News

Cyber criminals are getting smarter warn security experts

MSPs
Cyber criminals are smarter, more ambitious and now present increasingly greater and potentially more serious security risks to governments, global institutions and business organisations.

The warning comes from software security expert Dimtry Gusev, of StarForce Technologies, who describes the growing crisis as the “beginning of World War Three – a war in cyberspace”.

Government departments, multinationals and financial institutions across the world are under threat from hackers who are using ever-more sophisticated tactics and technological expertise to penetrate software vulnerabilities.

“This is a war on an unprecedented scale with criminals who are growing in confidence,” said Gusev, deputy marketing director at StarForce. “They are becoming cleverer in the tactics and technology they use to penetrate software security systems.”

His warning follows disturbing research by global software producer Symantec – published in its annual Internet Security Threat Report – which shows that cybercrime levels are rising faster than even the world’s leading security and software protection experts expected.

The report shows that, while the number of vulnerabilities (security weaknesses) has fallen by 20 per cent in the past year, the number of malicious attacks has rocketed by 81 per cent.

The number of unique malware variants has risen by 41 per cent and the percentage of web attacks blocked every day has increased by more than one third. Greater numbers of more widespread attacks have used advanced techniques to alarming effect – for example, server-side polymorphism which enables hackers to create an ‘almost unique’ version of their malware for each potential target.

Even more worrying, says Gusev, is that advanced attacks are hitting organisations of all sizes, data breaches are increasing and attackers are increasingly targeting mobile devices.

According to StarForce, the most serious threats are now being posed by an elite hacker group which is responsible for attacks on companies supplying American military corporations with electronic and mechanical components.

The attacks have been dubbed the ‘Elderwood Project’ after a source code variable used by the hackers who have targeted defence industry sub-contractors with a series of ‘zero-day’ attacks – exploiting previously unknown vulnerabilities which gives developers no time to prepare for or prevent hacker penetration.

Elderwood probably focuses on sub-contractors because attackers find them easier to exploit. Hackers have taken control of Windows PCs and used them to infiltrate and control software systems at companies further up the supply chain. Elderwood hackers specialise in finding and exploiting zero-days in Microsoft’s IE browser and Adobe’s Flash Player.

“Somehow, cyber terrorists have obtained information about eight vulnerabilities which is previously unheard of across the information security industry worldwide,” said Gusev. “It’s unclear who is behind Elderwood but it could be a particular country or a powerful criminal organisation.”

Attacks on security and computer software application vulnerabilities are usually carried out by one of two methods – common phishing emails or by the now popular ‘watering hole’ tactic.

“The watering hole method is cunning and dangerous,” said Gusev. “Malware is planted on websites that the person or people being targeted visit often. When the target enters the site, a malicious script is activated and infects the computer.”

Research suggests that the ‘watering hole’ tactic has already been used in espionage attacks in a variety of industries and business sectors including defence institutions, government departments, financial service organisations, universities and utility companies.

StarForce warns that organisations of all sizes, particularly the world’s largest enterprises, need to be much more vigilant and take appropriate steps to protect their high-level information and security systems.

“Organisations must make life tougher for cyber criminals. Decompiling or reverse- engineering is now used widely by cyber criminals to crack software. An unprotected program is no match for a highly-trained professional.

“However, a program can be hardened against reverse-engineering and analysis,” said Gusev. “StarForce recommends source code obfuscation to improve security resistance. Protecting the code and obfuscating algorithms makes it much harder, and often economically unprofitable, for hackers to continue trying to decipher codes.”

Greater protection is needed for existing programs used in organisational networks and for source codes in companies where information is exchanged with customers and clients.

“It’s vital that we take every precaution to make analysis and reverse-engineering a ‘hacker’s nightmare’. Current research highlights that many security measures are currently weak and offer little resistance or deterrent to clever cyber criminals.

“Zero-day exploits will become more common unless preventative measures are taken to complicate the search for hackers who are looking for errors and system vulnerabilities.”

StarForce Technologies recommends and provides various reverse-engineering technologies, including:

Obfuscation

Program code virtualisation

Protection against debuggers

Integrity self checks

Protection against modifications of application.

“Cyber crime and the risks to companies and organisations across the world will not go away. In fact, they will increase unless protection measures are taken,” said Gusev.

“Yesterday, the threats and attacks were on military organisations and financial institutions. Today, they are targeting defence companies and utility businesses. Where will the cyber-war resume tomorrow?”