Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Hacker Intelligence Initiative To Study Anatomy Of Major Cyber Attacks

Imperva : 27 July, 2010  (Technical Article)
Imperva will be using hack-back techniques as well as traffic monitoring and forum research to gain deeper insight into the operations of hacking networks
Imperva has announced that its hacker intelligence initiative (HII), a research effort focused on providing deeper insight into how cybercriminals conduct large scale cyber attacks as well as shedding light on the evolution of the underground business of cybercrime. Part of Imperva's Application Defense Center (ADC), the hacker intelligence initiative will investigate the anatomy of attacks as well as key hacking trends by exploring the cybercrime industry utilizing techniques including hack-back, forum monitoring and internet traffic surveillance.

"Today, security research focuses heavily on vulnerabilities and problems. But to truly protect an organization, security professionals must have a deep understanding of their enemy," said Amichai Shulman, Imperva's CTO, referencing Sun Tzu's observation, 'If ignorant both of your enemy and yourself, you are certain to be in peril.'

Imperva's HII researchers will conduct and release research on attacks as they are uncovered. To date, the HII has released research on four significant cybercrime activities, among others:

* Pyramid-Scam Phishing Scheme: Employing simple hack-back techniques, Imperva uncovered a pyramid scam-style phishing scheme where a sophisticated hacker siphons data from individual phishing attacks through a backdoor in a phishing kit; the attack also capitalizes on a second drop-server to store stolen data.

* Start-to-Finish Execution of a Cross-Site Scripting Attack: By observing the hacker's own vulnerable code, Imperva was able to witness a XSS attack impacting 3000 individuals; Imperva found that XSS attacks require little expertise and less than an hour to carry-out when using readily available tutorials and free hosting sites.

* New Type of DDoS Attack: By monitoring a TOR, Imperva traced DDOS attacks to find that, unlike traditional botnets made up of infected PCs, the attacks were leveraging a Botnet of infected servers, creating a stronger, more effective and less-discoverable attack.

* The publication of 32 million passwords: By monitoring hacker forums, Imperva uncovered a list of user passwords for the popular site RockYou and provided analysis of the most commonly used words and phrases.

"Cybercrime is a business like any other," continued Shulman. "Hackers are becoming more automated and their techniques are sophisticated and industrialized. Modern cyber defences need to keep pace with this growing industry and our intelligence initiative will help uncover the trends, techniques and tactics utilized by today's cybercriminals."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo