December 8, 2009

Hackers Targeting Banks, Social Sites

A yearly security report released Tuesday by technology company Cisco says that banks and online social networks are growing targets for cyber criminals.

"Criminals have been taking note of the large crowds in social-networking sites," said Cisco security researcher Scott Olechowski to AFP. "They steal them with various techniques."

Strategies used to hack into social-networking sites include grabbing passwords and then utilizing the fact that people only have one password for all their accounts.

Cisco said that a specific computer worm has been spread to more than three million computers since 2008.

Crooks also establish counterfeit profiles to gain entrance onto people's sites and trick them into opening files that contain viruses. Social sites are also beleaguered by hackers out to manage and disturb political dissertation.

"The blending of social media for business and pleasure increases the potential for network security troubles, and people, not technology, can often be the source," said Cisco employee Patrick Peterson. "Without proper cognizance of security threats, our natural inclination to trust our 'friends' can result in exposing ourselves, home computers and corporate networks to malware."

Hackers can comb through profiles for information and emails of employees or accounting departments to "spear phish," or aim schemes at specific workers.

The possibility for workplace computers to be contaminated via a social-networking site is becoming more commonplace due to the increase of a computer Trojan named Zeus constructed to digitally steal money.

Once on a hard drive, Zeus steals data and changes what is viewed in Web browsers so that people who use online banking see view their balance are in reality having their money stolen by hackers.

"Zeus is sold on a retail basis by criminals to criminals," Olechowski noted. People utilize Zeus to empty accounts of "400,000 to 1.5 million dollars a shot."

Spam is also a highly useful method for convincing people into downloading malware or purchasing bogus products. Cisco's report guesses that the quantity of spam globally in 2010 will increase 30-40%.

Hackers are also benefiting from swifter broadband Internet connections in developing countries where people are not as knowledgeable about Internet security.

The rise of spam in developing countries "means that there is a greater rate of compromised machines, which means there will be more banking Trojans and other malware," Stern noted.

Cisco established a Global Adversary Resource Market Share (ARMS) Race chart, which predicts that about 5 to 10% of the world's personal computers are "compromised" by malevolent software.


On the Net: