THE CONSTANT UPWARD GRAPH OF MALWARE ATTACKS


In the recent spate in high-profile attacks, malware has been the tool of choice for hackers. 2011 seems to be a landmark year hackers with scam attacks, including the politically motivated online attacks on social networking sites like Twitter, Facebook, Android Market. These series of upsurge attacks are alarmingly the fact that nothing, rather no one is secure on internet. The World Wide Web continues to top malware infection wherein emails are a host to malicious attachments and links, while websites come in as a host to a wide variety of exploits and drive-by downloads targeting browsers and applications alike.

For online users, individuals or organizations, malware has always been a significant threat. A rapid rise is being witnessed that is more than capable of compromising, damaging or acquiring sensitive data which can either be personal or could lead to loss of intellectual property in the overall threat landscape. Statistics say that, rather than being hacked by using an exploit; IT users are more likely to be tricked into downloading malware. Hence, there is a continuous challenge in detecting and preventing such threats. Though, not all of these attacks are socially engineered, however, the technique is being used to evade security programs and is being applied to the web that increasingly triples the distribution of malware, of which 55% (Malware) is now delivered via Internet downloads, whereas only 14% is delivered through malicious emails. Which means that as there are more than a handful that don’t understand the complexity of web based threats, from a hacker’s perspective tricking users into installing malware is much preferred.

Also, the inappropriate use of SEO is on the rise. Attackers lure the users to the sites that contain the malware software and expose them to fake Anti-virus downloads, Trojans, worms and fake surveys. In addition to Search Engine Poisoning, the upturn in social networking sites makes them the prime focus of cyber criminals. As the information accessibility and services are interconnect and interdependent of each other, it opens more opportunities for more effective attacks on individuals and organisations.  The emerging Java threats due to Java plug-ins soon will be ruling the malware distribution. Also, URL Shortcut services and Location services contribute greatly in the business of malware distribution. URL Shortcut services will be witnessed.

Apart from creating new malware, Cyber-Criminals are effectively re-modifying the code of known deceased malware. A very good example would be that of the Ramnit Worm which has recently morphed into a financial malware. Moreover, there has also been an enormous increase in malicious programs accounting for at least 25% rise in fresh threats when compared to similar months in 2010. Trojans dominated the line of newly detected threats comprising of at least 70% of all newly created malicious software.

There was a whopping $114 Billion loss due to cyber crime itself cost the world last year. With over 2.9 million users falling as victims to cybercrimes, India alone stood at a loss of $7.6 Billion or Rs 36,200 crore out of which $4 Billion was the total financial loss while $3.6 Billion was the amount spent to resolve reported theft. Of the total amount reported a mere 21% of victims actually reported the crime to the police. Despite the efforts made by security vendors, only 16% had security software installed on their cell phone while 21% had on their PCs. Also, additional $274 billion was lost, based on the value victims placed on time lost due to their cyber crime experiences. More than two thirds of all adults who used the Internet more were victims of cyber crime. While most issues are more than preventable, over 54% of online users have experienced malware followed by 11% in online scams and 10% in phishing scams. In comparison to 2009 and 2010, there has been a decent increase in malware amounting to 19% in 2011.

There key reason for this increase in the cyber attacks is financial profit. Also, there been a whole automation in terms of the creation of malware due to the web attack toolkits that are growing at a rapid rate as the chosen weapon.

On the other hand, the way cyber crime is dealt by people online shown by the overall number of infected users itself signifies a defect. According to studies, in the last one year the overall number of users infected with regard to online cyber crime has tripled in comparison to offline crime. A major flaw is been noticed in the way users perceive online threats. There is a huge gap between awareness and the action that needs to be taken by IT users. Approximately, 80% of PC users are aware of cyber crime as a growing threat, however the necessary precautions are not being taken against it. At times, either the Security is outdated or the implementation of the necessary updates to protect users from complex threats id not up to the mark.

With respect to enterprises, cyber crime is increasing at an alarming rate with over $30 Billion being invested annually on corporate defences and cyber criminals are invariably being able to evade these conventional defences. In fact, even the most security conscious industries are vulnerable to online attacks such as HBGary, Epsilon, RSA and DigiNotar, Comodo– to name a few.

