Ken Munro, Managing Director for SecureTest, suggests hackers are becoming highly organised and are now able to take advantage of converging IP technologies.
Malicious mobile applications, burgeoning bot-nets and pernicious phishing are among the security scams to look out for, it is claimed. Hack attacks will grow in scale and sophistication next year, combining and manipulating several IP technologies at a time, warns security consultancy SecureTest.
Traditional hack attacks are evolving, mutating across new platforms such as mobile, hijacked home computers or bot-nets, and unified business infrastructures, it is claimed.
As a third party penetration tester, SecureTest reports that it is usually commissioned to ethically hack IP systems and networks on behalf of clients. But it also seeks to identify emerging threats and keeps its finger on the pulse of the hacking community, regularly monitoring forums and underground events. It has recently identified and carried out testing of a number of key hack attacks which could threaten to destabilise emerging IP technologies in the coming months, it warns.
Pernicious phishing
Email phishing scams such as pseudo account updates or 419 email invitations are on the wane but more ambitious versions are emerging, the firm says. Intelligent phishing will see these scams become more pernicious, using a variety of techniques, rather than the scatter gun approach typically seen today. These phishing emails could exploit the inadequate coding often found on websites. Hackers could target users with a cross-site scripting attack, whereby an email with a malicious hyperlink contained in an email takes the user to a legitimate website, but code in that hyperlink can be used to route user details and credentials to a third party. If, for instance, the user inputs their details into a webform, this would be sent to the fraudster. This type of hack is perpetrated client-side and is difficult to spot because parts of the hyperlink are genuine.
Malicious mobile applications
Transactional mobile applications are set to be used for everything from banking to e-government services, allowing the user to access online services from their mobile phone. There are at least two types of hack attack which could impact on this. In the first instance, freeware tools can be used to access J2ME-based transactional mobile applications, disabling security features and using the application as a vehicle to attack the application server. In the second, a spam mobile message instructs the user to update their banking details online. Because the URL is buried deep in the application, the user cannot verify its authenticity.
Burgeoning bot-nets
Bot-nets is a term used to describe the virtual networks created when individual PCs are hacked and recruited to form a network that criminals use to launch future attacks. These will gather in pace as spyware becomes more intelligent, allowing bot-nets to harvest more PCs. The result could see massive virtual networks capable of relaying traffic, hiding scurrilous activity or perpetrating distributed denial of service attacks on a mammoth scale.
Grey Routing
VoIP users may exploit vulnerabilities which will enable them to place calls for free using Grey Routing ‘freeware’ tools. Least-cost VoIP call routing providers often use SIP in a ‘debug’ mode, which discloses the route a call will take. It’s then a simple step to join the call route at a point which avoids a billing gateway, resulting in an undetected; and free – call. Both voice- and video-over-IP services may be susceptible.
IP building management systems
Modern building control systems such as CCTV, air-conditioning, fire alarm systems or door entry systems are being unified over the IP network. Criminals or terrorists can take control of these systems, enabling them to lower the internal temperature or activate a fire alarm to cause an evacuation, for example. Some solutions provide IP connections directly from a reader located outside the main door into the building, giving hackers direct access to the corporate LAN without them even needing to step inside.
What they say
"Hacking will no longer be an ad-hoc activity but will be meticulously planned, increasingly perpetrated by organised criminal gangs," says Ken Munro, Managing Director of SecureTest. "As networks become more secure, hackers are having to become more inventive. They will create more complex attacks which will exploit unified communications, hopping from mobile platforms to corporate networks to the internet. And we will see the audacity of these attacks increase as fraudsters use daring techniques such as social engineering to gain access to locked-down systems. The Sumitomo Mitsui case is a perfect example of a traditional hack which, when combined with a social engineering invasion and keylogging, can be very effective. They nearly pulled it off and it’s a scenario we will see more and more."
About SecureTest
SecureTest reports that it provides a service for business analysis of IT risk. It’s vetted and approved by CESG, the information assurance arm of GCHQ in Cheltenham. Tests are designed, the company adds, to expose all security flaws across a company’s infrastructure, applications, business processes and end-user practices, thus demonstrating vulnerabilities in IT systems, it is claimed. The company also provides risk management advice.
