On October 25, 2007, Elcomsoft Co Ltd. in Moscow, Russia filed for a US patent on a reportedly new password recovery method that makes use of a video card's graphics processing unit (GPU). Elcomsoft credits the February 2007 release of the NVIDIA CUDA C-Compiler and developer's kit for providing the necessary low-level GPU access they needed to make this cryptographic advancement. The newest NVIDIA GPUs act as multiprocessors that utilize shared memory, cache, and multiple registers. The newest graphics cards utilize fixed point calculations, relatively massive amounts of memory, and multiple processing units. They differ significantly from a computer's central processing unit (CPU) in terms of their cryptanalytic processing capabilities and Elcomsoft claims to have leveraged newer GPU architectures to improve brute force password cracking by a factor of 25.
Statistics from Elcomsoft state that the new method can be used to exhaustively crack an eight...
Wireless Equivalency Protocol (WEP) has been one of the hottest topics in Irish news over the last few days. One of the leading providers of DSL in Ireland has supplied users with wireless routers protected using WEP. What made this newsworthy is that it has emerged that the WEP keys used to encrypt the network traffic and to control access to a private network were generated using the (Service Set Identifier) SSID. The algorithm used to generate the encryption keys has been analyzed and a tool is freely available which allows anyone within range of the router to trespass on a wireless network that has been secured using the default settings.
The DSL provider and media reports are advising customers that if they change their WEP keys, they will be safe from any trespassers or malicious attackers trying to get onto their network. While it is true changing the default WEP settings will mitigate this particular attack it will not make your wireless network secure.
Yes this could be a 500 page book, but I’m going to try to present the future of security in fewer than 1,200 words.
Up to now in this anniversary series, my fellow Symantecites have been discussing what has happened over the past 25 years around security and how Symantec and the industry have grown to meet these challenges in a number of areas, from malicious code and vulnerabilities through to modern day threats such as phishing. We’ve come from a world of floppy disks and modems into a world so connected and converged that few of us could have imagined how it would have become so in such a short time. The rate at which technology has evolved and been adopted has, at times, left security analysts scrabbling to catch up – which, in turn, has created significant risks.
First a little history: I’m one of the many people who came to work for Symantec via acquisition. I used worked for @stake in Europe for a number of years before the acquisition as a...
With the dawn of networked computing, users were granted on-demand access to their data and computing infrastructure. The gained connectivity, of course, led to an increased exposure to attacks. Attackers no longer required any physical access to the machines or to the portable media. Establishing a connection to the network (PSTN, Tymnet, DATAPAC or the Internet) and knowing the target’s network address accomplished the same task remotely—thus beginning the information arms race between the attackers and the administrators. While one side was gathering information for gaining access and circumventing restrictions, the other was trying to patch vulnerabilities and protect their assets.
During this time, factions began to form as those with similar interests...
Code Red, Nimda, and Slammer (also known as SQL Slammer) are three of the most well known computer worms in the relatively short history of computers. Well known not because of their creatively selected names, but because of the massive impact they had on a widely used Internet. They weren’t the first worms to threaten the fabric of the Internet, but they hit at a time when the Internet was becoming very popular. It was a time when it was beginning to be widely used not only by governments and educational institutions, but also by people, corporations and non-profit organizations alike for communications and business.
Everyone who commonly used a computer when these malicious worms hit the Internet will remember them. Not only did they take down a number of government, corporate, and educational networks, but some of those not directly affected voluntarily shut down their networks as a precaution. But how were these things so effective and wide-ranging? How...
After the success of the W97.Melissa virus in 1999, mass-mailing became the next big thing in viruses. This trend continues even today. Different methods have been tried over the time, but they fall mainly into two categories: exploits and social engineering.
Perhaps the most successful example of social engineering came on May 4, 2000 when VBS.LoveLetter called inboxes everywhere just to say “ILOVEYOU". At that time, curiosity easily outweighed security, especially with such a provocative subject line. Many people opened the email and then clicked on the attachment named "LOVE-LETTER-FOR-YOU.TXT[.vbs]" (the .vbs part being hidden by default on many systems). The resulting mess spread across the world during that same day, and...
Back in June of 1992, I joined Symantec’s nascent antivirus team as a scruffy intern after a brief stint with the Norton Commander and Norton Desktop teams. At the time, Norton AntiVirus was a third-tier product with virtually no market-share. But that was about to change. That summer, Symantec hired over a dozen contractors to drastically improve Symantec’s detection rate and make us a world-class product. To give you an idea, back in 1993, top-notch products detected about 1,400 virus strains.
Over the course of that summer, and during my follow-up internships over the next few years, my teammates and I quickly realized that viruses were evolving at an extremely rapid pace, and would soon prove impossible for NAV’s core detection engines to detect. A detection engine is the heart and brains of the antivirus product; it performs all of the actual virus fingerprint scanning, and ours was quickly becoming obsolete.
Part I on Friday discussed the early days of phishing from relatively harmless spam to targeting the financial sector and then to an increasingly professional operation with serious consequences for both organizations and individuals.
