherlands38.30.9530.30.85
 New Zealand29.74.127.54.35
 Nicaraguano datano datano datano data
 Nigerno datano datano datano data
 Nigeria131.751.20.45
 Niueno datano datano datano data
 Norway33.64.5530.44.05
 Oman24.73.81.30.9
 Pakistan35.46.756.62.3
 Palau38.110.059.74.6
 Panamano datano datano datano data
 Papua New Guineano datano datano datano data
 Paraguay333.8514.82.15
 Peruno datano datano datano data
 Philippines425.259.80.9
 Poland43.98.727.29.05
 Portugal40.65.5314.15
 Qatarno datano datano datano data
 Romania40.66.824.57.15
 Russia70.111.0526.57.4
 Rwandano datano datano datano data
 Saint Kitts and Nevisno datano datano datano data
 Saint Lucia28.912.112.13.9
 Saint Vincent and the Grenadinesno datano datano datano data
 Samoa58.312.823.46.85
 San Marinono datano datano datano data
 São Tomé and Príncipe23.212.810.611.9
 Saudi Arabia !25.63.753.62.15
 Senegal19.82.351.50.7
 Serbia42.34.942.34.9
 Seychelles !35.2572.65
 Sierra Leoneno datano datano datano data
 Singapore *no datano datano datano data
 Slovakia41.6720.15.75
 Slovenia31.86.121.14.95
 Solomon Islandsno datano datano datano data
 Somaliano datano datano datano data
 South Africa27.53.59.11.8
 Spain36.44.230.93.7
 Sri Lanka30.25.82.60.95
 Sudanno datano datano datano data
 Surinameno datano datano datano data
 Swaziland14.62.653.21.05
 Sweden19.61.0524.51.1
 Switzerland30.72.5522.21.8
 Syria4426.35no datano data
 Tanzania24.82.64.31.15
 Tajikistanno datano datano datano data
 Thailand39.84.753.40.15
 Timor-Lesteno datano datano datano data
 Togono datano datano datano data
 Tonga61.812.915.84.45
 Trinidad and Tobago36.414.67.62.4
 Tunisia512.81.90.65
 Turkey51.67.5519.211.35
 Turkmenistanno datano datano datano data
 Tuvaluno datano datano datano data
 Uganda20.92.553.20.85
 Ukraine63.810.222.76.2
 United Arab Emirates !26.15.152.62.05
 United Kingdom36.71.1534.71.05
 United States26.33.1521.53.5
 Uruguay37.14.45284
 Uzbekistan24.24.551.20.5
 Vanuatu49.110.28.12.55
 Venezuela32.55.85275.9
 Vietnam !45.76.052.50.75
West Bank and Gaza Stripno datano datano datano data
 Yemenno datano datano datano data
 Zambia !21.72.7551.5
 Zimbabwe25.53.24.41.35

 
Design by Wordpress Theme | Bloggerized by Free Blogger Templates | coupon codes