What a bizarre report.
Cyber-attackers are turning to tools that automate the process of finding and hijacking vulnerable servers, a study has found. The study used a fake server known as a honeypot to log everything done to it by digital intruders. Put online by security firm Cybereason, the server was quickly found and hijacked in seconds by a bot that broke through its digital defences.
The firm said it expected to see more attacks staged with little human help. "The bot did all the hard work," said Ross Rustici, head of intelligence services at Cybereason. "It shows how lazy hackers have become."
About two hours after the server for the fake finance firm was put online it was found by a bot which then aggressively set about taking it over. Passwords to protect some of the server's functions were left intentionally weak to tempt the bot which duly cracked them and then went on to plunder information on the machine.
Within 15 seconds of getting access, the bot:
-sought out and exploited several known vulnerabilities
-scanned the network to which the server was connected
-stole and dumped credentials for other vulnerable machines
-created new user accounts for its creators to use
"It completely owned the network in an automated fashion," said Mr Rustici.
While bots are widely used by cyber-criminals to seek out and subvert vulnerable servers, the process of going from initial compromise to a full-blown breach is often carried out by a human, he said. But in this case in just a couple of minutes the bot did 80% of the work a human hacker would typically have to carry out, he said.
"We have never seen this first-hand before," said Mr Rustici. "If you are only concerned with gaining as much access to as many machines as possible then this bot is fantastic for you."
Is he mad ? "Lazy" ? Try sophisticated. And surely there are quite a lot of agencies concerned with "only" gaining as much access to as much as possible. I thought that was a given. Although I was imagining most of the hard work would be done by bots anyway, rather than some teenage nerd in a darkened bedroom. I thought that era went out with the 90s. How naive of me...
http://www.bbc.com/news/technology-43788337
What? When has this not been the case? This is basic vulnerability scanning.
ReplyDeleteen.wikipedia.org - Vulnerability scanner - Wikipedia
https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools
Botnets have boxes in the tens of thousands to hundreds of thousands, do people think that this was done by Hackers manually discovering SQL injections?
https://en.wikipedia.org/wiki/Botnet
I think the phrase they're looking for is "script kiddies." Tale as old as time.
ReplyDeleteWhole point of computers is to automate and do things faster than us.
ReplyDelete