Wednesday, January 19, 2011

Cyber attack toolkits dominate Internet threat landscape

BANGALORE, INDIA: Symantec Corp. announced the findings of its report on Attack Toolkits and Malicious Websites. The study reveals that as attack kits become more accessible and relatively easier to use, they are being utilized much more widely. This has attracted traditional criminals who would otherwise lack the technical expertise into cybercrime, fueling a self-sustaining, profitable, and increasingly organized global economy.

Attack toolkits are software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers. These kits enable the attacker to easily launch numerous pre-written threats against computer systems. They also provide the ability to customize threats in order to evade detection, as well as automating the attack process.

Attack kits control landscape
The relative simplicity and effectiveness of attack kits has contributed to their increased use in cybercrime— these kits are now being used in the majority of malicious Internet attacks. For example, one major kit called Zeus poses a serious threat to small businesses. The main objective of Zeus is to steal bank account credentials; unfortunately, small businesses have fewer safeguards in place to guard their financial transactions, making them a prime target for Zeus.

The profitability of malicious code attacks using Zeus was recently illustrated by the September 2010 arrests of a ring of cybercriminals who allegedly used a Zeus botnet in the theft of more than $70 million from online banking and trading accounts over an 18-month period.

As cyberattacks have become more profitable, the popularity of attack kits has dramatically increased. This in turn has led to increasingly robust and sophisticated kits. These kits are now often sold on a subscription-based model with regular updates, components that extend capabilities, and support services.

Cybercriminals routinely advertise installation services, rent limited access to kit consoles, and use commercial anti-piracy tools to prevent attackers from using the tools without paying.

Faster proliferation of attacks
The speed at which new vulnerabilities and their exploits spread around the globe has increased due to innovations that attack kit developers have integrated into their products. Attack kits are now fairly easy to update, which allows developers to quickly add exploit code for new vulnerabilities. The result is that some exploits are in the wild just days after the associated vulnerability becomes public. Attackers who can easily update their attack kits with recent exploits are able to target potential victims before they apply necessary patches.

A new entry into underground economy
Since attack kits are becoming easier to use, cybercrime is no longer limited to those with advanced programming skills. Participants now include a mix of individuals with computer skills and those with expertise in traditional criminal activities such as money laundering. Symantec expects that this much larger pool of criminals entering the space will lead to an increase in the number of attacks.

“In the past, hackers had to create their own threats from scratch. This complex process limited the number of attackers to a small pool of highly skilled cybercriminals,” said Shantanu Ghosh, VP, India Product Operations, Symantec. "Today’s attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized.”

Additional facts:
* Popularity and demand has driven up the cost of attack kits. In 2006, WebAttacker, a popular attack toolkit, sold for $15 on the underground economy. In 2010, ZeuS 2.0 was advertised for up to $8,000.

* Secondary services have emerged to direct unsuspecting users to malicious websites, where their computers can be compromised. Tactics used include spam campaigns, black hat search engine optimization (SEO), the injection of code into legitimate websites, and malicious advertisements.

* Symantec observed more than 310,000 unique domains that were found to be malicious. On average, this resulted in the detection of more than 4.4 million malicious Web pages per month.

* Of the Web-based threat activity detected by Symantec during the reporting period, 61 percent was attributable to attack kits.

* The most prevalent attack kits are MPack, Neosploit, ZeuS, Nukesploit P4ck, and Phoenix.

* The search terms that most commonly resulted in malicious website visits were for adult entertainment websites, making up 44 percent of the search terms.

Mitigating attacks
* Organizations and end users should ensure that all software is up-to-date with vendor patches. Asset and patch management solutions may help to ensure systems are compliant and deploy patches to systems that are not up-to-date.

* Organizations should create policies to limit the use of browser software and browser plug-ins that are not required by the users of the organization. This is especially prudent for ActiveX controls, which may be installed without the knowledge of the user.

* Organizations can also benefit from using website reputation and IP black listing solutions to block outgoing access to sites that are known to host attack toolkits and associated threats.

* Antivirus and intrusion prevention systems can be deployed to detect and prevent exploitation of vulnerabilities and installation of malicious code.

Wednesday, January 12, 2011

Cloud.com, Kumoya to bring open source cloud computing technologies to Japanese IT market

CUPERTINO USA & TOKYO, JAPAN: Cloud.com, Inc., a leading provider of open source cloud computing software for public and private cloud environments, and Kumoya Inc. announced a strategic partnership granting rights to distribute Cloud.com’s technology and products to the Japanese IT channel market.

This is also the official launch of Cloud.com’s cloud computing platform solutions into the Japanese market, where cloud computing is emerging as the fastest growing IT segment in the industry.

“There is a tremendous amount of interest and excitement around cloud computing technologies in Japan, yet there is a wide gap between what is offered today in Japan and what is needed to deliver a truly automated cloud environment,” said Yosuke Shindo, CEO of Kumoya. “We believe that CloudStack and the Cloud Portal architecture effectively resolve this gap. With Cloud.com’s tremendous success in helping companies build large scale cloud environments, we are excited to be representing them in Japan.”

Through this agreement, Kumoya, will actively market and promote Cloud.com’s technology in Japan, working with the increasing number of cloud computing-focused SI and VAR channels in Japan. Kumoya will be hosting a series of training sessions, promotional events and evangelism activities to deliver true cloud computing value in the Japanese market.

“Japan is a very promising market for Cloud.com, and we are excited to partner with Kumoya, which truly understands the user-driven nature of cloud computing solutions and has a successful track record of bringing cloud technologies to the Japanese market,” said Shannon Williams, VP of Business Development at Cloud.com.

Cloud.com solutions are available immediately, and a series of promotional activities for potential resellers are planned for 2011.

Thursday, January 6, 2011

S&P Equity Research issues tech sector predictions for 2011

NEW YORK, USA: S&P Equity Research is looking for slower growth in the technology sector in 2011, compared to 2010, but still believes the growth will be healthy. The S&P tech equity analysts and strategists have a positive fundamental outlook and overweight recommendation on the sector.

"We expect notable developments regarding new products, international activity, and M&A deals," said Scott Kessler, Information Technology analyst and tech sector group head at S&P Equity Research.

Following are select predictions for the tech sector from industry analysts at S&P Equity Research for 2011.

1. We think Intel will finally gain some traction in the handset and tablet markets.

2. We forecast that global solar system installations will increase at least 20 percent in 2011, well below our 2010 estimated growth rate of a two-fold increase.

3. We expect solar manufacturers that have a greater proportion of sales devoted to the US to outperform peers.

4. We project 2011 to show a continuation of the computer hardware recovery since the deep cyclical trough of 2009. We project global PC unit shipments to rise 14 percent in 2011, after an estimated rise of 17 percent for 2010.

5. Computer hardware should continue to make inroads into new markets such as self-serve kiosks in the transportation, healthcare and retail areas, based on an ongoing desire to automate transactions and offer consumers more ways to handle business.

6. We see the wide-spread emergence of visualization and cloud infrastructures requiring improved integration of datacenter switches and servers with more advanced delivery functionality. We believe companies with strong application delivery and WAN optimization capabilities, such as F5 Networks and Riverbed Technology will be attractive acquisition candidates for 2011.

7. We believe Microsoft will continue to lose market share in smartphones, as Windows Phone 7 fails to capture the interest of consumers.

8. We expect sales in the video game industry will be slightly up in 2011, after declining for the two prior years, driven by strong sales of Microsoft Kinect.

9. Consolidation in the data storage industry should continue in 2011, by our analysis, with most of the M&A activity being centered on storage software, as opposed to hardware.

10. We expect sales of tablet computers to surge and begin to cannibalize sales of netbooks and mini notebooks.

11. Despite having less functionality than tablet computers, sales of e-book readers will continue to surge in 2011, in our view. We see unit sales increasing from 7 million in 2010 to 11 million in 2011, led by Amazon.com's Kindle.

12. We expect to see at least one major strategic move from an IT services company that caters to the Department of Defense. Companies in this category include ManTech and SAIC.

13. Despite continuing revenue growth, the major India-based IT outsourcers, including Infosys and Wipro should experience margin declines in 2011.