New Levels of Sophistication in Malware Pose Serious Future Consequences
I just covered some of the findings of an Open Source Security conference held this week in San Jose at IntelFusion.net, and I'm very worried. These are exceedingly sophisticated techniques, and few in Law Enforcement or the DOD are on the same page technologically.
Here are a few examples of what can be done with a Botnet attack:
- Use RSS-to-e-mail conversion services as an untraceable way to control a Botnet;
- Instructions for a Botnet can be hidden on multiple web pages, and then recovered by that Botnet via Google search.
Granted, these are still very new strategies and haven't yet been widely adopted by the bad guys, however it's just a matter of time. I'm concerned that a lack of training among many of the agencies tasked to protect our infrastructure is going to leave us exceedingly vulnerable to a technologically adept and rapid adopter cyber foe.
MI5 Issues a warning about Cyberattacks on British Companies
"Shell, Rolls Royce Reportedly Hacked By Chinese Spies"
http://www.infoworld.com/article/07/...e-spies_1.html
Also, the latest CRS report on Cybercrime, Cyberterrorists, and Cyberwarfare is available through FAS:
http://www.fas.org/sgp/crs/terror/RL32114.pdf