What a bizarre report.
Cyber-attackers are turning to tools that automate the process of finding and hijacking vulnerable servers, a study has found. The study used a fake server known as a honeypot to log everything done to it by digital intruders. Put online by security firm Cybereason, the server was quickly found and hijacked in seconds by a bot that broke through its digital defences.
The firm said it expected to see more attacks staged with little human help. "The bot did all the hard work," said Ross Rustici, head of intelligence services at Cybereason. "It shows how lazy hackers have become."
About two hours after the server for the fake finance firm was put online it was found by a bot which then aggressively set about taking it over. Passwords to protect some of the server's functions were left intentionally weak to tempt the bot which duly cracked them and then went on to plunder information on the machine.
Within 15 seconds of getting access, the bot:
-sought out and exploited several known vulnerabilities
-scanned the network to which the server was connected
-stole and dumped credentials for other vulnerable machines
-created new user accounts for its creators to use
"It completely owned the network in an automated fashion," said Mr Rustici.
While bots are widely used by cyber-criminals to seek out and subvert vulnerable servers, the process of going from initial compromise to a full-blown breach is often carried out by a human, he said. But in this case in just a couple of minutes the bot did 80% of the work a human hacker would typically have to carry out, he said.
"We have never seen this first-hand before," said Mr Rustici. "If you are only concerned with gaining as much access to as many machines as possible then this bot is fantastic for you."
Is he mad ? "Lazy" ? Try sophisticated. And surely there are quite a lot of agencies concerned with "only" gaining as much access to as much as possible. I thought that was a given. Although I was imagining most of the hard work would be done by bots anyway, rather than some teenage nerd in a darkened bedroom. I thought that era went out with the 90s. How naive of me...
http://www.bbc.com/news/technology-43788337
Sister blog of Physicists of the Caribbean in which I babble about non-astronomy stuff, because everyone needs a hobby
Subscribe to:
Post Comments (Atom)
Review : Pagan Britain
Having read a good chunk of the original stories, I turn away slightly from mythological themes and back to something more academical : the ...
-
"To claim that you are being discriminated against because you have lost your right to discriminate against others shows a gross lack o...
-
I've noticed that some people care deeply about the truth, but come up with batshit crazy statements. And I've caught myself rationa...
-
For all that I know the Universe is under no obligation to make intuitive sense, I still don't like quantum mechanics. Just because some...
What? When has this not been the case? This is basic vulnerability scanning.
ReplyDeleteen.wikipedia.org - Vulnerability scanner - Wikipedia
https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools
Botnets have boxes in the tens of thousands to hundreds of thousands, do people think that this was done by Hackers manually discovering SQL injections?
https://en.wikipedia.org/wiki/Botnet
I think the phrase they're looking for is "script kiddies." Tale as old as time.
ReplyDeleteWhole point of computers is to automate and do things faster than us.
ReplyDelete