没有合适的资源?快使用搜索试试~ 我知道了~
How to copy with viurs.
需积分: 0 1 下载量 132 浏览量
2008-12-28
14:46:54
上传
评论
收藏 500KB PDF 举报
温馨提示
试读
19页
dfjsdkfjsdfjieowfjskvjckxjfoisdjfskljdfoiwefjkdsnvcksdjfiowejfksdjfefd
资源详情
资源评论
资源推荐
Web Threats
Challenges and Solutions
Web Security
Web Threat
Protection
A Trend Micro White Paper | March 2008
WEB THREATS: CHALLENGES AND SOLUTIONS
2
White Paper | Web Threats: Challenges and Solutions
I. EXECUTIVE SUMMARY
Motivated by the lure of profits from the sale of stolen confidential information, cyber criminals today are
shifting to the Web as their chosen attack vector, which provides an ideal environment for cyber crime.
Many Web threats can be deployed unbeknownst to the user, requiring no additional action than merely
opening a Web page. Large numbers of users, an assortment of technologies, and a complex network
structure provide criminals with the targets, exploitable weaknesses, and anonymity required for large-
scale fraud.
Web threats pose a broad range of risks, including financial damages, identity theft, loss of confidential
business information, theft of network resources, damaged brand or personal reputation, and erosion of
consumer confidence in e-commerce. These high stakes, the pervasive use of the Web, and the
complexity of protecting against Web threats combine to form perhaps the greatest challenge to protecting
personal and business information in a decade.
Web threats employ blended techniques, an explosion of variants, and targeted regional attacks often
based on social engineering to defraud users. And these threats often use multiple protocols, such as an
email that delivers a link to a dangerous Web site, using both the SMTP and HTTP protocols in the attack.
Conventional means do not provide adequate protection from these threats, and no single method or
technology will improve this situation. Instead, a multi-layered, comprehensive set of techniques must be
brought to bear. This white paper describes Web threats, how they function, and their impacts; it explains
why conventional methods fail to protect against these threats and describes the characteristics of a new
approach required to ensure security, regulatory compliance, and business continuity.
II. INTRODUCTION: AN UNWELCOME SCENARIO
Robert, a Human Resources Director at a large law firm, arrives at his office on Monday morning, logs on
to his computer, and scans his new email. He opens an email from a large employment site he uses
frequently, clicks an embedded link, then logs on to the site to view his postings and responses. Robert’s
client status entitles him to access job seekers’ personal information, which he uses to perform
background investigations and credit checks. Unbeknownst to Robert, the email was actually fraudulent,
spoofing the employment site. When his email client rendered the images in his message, malicious code
contained in the .jpg file secretly downloaded an executable file, which ran automatically on his computer.
This malware logged keystrokes on Robert’s computer, capturing his login information when he accessed
the job site and providing this information to the hacker.
In August 2007, a very similar scene played out as cyber criminals infiltrated the monster.com job site
through “Monster for Employers” accounts, compromising the personal information of 1.6 million users.
Many of these users then received official-looking emails, claiming to be from monster.com and
encouraging them to download a “helper application” that turned out to be yet more malware. These
WEB THREATS: CHALLENGES AND SOLUTIONS
3
White Paper | Web Threats: Challenges and Solutions
attacks were well-researched, using familiar language and branding, and coded to transfer data slowly,
under the radar of IT administrators looking for suspicious network traffic.[1]
Web threats also include malware that is downloaded from an email attachment, but accesses the Web to
convey information to the hacker. In 2007, fraudulent emails were sent purporting to be from the Federal
Trade Commission. These emails claimed that a complaint had been filed against the company and
contained an attachment. If the recipient opened the attachment, a keylogging Trojan was deployed that
attempted to steal login information from the user’s computer and send it back to the hacker. [2]
Phishing is a prevalent Web threat, spoofing legitimate companies to trick people into providing
confidential information. Consumer phishing is wide-spread, sending emails that spoof organizations like
banks and on-line retailers. These phishing emails often use links to take recipients to Web sites where
confidential information is gathered. Employees can fall victim to these consumer threats, but phishing
can also affect corporations more directly. In 2005, phishing emails targeted CEOs and other high-level
executives of US credit unions in an attempt to gain control of millions of personal financial records. The
email messages contained a link to a Web site where a Trojan was downloaded. Even one successful
infection could have caused millions of dollars of damage and caused irreparable harm to hundreds of
thousands of users through identity and asset theft. [3]
But Web threats don’t just steal confidential information; they can also steal network resources.
