IT's 9 biggest security threats

Hacking has evolved from a one-person crime of opportunity to an open market of sophisticated malware backed by crime syndicates and money launders

Page 4 of 5

Threat No. 6: Botnets as a service

Botnets aren't just for their creators anymore. Having more than likely bought the malware program that creates the bot, today's owners will either use the botnet for themselves or rent it to others by the hour or another metric.

The methodology is familiar. Each version of the malware program attempts to exploit thousands to tens of thousands of computers in an effort to create a single botnet that will operate as one entity at the creator's bidding. Each bot in the botnet eventually connects back to its C&C (command and control) server(s) to get its latest instructions. Botnets have been found with hundreds of thousands of infected computers.

But now that there are so many active botnets (literally tens of millions of infected computers each day), botnet rentals are fairly cheap, meaning all the more problems for IT security pros.

Malware fighters will often attempt to take down the C&C servers and/or take over their control so that they can instruct the connecting bots to disinfect their host computers and die.

Threat No. 7: All-in-one malware

Today's sophisticated malware programs often offer all-in-one, soup-to-nuts functionality. They will not only infect the end-user but also break into websites and modify them to help infect more victims. These all-in-one malware programs often come with management consoles so that their owners and creators can keep track of what the botnet is doing, who they are infecting, and which ones are most successful.

Most malicious programs are Trojan horses. Computer viruses and worms have long since ceased to be the most popular types of malware. In most cases, the end-user is tricked into running a Trojan horse that's advertised as a necessary antivirus scan, disk defragmentation tool, or some other seemingly essential or innocuous utility. The user's normal defenses are fooled because most of the time the Web page offering the rogue executable is a trusted site they've visited many times. The bad guys simply compromised the site, using a host of tricks, and inserted a few lines of JavaScript that redirect the user's browsers to the Trojan horse program.

Threat No. 8: The increasingly compromised Web

At the most basic level, a website is simply a computer, just like a regular end-user workstation; in turn, Webmasters are end-users like everyone else. It's not surprising to find the legitimate Web is being increasingly littered with malicious JavaScript redirection links.

But it's not entirely a matter of Webmasters' computers being exploited that's leading to the rise in Web server compromises. More often, the attacker finds a weakness or vulnerability in a website that allows them to bypass admin authentication and write malicious scripts.

Common website vulnerabilities include poor passwords, cross-site scripting vulnerabilities, SQL injection, vulnerable software, and insecure permissions.  The Open Web Application Security Project Top 10 list is the authority on how most Web servers get compromised.

Many times it isn't the Web server or its application software but some link or advertisement that gets hacked. It's fairly common for banner ads, which are often placed and rotated by general advertising agencies, to end up infected. Heck, many times the malware guys simply buy ad space on popular Web servers.

| 1 2 3 4 5 Page 4
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.