Handlers On Duty
Today Donald and I are tag teaming as Handler On Duty, so you are likely to see stories with a wide range of topics. Thanks Donald for tag teaming with me today.
Keywords:
0 comment(s)
What will 2006 have in store?
Well, 2005 is soon to come to a close. What a tremendous year this has been! We have had lots of exciting discussions about everything from "soup to nuts". Looking back we have seen new exploits, new holes in the Internet and the usual round of viruses and worms. I was the Handler On Duty - New Years Eve 2004 and asked our readers who checked in with us to tell us what they thought 2005 was going to bring. Here is a recap of some of the responses that were received:
From Greg:
With the developing trends in botnets and denial of service with them, I'm willing to bet that we'll see more
frequent use of ddos for hire and malware distribution by zombie pcs. It also would be a shock to see an
adaptive botnet..that can change and adapt to discovery on the fly..shutting down discovered nodes and such.
From John:
As direct electronic invoicing becomes more popular, crimals will try to leverage poor implementations of
Web Services to submit fraudulent invoices for payment. Agencies that have done away with support staff
necessary for manual invoice processing will pay dearly.
From David:
I can't think of a new 'technical' threat but the existing technology joy-ride hackers are using could end up
being more dangerous in the near future. Currently when we find a hacked system it is normally being used to
share copyrighted music, movies or applications. They mainly want to use our disk space and bandwidth and
have no dangerous agenda. This could change in the future, however. As financial institutions tighten up
security the money motivated hackers may turn to using BotNets to harvest documents. Instead of hijacking a
system to use the disk space and setup detectable FTP servers they may end up harvesting all of the documents
from the system in hopes of gaining financial or personal information for identity theft. Pretty scary to even think
about it.
From Jack:
DNS Poisoning/Hijacking
From Anonymous:
Just thought I'd add some of the potential issues that we might start seeing in 2005. First, is the spread of bots
to IP enabled devices. Once more as devices reach that "on-line all the time" state, the vulnerabilities will be
exploited more. This could include a range of devices from cellular phones, to even the next generation console
systems. (Note: viruses and exploits for console systems may deserve to be its own potential issue). Second, an
increase of malware for alternative operating systems (non-Windows), primarily for the Tiger OS. Third, IPv6
will become wider spread, and while it will be a partial remedy for some sercurity issues; improper
implementation will create added security risks and issues -- primarily in the areas of content
management/filtering, simpler facilitation of cryptographic malware, and brand new vulnerabilities for IPv6
enabled products.
So what do you think? How did our predictors do for 2005? What do you think were the biggest issues for 2005? I will be the Handler On Duty on News Years Eve and will print some of the responses we receive.
What are your predictions for 2006? Let us know. Your response could be used in a Diary next year.
From Greg:
With the developing trends in botnets and denial of service with them, I'm willing to bet that we'll see more
frequent use of ddos for hire and malware distribution by zombie pcs. It also would be a shock to see an
adaptive botnet..that can change and adapt to discovery on the fly..shutting down discovered nodes and such.
From John:
As direct electronic invoicing becomes more popular, crimals will try to leverage poor implementations of
Web Services to submit fraudulent invoices for payment. Agencies that have done away with support staff
necessary for manual invoice processing will pay dearly.
From David:
I can't think of a new 'technical' threat but the existing technology joy-ride hackers are using could end up
being more dangerous in the near future. Currently when we find a hacked system it is normally being used to
share copyrighted music, movies or applications. They mainly want to use our disk space and bandwidth and
have no dangerous agenda. This could change in the future, however. As financial institutions tighten up
security the money motivated hackers may turn to using BotNets to harvest documents. Instead of hijacking a
system to use the disk space and setup detectable FTP servers they may end up harvesting all of the documents
from the system in hopes of gaining financial or personal information for identity theft. Pretty scary to even think
about it.
From Jack:
DNS Poisoning/Hijacking
From Anonymous:
Just thought I'd add some of the potential issues that we might start seeing in 2005. First, is the spread of bots
to IP enabled devices. Once more as devices reach that "on-line all the time" state, the vulnerabilities will be
exploited more. This could include a range of devices from cellular phones, to even the next generation console
systems. (Note: viruses and exploits for console systems may deserve to be its own potential issue). Second, an
increase of malware for alternative operating systems (non-Windows), primarily for the Tiger OS. Third, IPv6
will become wider spread, and while it will be a partial remedy for some sercurity issues; improper
implementation will create added security risks and issues -- primarily in the areas of content
management/filtering, simpler facilitation of cryptographic malware, and brand new vulnerabilities for IPv6
enabled products.
So what do you think? How did our predictors do for 2005? What do you think were the biggest issues for 2005? I will be the Handler On Duty on News Years Eve and will print some of the responses we receive.
What are your predictions for 2006? Let us know. Your response could be used in a Diary next year.
Keywords:
0 comment(s)
Quiet Weekend - not much news
It has been a very quiet weekend so not much exciting news. Perhaps all of the script kiddies got new computers for Christmas and haven't gotten them fully up to speed yet. Or perhaps many of there rogue machines were also replaced by new ones this year and they will have to go out and rebuild their army. At any rate, whichever is the case, we here at the Storm Center appreciate the break.
Keywords:
0 comment(s)
×
Diary Archives
Comments