Site icon Techno360

[Report] Cyber Attack Toolkits Dominate the Internet Threat Landscape

BANGALORE, India, – Jan. 19, 2011 – Symantec Corp. (Nasdaq: SYMC) today announced the findings of its report on Attack Toolkits and Malicious Websites.

The study reveals that as attack kits become more accessible and relatively easier to use, they are being utilized much more widely. This has attracted traditional criminals who would otherwise lack the technical expertise into cybercrime, fueling a self-sustaining, profitable, and increasingly organized global economy.

What are Attack Toolkits ?

Attack toolkits are software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers. These kits enable the attacker to easily launch numerous pre-written threats against computer systems. They also provide the ability to customize threats in order to evade detection, as well as automating the attack process.

Symantec report found attack kits evolving cybercrime to economic model worth millions:

Attack Kits Control the Landscape:

The relative simplicity and effectiveness of attack kits has contributed to their increased use in cybercrime— these kits are now being used in the majority of malicious Internet attacks.

For example, One major kit called Zeus poses a serious threat to small businesses.  The main objective of Zeus is to steal bank account credentials; unfortunately, small businesses have fewer safeguards in place to guard their financial transactions, making them a prime target for Zeus.

[Coninued to Page 2]

Faster Proliferation of Attacks

The speed at which new vulnerabilities and their exploits spread around the globe has increased due to innovations that attack kit developers have integrated into their products.  Attack kits are now fairly easy to update, which allows developers to quickly add exploit code for new vulnerabilities.  The result is that some exploits are in the wild just days after the associated vulnerability becomes public.  Attackers who can easily update their attack kits with recent exploits are able to target potential victims before they apply necessary patches.

A New Entry Into the Underground Economy

Because attack kits are becoming easier to use, cybercrime is no longer limited to those with advanced programming skills.  Participants now include a mix of individuals with computer skills and those with expertise in traditional criminal activities such as money laundering. Symantec expects that this much larger pool of criminals entering the space will lead to an increase in the number of attacks.

“In the past, hackers had to create their own threats from scratch. This complex process limited the number of attackers to a small pool of highly skilled cybercriminals,” said Shantanu Ghosh, Vice President, India Product Operations, Symantec. “Today’s attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized.”


Additional Facts:

Mitigating Attacks

About the Report

The Symantec Report on Attack Toolkits and Malicious Websites (hyperlink), developed by the company’s Security Technology and Response (STAR) organization, is an in-depth analysis of attack toolkits. The report includes an overview of these kits as well as attack methods, kit types, notable attacks, and attack kit evolution. It also includes a discussion of attack kit features, traffic generation, and attack kit activity.

Exit mobile version