Upload
anabel-west
View
214
Download
1
Embed Size (px)
Citation preview
Web Attacks—Offense…
The Whole Story
Yuri & The CheeseheadsMark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano
Introduction
White paper was informative Contained a few weaknesses
Cited a study that focused on two areas that Symantec was strongest in combating
Lacked detail regarding legitimate web site threats
Missed risks presented by Social Networking sites
Stated Goals
Educate end users to make them more secure
Explain types of attacks Drive by Downloads Clickjacking Fake CODECS Malicious peer-to-peer files Malicious Advertisements Fake Scanner Web Pages Blog Spam
Offer solutions to minimize risk
Symantec Funded Study
Cascadia Labs Tested Two Types of Attack
Drive by download Fake CODECs
What About Other Threats? Clickjacking Fake Scanner Web pages Peer to Peer Blog Spam
Lasting Perception of Results
Results of Study Presented at End of Paper Based on two types of Attacks Reader is aware of all threats Reader is left with false sense of confidence
Infection of Legitimate Websites
White paper lacked statistics Spoke in generalities regarding level of threat
by legitimate websites We found more specific information
70% of the 100 most popular websites Malicious content or hidden redirect
16% increase over the 1st half of 2008
Legitimate websites compromised Exceeds the amount of sites created by criminals
Web Site Infection Details cont’d
45% of the top 100 web sites allow user generated content Most active distributors of malicious content
Enable criminals to post malicious links, multimedia files, or send malicious e-mails to users
Top 100 web sites in terms of traffic are predominantly two categories Search Engines Social Networking Sites
Missed Risk Identification
Social Networking Sites Treasure trove of personal data
Birthdays, location, and employment history
66% of phishing attacks in the U.S. were directed towards social-networking sites
Impersonating someone else and building up a network
Creating an on-line profile prior to the real person creating one
Using the network to extract personal information to access financial data
Social Networking Sites’ Risks cont’d
A means for distributing worms Koobface
Distributed in 2008 through Facebook Notes to friends of someone whose PC has been
infected “See how great you look in this video”
Directs recipients to a website that asks them to download a version of Flash Player – infects computer
Takes them to contaminated sites when they try to use search engines like Google, Yahoo, MSN and Live.com
Worms through Social Networking
Twitter Stalkdaily and Mikeyy
Tricked users into clicking on a link to a rival social network
17 year old created the worm “out of boredom” Second worm exploited the original flaw
After Twitter claimed to have closed the holes
These sites are vulnerable
Conclusion
Overall white paper is informative Weaknesses
Limited study presented in article Lack of details regarding legitimate web site
risks Missed risk
Social Networking Sites
Existing Countermeasure Missed(from T’Bone and Tonic) Plethora of third party security tools that exist
to prevent some of such attacks the “No Script” extension for the Mozilla
browser Lavasoft Ad-Aware and Spybot S&D
References
Number of compromised websites at all-time high http://www.securecomputing.net.au/News/
135019,websense-number-of-compromised-websites-at-alltime-high.aspx
Phishers Attack Social Networking Generation http://software.silicon.com/malware/
0,3800003100,39185353,00.htm Destructive Koobface Virus Turns Up On Facebook
http://www.reuters.com/article/newsOne/idUSTRE4B37LV20081204
Teen Takes Responsibility for Twitter Worms http://news.cnet.com/8301-1009_3-10217684-83.html
Fake Social Network Profiles: a New Form of Identity Theft http://www.readwriteweb.com/archives/
fake_social_network_profiles_a.php
Questions?