Variations of e-greeting card spam were sent throughout 2007. These simple spam messages told
recipients that a friend had sent them an e-greeting card and to follow the link in the email to view the card.
If recipients followed the link, it took them to a Web site that downloaded malicious code. This code
hijacked the computer, turning it into a “bot” and allowing the hackers to use the machine for their own
purposes—sending spam, hosting malicious Web sites, and much more. Consumer and corporate
computers were infected by the millions. Hackers network these infected computers to create botnets,
stealing resources and further perpetuating their fraudulent activities.
Unfortunately, around the world, scenarios like these are unfolding at large enterprises and small
businesses alike. A large and growing number of so-called “Web threats,” like the ones described above
but in an infinite number of varieties, are wreaking havoc, usually unbeknownst to the companies they
affect. Cyber criminals are stealing lists of social security numbers from health care organizations, credit
card numbers from financial institutions, proprietary information from technology companies, and
resources from all industries. These compromised machines and identity thefts are eroding consumer
confidence in the ability to maintain the privacy of their information, undermining online banking,
transactions, and e-commerce.
WEB THREATS: CHALLENGES AND SOLUTIONS
4
White Paper | Web Threats: Challenges and Solutions
III. WEB THREATS DEFINED
Web threats are any threat that uses the Web to facilitate cyber crime. They are sophisticated in their
methods, using multiple types of malware and fraud, all of which utilize HTTP or HTTPS protocols, but
can also employ other protocols as components of the attack, such as links in email or IM, or malware in
attachments or on servers that access the Web.
The creators of such threats frequently update Web site content, variants, and malware types in order to
evade detection and achieve greater success. Web threats based on malware are hidden within Web
pages and victims are infected when they visit the page. Fraudulent sites mimic legitimate business Web
sites and use social engineering to request visitors to disclose confidential information. Individuals once
characterized as hackers, virus writers, spammers, and spyware makers are now simply known as cyber
criminals with financial profit their primary aim.
Over the last 15 years, information security threats have evolved through a series of incarnations. In each
case, malware writers and fraudsters sought out the medium that was most used and least protected (for
example email). Today, a new wave of threats is emerging that uses the Web as a delivery vehicle. These
Web threats are gaining traction at a time when the Web has become a major commerce engine as well
as social networking vehicle, with usage continuing to grow. At the same time, the Web is relatively
unprotected, compared to messaging for example, as a medium to deliver malware and conduct fraud.
According to IDC, “Up to 30% of companies with 500 or more staff have been infected as a result of
Internet surfing, while only 20%-25% of the same companies experienced viruses and worms from
emails.” [4]
However, email is often a component of a Web threat attack, using social engineering to get users to
follow links to dangerous sites. The growth of the Web creates a “perfect storm” for the advance of Web
threats: a relatively unprotected, yet widely and consistently used medium that is crucial to business
productivity, online banking, and e-commerce as well as the everyday lives of Web-savvy consumers.
Emerging Threats: Web 2.0
Web 2.0, the collection of next-generation interactive technologies bringing dynamic,
rich content to social networking and information-sharing sites, provides many new
threat vectors to cyber criminals. For example, the popular networking site
facebook.com is a platform that allows third-party developers to create powerful scripted
applications that can access user account details and execute within a browser window.
Users can add additional applications and grant access permissions with just a few
clicks, and when they do, on-site messaging encourages the user’s friends to do the
same. This viral networking pattern opens the door for tremendously fast-spreading
malware. The classic Web 2.0 exploit is the “Samy Worm” (JS.SPACEHERO) created
by a teenager that infected over one million users in less than a day.
剩余18页未读,继续阅读
tiandidapengniao
- 粉丝: 24
- 资源: 11
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0