NOW COMPUTERS WILL UNDERSTAND YOUR PAIN!


When we are sick, the worst thing that we go through is someone questioning what exactly you are going through… where is it paining and to what extend is it paining… its very irritating… right? In addition, the situation is tougher with infants, elderly, debilitated or unconscious patients.

Pain being considered to be the fifth vital sign, it is considered as one of the key elements of the patient assessment. Doctors completely rely on patients to tell them whether they are in pain. Well, however, gone are the days when we had to keep trying to explain to our doctor how much something hurts on a scale of one to 10. Recently, the Scientists at Stanford University have taken an initiative in creating a new gold standard for assessing pain using computer learning software.

As the research and development continues for this innovation, the scientists have been able to predict most of the time whether the volunteers are experiencing pain or not. Moreover, to get these results, they have combined computer-learning software with a catalogue of MIR brain scans. For the study, the team uses a linear support vector machine – a computer algorithm – to classify patterns of brain activity and determine whether someone is experiencing pain. For this, the volunteers who undergo the brain scans are touched by a mildly heated probe and then again on a painfully hot setting. The computer uses data from these scans to recognise different brain activity patterns that occurs when a person is detecting heat, and which ones detect pain. It is estimated that, in these tests the computer has been more than 80 per cent accurate in detecting which brain scans are of people in pain or not. Conducted in a controlled laboratory environment, the study is said to need a further research to detect if the technology can be adapted to accurately show chronic pain.

Using this neuro-imaging technology, apart from the scale of pain, the team has also been successful in detecting whether the patient is in a state of pain or not. Hence, eventually with the use of this technology, doctors will be able to detect pain better and will be able to give better treatment of chronic pain.

So, the next time when we go to the doctor and he has this question in his mind for us that how much does it hurt, their computer will help them tell how much pain their patients are experiencing.

I agree it is a great innovation, and fingers crossed…. I pray that it meets the standards successfully. However, I would like to make a point that no matter how successful this innovation is, it will not give accurate results if the malware and other viruses affect it. Such malicious creatures have the tendency of disturbing the working of softwares installed in the computer as well as the whole computer rather. Moreover, this will lead to inappropriate treatment, thus increasing the complexities in the patient’s health. Hence, an Anti-Virus is a must for such computers.

Otherwise, how will the computer understand the pain we are going through?

IF JUNK… JUST BUNK…


Many a times we have received an e-mail that says something like: “Forward this e-mail on to 10 people and receive good luck for a month!” Or “If you forward this to 10 people, you’ll see something funny on your screen after you send it or forward this on to ’10’ of your friends” or “sign this petition” or “Forward this mail to 10 people or you’ll get bad luck,” or ” Forward this mail to 10 people and you’ll get good luck,” or “you’ll see something funny on your screen after you send it” or the very famous ‘Microsoft Email Lottery’!

I am sure almost 99% of the “Please forward this to everyone” emails we get almost regularly contain at least some misinformation. Rather sometimes, the entire email is completely a hoax. Even the one trying to warn us of some great peril are usually worthless, like HIV infected needles in coin return slots, gang member initiation rituals, kidnap attempts in parking lots, or simple procedures that will save someone in an emergency medical situation, at times are outrightly dangerous (if they contain virus).

Also, the e-mails that ask you to add your name and forward on to others are similar to the mass letter. Many of us must have also received emails that say that “you can do your friends and family members a great favor by sending this information to them. You will be providing a service to your friends.”

I have also received many of the emails that try to play with our conscience by saying that “send this e-mail to 10 people… if you’re not ashamed of God/Jesus” or also the e-mails that talk about a missing child or a child with an incurable disease, “how would you feel if that was your child”…

I know these mails are received by many of us quite occasionally. My question is that how many of us respond to such mails as instructed? And what happens when we do so?

If I am not mistaken, the answer is NOTHING ACTUALLY HAPPENS! True… we neither win any lottery… nor do something good or bad happen with us! So what is the purpose of these chain mails? When no one gets anything out of it… why do these mails… sorry chain mails keep knocking our inboxes?

