SANS Institute: Gullible PC Users a Threat to SecurityNovember 29th, 2007 - 2:16 am ICT by admin
One of the biggest security vulnerabilities for computers and networks is sitting in front of the desk. According to the SANS Institute’s annual report on the Top 20 Internet Security risks, released Tuesday, “users who are easily misled” ranks with custom-built applications as the top targets for attackers.
The report cites several cases, based on real events, that illustrate the real-world implications of today’s security challenges.
In one instance, hundreds of senior federal officials and business executives visited an infected political think-tank site, and their computers became zombies. Keystroke loggers installed on their machines captured user names and passwords for their personal bank accounts, their stock trading accounts, and their employers’ computers, and sent them to the attackers in various countries. Money and sensitive data was lost.
In another case, a teenager simply visited a Web site with an old version of a media player. A video started to play as soon as she entered the site, helping to install a keystroke logger on the machine — the same computer her father used for his online bank account. The account was emptied by the attackers. Although the bank later reimbursed him, U.S. law enforcement officials discovered that the money went to a terrorist group that recruited suicide bombers.
In a third case, a custom-made program had a programming error that allowed criminals to take private patient records from a hospital. The hospital had to choose between paying extortion or having the records disseminated on the Internet.
Five Minutes Before Attacks
These and other horror stories illustrate the security landscape as presented by the SANS Institute report, the collective effort of 43 security experts from government, industry, and academic in several countries. The Institute, founded in 1989 as a cooperative research and education organization, conducts information security training and certification.
The Institute’s report presents a…
- Software to fight hacking technique bags award - Oct 31, 2010
- Kamasutra could make you a victim of a hack attack - Jan 14, 2011
- Indian home ministry computers under virus attack - Aug 16, 2010
- 'Hacker' application on Facebook stealing users' personal info - Aug 18, 2010
- Indian IT experts devise technique to fight deadly bots - May 17, 2012
- BLADE software eliminates threats of 'drive-by downloads' from Internet - Oct 07, 2010
- China to curb online phishing - Dec 30, 2011
- 300,000 computers with deadly virus to lose internet: FBI - Jul 08, 2012
- Uniken India implements secure internet banking solution for Bank of India - Jun 03, 2010
- Vibrations to help in energy harvesting - May 07, 2012
- Top four cyber threats for 2011 revealed - Jan 08, 2011
- New software to access blocked websites - Aug 11, 2011
- Computers with deadly virus to lose web link: FBI - Jul 05, 2012
- Court issues notice over taxing internet-based firms (Second Lead) - Jun 06, 2012
Tags: attackers, business executives, collective effort, education organization, federal officials, government industry, gullible, horror stories, keystroke logger, keystroke loggers, patient records, personal bank accounts, private patient, programming error, security challenges, security experts, security landscape, security vulnerabilities, sensitive data, trading accounts