The threat evolves further
In a technical sense, phishing has evolved in a number of ways. Phishers are conscious of the different anti-phishing technologies out there – many of which employ block lists of suspicious Web sites. Block lists work by matching the URL that appears in the address bar of the Web browser with a list of known phishing Web sites. If there is a match, the user is warned. To get around that, in September 2006 many phishers started randomizing the sub-domain portion of the URL. While these URLs lead to the same site, no two are the same, and therefore the technique circumvents basic block lists.
Phishers are also privy to the fact that their pages are being viewed...
Symantec is celebrating its 25-year anniversary and, during the course of the company’s history, we’ve seen the threat landscape evolve continuously. Many of the threats we routinely address today were practically unheard of in the early days. While much of the activity back then was centered around viruses and other forms of malicious code designed to wreak havoc on customers' personal computers, today’s landscape now includes new threats that can wreak havoc on customers’ personal lives, stealing their money and also their identity.
One of these emerging threats is phishing. Phishing is a threat whereby attackers use social engineering mechanisms, in a fairly automated way, to trick victims into divulging sensitive data that can later be used to assume a victim’s identity on an online site or in a financial transaction. Throughout 2006, Symantec observed over 300,000 unique phishing emails and blocked these messages in nearly three billion phishing instances. Phishing...
The hacker's place in the pop culture continuum is as anti-hero. This is an image portrayed in movies and novels - the hacker is a wild-card with the power of deus ex machina who can be called upon to cheat technology or exploit a loophole in the system. Since computers don't lie and the system is perfect, the hacker invokes black arts in gross defiance of reality and the law in order to accomplish his (as hackers are overwhelmingly portrayed as male) goals. Yet we often sympathize with the fictional hacker for this exact reason. The system irks us and we often wish we could circumvent it.
The nineties had its own hacker anti-hero: Kevin Mitnick.
Most of Mitnick's story has been told by the media and in a book entitled Takedown, by John Markoff and...
Over the last few decades, markets and economies have been revolutionized with the advent of this powerful medium we call the Internet: Access to information and freedom of expression are not limited to any geographical boundaries; the world has shrunk to the size of electrons. I keenly remember the challenges facing the protagonist in Phillip Dick’s science fiction novel, ‘Do Androids Dream of Electric Sheep?’, while dealing with rogue androids. The Internet, with its decentralization, openness and commercial dependability has become the haven for a new breed of criminals, where botnets rule the dark, creepy labyrinths. Throughout this time, we at Symantec have been at the forefront in fighting this war of information accessibility and reliability.
Right now, botnets are one of the most concerning problems in information security and are considered to be source of all evil like spam, click frauds and denial of service attacks. Bots are software and...
t has been almost 14 years since Scott Chasin began BugTraq to discuss computer security vulnerabilities in detail. Since then, it has grown from a small email list to become a top industry source for vulnerability information and, along the way, helped advanced many of the changes in the industry through its full disclosure policy. What a long and strange trip it has been since then. But one thing remains the same, the constant struggle to do what is right in a field full of moral landmines.
Any field that deals in issues of security and safety, from medicine and insurance to airport screening and immigration, will contain many difficult moral dilemmas. Often these problems are rooted in finance and the different ways money incentivizes or disincentivizes people and organizations. Ideally, monetary and other incentives would be aligned with the moral thing to do. Often, though, this is not the case. Just as often, what the moral or right thing to do is not altogether...
The hacking scene is definitely not what it used to be. Though it seems hard to remember, there was a time before vulnerabilities were posted to mailing lists every day, you could sell exploits to corporations and hacking groups were being turned into security companies. There were few established laws restricting hacking and a simple Internet search returned a massive amount of detail on how to hack. It was a time when a few small groups of elite technology enthusiasts, driven largely by curiosity and mischief (vs. malicious) became some of the most notorious and powerful hackers of all time.
This was the era of groups like the Legion of Doom, the Cult of the Dead Cow, the Masters of Deception, the Chaos Computer Club, the P.H.I.R.M., the genesis of zines like Phrack and 2600, and the days when blowing a whistle found in a cereal box into a telephone receiver gave you control of a phone line.
In those days, communication between hackers was mostly...
Hacking has existed in one form or another for quite some time. Just as the Internet grew by leaps and bounds in the '90s, so did the hacking community. While the dot-com bubble thrust the Internet into the general public’s conscience, it also brought hacking into the limelight. Web site defacements and denial of service attacks quickly became commonplace. Naturally, with the rapid growth of the Internet population, a rise in the number of people looking to take advantage of neophyte users also took place.
More hacking groups began forming in the '90s, such as the L0pht. In 1998 members of the L0pht testified before congress that they could shut down the Internet in 30 minutes. In 1992, five members of the Masters of Deception group were indicted in federal court and later plead guilty. The...
Same thing we do every night – try to take over the world…
Morris and Brain. The average person doesn’t know these names very well in comparison to Melissa, CodeRed, Nimda, Slammer, and Funlove. They all had their day and are burned in the memories of the users who were infected and those who cleaned up after them. Without Morris and Brain, though, the current “superstars” wouldn’t exist.