Well, as it is said that in today’s world nothing happens without a reason… same applies for internet world!

These chain mails have tracker programs attached to its e-mails that track the cookies and e-mails of those whom you forward them to. It is one of the ways to get names and cookie tracking information for telemarketers and spammers. This activity helps them to validate the active e-mail accounts for their own profitable purposes. It so works like this that every time the mail is forwarded, the host sender gets a copy and then he is able to get lists of ‘active’ e-mail addresses to use in spam e-mails or sell to other spammers. In some cases, such mails also waste bandwidth and clog ISP’s mail servers.

Yes… it’s true…! The fact is that these spammers really don’t care about how they get our e-mail addresses as long as they get them.

Well, all I would say is that do a favor for yourself by stop adding your names to such types of listing… no matter how real they might sound, making you feel guilty that if you don’t…. just ignore them and do not participate!

In case we follow the instructions thinking that somehow, somewhere we are supporting a great cause, actually we are not! Just remember that such mails are all about getting e-mail addresses and nothing more! Rather we are inviting tons of junk mail in our inbox that may bring lots of deadly viruses to your computer! As apart from such emails firing up a program that can track where an email has gone and report back to a marketer, they can launch a program that installs itself on your computer to do all kinds of nasty things like, pop-up ads, using your computer to send out spam, or keyboard watchers, etc.

When someone sends one of such mails to us and 20 other people, our email address with such activity gets on the machines of 20 people. If 5 of them forward to 20 more people then our email address is now on about 100 different computers. The reason is that by default, most email programs include the entire list of people the original was sent to when it creates the forwarded copy. And if this activity is repeated a few more times, congratulations as without you doing anything, your email address is on thousands of computers!

Apart from ignoring such emails, the other best way to save you is to have an updated Anti-Virus. Never open an email attachment that you were not expecting. If an email comes through with an attachment, always check with the sender before opening, even if it’s someone you trust. The best idea is to just click the button marked Delete. Don’t click the Spam button as this will add the senders e-mail address to the spam list, and other genuine e-mails the person sends you could also get treated as spam. Also, the sender’s e-mail could get added to the companies black list, which may result in most of their e-mails also being treated as spam to other people they are e-mailing as well. This might not just affect us but others too!

So, conclusion is that by forwarding e-mails just can’t bring us luck or bad luck… if we don’t forward! And, above all the pain and suffering we go through; we are actually helping those spammers to get rich! Let’s not make it easy for them!

So if you are still someone who continues to forward the chain e-mails expecting any luck or due to the fear of bad luck, I urge you to stop this practice… If any junk mail in your inbox… just bunk it!

Internet Threats to children


I recently read about investigation that resulted in child rape charges against a 19-year-old in Salisbury with an ugly journey into the world of Internet crime and child pornography. As the investigation proceeded deeper into the underground realm of child pornography and Internet crime, this extensive nature of the danger to children goes far beyond what most of us would imagine.

Internet has proved to be a both boon as well as bane for this generation. With the rapid & intense penetration of Internet in our lives, our screen time is increasing day-by-day. Today’s world is full of information that is accessible to all age groups just with a click. This age group can be as young as 4 years to as old as 70 years. All the information, good or bad is right in front of children which can be both misused and put to good use.

Today, children are exposed to a wide variety of information on the internet. Statistics shows that approximately 80% of children who are five years of age use the Internet at least once a week. And I am astonished to know that over 60% of children from three years are watching movies on the Internet and mostly are using Internet TV. It is estimated that time spent watching TV is 47% of all time spent to the media devices by children and 90% of 5-9 year old children on a daily basis reads books for at least an hour. However, children’s screen time is increasing day-by-day every year, though the books time remains the same. Well, that is the only reason I feel that children of such an age are quite vulnerable to Internet threats. Frankly speaking, at times, they even don’t exactly know, at which link they are clicking and whether the Internet site is free of Malware, Spyware and Viruses. No doubt, many times they land up navigating child-sensitive content sites that can affect child’s psychological health. Their inquisitive mind does also have some questions about some aspects of life. They have found the answer on internet and now know how to access the tool quite well. They easily become victims as they don’t know what they’re getting themselves into when they respond to Internet predators.

