5 ataques importantes de 2013

Lessons From Five Advanced Attacks Of 2013

1. Cryptolocker and the evolution of ransom ware
While many attackers create botnets to steal data or use victim's machines as launching points for further attacks, a specialized group of attackers have used strong-arm tactics to extort money from victims. In the past, most of these types of attacks, referred to as ransomware, have been bluffs, but Cryptolocker, which started spreading in late summer, uses asymmetric encryption to lock important files.
(…)

2. New York Times "hack" and supplier insecurity
The August attack on the New York Times and other media outlets by the Syrian Electronic Army highlighted the vulnerability posed by service providers and technology suppliers.
Rather than directly breach the New York Times' systems, the attackers instead fooled the company's domain registrar to transfer the ownership of the nytimes.com and other media firms' domains to the SEA.
(…)

3. Bit9 and attacks on security providers
In February, security firm Bit9 revealed that its systems had been breached to gain access to a digital code-signing certificate. By using such a certificate, attackers can create malware that would be considered "trusted" by Bit9's systems.
(…)

4. DDoS attacks get bigger, more subtle
A number of denial-of-service attacks got digital ink this year. In March, anti-spam group Spamhaus suffered a massive denial-of-service attack, after it unilaterally blocked a number of online providers connected--in some cases tenuously--to spam. The Izz ad-Din al-Qassam Cyberfighters continued their attacks on U.S. financial institutions, causing scattered outages during the year.
(…)

5. South Korea and destructive attacks
Companies in both the Middle East and South Korea suffered destructive attacks designed to wipe data from computers. In 2012, Saudi Aramco and other companies in the Middle East were targeted with a malicious attack that erased data from machines, causing them to become unrecoverable.
This year, South Korean firms were attacked in a similar manner in a multi-vector attack whose finale was the deletion of master boot records on infected computers. While such attacks have happened in the past, they seem to be more frequent, says Dell Secureworks' Williams.
"The impact of these attacks have been pretty impressive--30,000 machines needed to be rebuilt in the Saudi Aramco case," he says.