With social networking sites like Facebook, Twitter, Google+, and many, the current generation seems to be too much obsessed with themselves. They have these so-called ‘short attention spans’ and a childlike desire for constant feedback on their lives. Well, why should someone be so much interested in what someone else has had for breakfast or gets stuck in traffic or goes out for shopping? Though the present scenario is that, children who are these social networking site users, feel the need to become mini celebrities who are watched and admired by others on a daily basis. They do things that are Facebook status worthy and keep updating about their lives on these walls because they feel that this is the only way they can define themselves by ‘people knowing about them’.

It is almost as if they are going through some kind of identity crisis…

In a sense it seems as if keeping the brain in a sort of time warp…

It is almost as if people are living in a world that is unreal where what counts is what people think of you or if they can click on you…

And to gain attention children don’t even bother to know much about whom they are adding… all they want is to have a fan following…! They don’t know that with updating almost about every move and activity, there are chances of them being kidnapped easily, too!

I am not a psychiatrist, though somewhere I feel that this growth of so-called ‘Internet friendships’ have the capability to effectively rewire a child’s brain that can result affecting their concentration, a need for instant gratification and poor non-verbal skills, such as the ability to make eye contact during conversations…!

Talking about the child rape charge in Salisbury, the fact that somehow the victim’s mother discovered those disturbing e-mails sent to her son by the criminal was the reason behind the investigation which was initiated. The e-mails were soliciting the boy to pose nude for money for pictures to be posted on a graphic Internet pornography site and criminals very clearly told victim that he earned a lot of money doing exactly the same thing. What if the victim’s mother could not have been able to get access to those emails? Imagine the mental state of the innocent who is going through such situations!

Well, the ideal solution for parents to prevent their children from falling victim to such Internet-borne child predators is, knowing where your child is wandering in the Internet. I have heard about many parents logging onto social networking sites like Facebook to spy on what their children are doing. They did it to avoid having ‘awkward conversations’ with the children but I feel the reason here is also that they feel it is the only way they could find out about their lives. Yes, ‘overprotective’ instincts are the reason… and I respect that!

On the other hand, majority of the cases are found where children know more about computers than their parents do; they even know how to hide things. At times I feel the need to pull in some kind of law enforcement to make sure that parents are educated enough about computers and the Internet so as to safeguard their children. It’s a new age. Hence parents need to be alert!

Children on the other hand may feel that their privacy gets disturbed with parents doing so. And I have come across few groups on face book such as ‘For the love of god-don’t let parents join Facebook’, with more than 7,700 group members. Well, all can say is that this is the world we live in now!

So if you feel that your child is spending a lot of time on the Internet, I recommended you to use a good Internet Security Suite that offers you with an effective ‘parental control’ feature. Because as a parent, it is your duty to take control of the website/content they are viewing or gathering information and e-security plays a major role in this. If the computer is secured and protected with the good security suite then the website/content can be guarded and children’s interest can be taken care off. There are innumerable websites that contain adult content, games and objectionable pictures or movies that can create a long lasting impression on these tender minds. Hence, a good security suite would help the parents as well as their children to answer the questions only relevant to their age and interest and the website/content which is not required can be filtered.

Also, if possible computers at home should be in places where you can walk by and see the screen, not in children’s bedrooms behind closed doors. Also a good idea is to set up all computers and be the administrators so you as a parent can control access to all its parts and programs. Avoid children being the administrators of their computers. They are capable enough to control their parents’ access to it, allowing things to be hidden!

Quite smart enough… right! 🙂

Oops… you are caught!!!


When Doctor Martin Cooper invented the cell phone, his thought must have not traveled the horizons to the extend today his invention is being used. He might have invented it for the purpose of easy communication, though with the advancement of device, now anything and everything is possible using a cell phone.

My imagination goes beyond what’s happening these days and if I relate it this way- I can eat through cell phones … I can drink through cell phones and I can sleep through cell phones….  – I may not be wrong… I guess!

To this I can add – I can have fun through cell phones too!

The modern cell phones / smart phones not only facilitate taking pictures and video clips but also sending them to some one too. No doubt this seems to be a great tool to share candid moments with friends and family at a later time. However, we all know that there are some pictures and videos which we access secretly for our pleasure. Now, that’s were you are caught!

No…. no… no…. I don’t say that you will be caught watching those pictures or videos secretly, but I mean to say that you may be caught and be a victim of some hackers.

I remember some time back a professional hacker announced in an IT security conference that he could hack any cell phone or iPhone in the world by just a text message. Cell phone getting hacked is not a new thing these days. There are infinite victims to it and seems that with the advancement in technology, it will too reach heights.

I also remember reading about a so called ‘Sexy View worm’ attacking the cell phones. All it does is sending a text inviting users to look at pictures and, if unfortunately user tries to look at the pictures, it will take over the phone just the way a Botnet takes over a computer, and then send itself to the entire contact list. As many of us mix business and pleasure via mobile devices, it is more of a struggle to keep sensitive information safe.

As we see that these smart cell phones today have all the power of computers, this means that a smart phone can fall prey of all the same types of attacks that could happen to a computer. These attacks include viruses and other malware, activities like Phishing for passwords and other information; theft of data stored on or sent to or from the phone, and spam. Also, with social media expanding to mobile devices and proving as successful marketing strategy, many threats are attacking these sites and it is quite common to find a malicious URL link. Text messages also are a very common way to receive malware.

It is not at all possible to ban the use of cell phones, seems impractical right ??? But I feel that if we take the security issues little seriously we can be saved from being caught.

All you need to do is try to follow some security practices that can help you keep cell phones out of harm’s way like, having a password protection on your cell phone and using encryption. You can use Anti-Virus for your cell phone and make sure you keep it up to date. With this you will be able to protect your cell phone from viruses and other malware. Though at times we are eager, but if possible, avoid opening suspicious or unsolicited SMS, even if it appears to come from someone you know else you might end up paying for that premium call. Also avoid downloading or installing applications from insecure / unknown websites.

Social networking sites like Twitter and Facebook have been the target for some of the recent most successful Phishing attacks. And these days accessing these sites on cell phone are very common. Hence beware of such attacks. Do not use your passwords or other personal information to any site or service, you feel suspicious about. Do not store your sensitive banking information and passwords on your mobile.

We usually prefer Bluetooth as an alternative to a physical wire, helping us to connect with appropriate devices within its range. This can too lead to a Malware attack, like CommWarrior. Hence, make sure your Bluetooth is off as a default setting. Apart from this, also make sure you use the secured Wi-Fi network, which you know and trust.

In case you lose your cell phone, make sure you inform your service provider and block the SIM card.

Not only security of your cell phone is in your hands, but also of the data in it too!

Isn’t it ????????

Bin laden survived with Malware for terror!


Laden Laden Laden… ufffffff..!        A complete terrorist….

Just after the announcement of the death of the most wanted terrorist, Bin Laden (biggest rather most symbolic news of the year), FBI warned the computer users to be cautious if they receive any mails which contains the photos or videos of Laden’s death. A press release was rotated immediately by FBI which claimed that such mails could contain a malicious Malware which can penetrate into user’s system and spread the users contact list, by affecting the system of users as well as his friend sand family members too!

Seems there is this strange relationship between US and Laden! No doubt, he has been responsible for the sufferings and terror filled hearts of America. Now, with most wanted criminal’s death (which is just a news or …), the other i.e. Cyber criminals has began their part of crime by trying to capture confidential records from computers. You see he leaves a legacy behind him….!

Laden’s death, known to be one of the fastest exploitations of information ever, tricksters started manipulating the news, just after US President Barack Obama’s conference on Laden’s death, and initiated it by inserting Spyware and other Malware into links and graphics designed to draw immediate and widespread attention.

Osama Bin Laden may be dead, but the terror being inflicted in the name of his death by cyber criminals seems to be a threat, truly! Hence, advised by FBI (officially) to adhere caution to prevent becoming a victim of this so called terror while on cyberspace.

More over, a slight impact at the stock market too has been realized with Laden Effect, though the reason may be, investors celebrating Laden’s death!


%d bloggers like this: