Several prominent multinational banks suffered website and online banking service disruptions over the previous two weeks as the result of focused and highly sophisticated cyber attacks. Apparently led by Middle-Eastern “Hackivists” groups in response to the “Innocence of Muslims” YouTube video controversy, researchers have indicated that unlike attacks seen in previous years, this series of attacks were well planned, highly organized and of sufficient force to have even taken down hardened and secure telecom companies who are well-versed in handling the Denial of Service attacks that are typically experienced. In these most recent attacks, the hacktivists used zombified user PC’s as well as thousands of compromised webservers to shut down bank websites for hours, and sometimes days at a time.
What this means for you:
Zombified PC’s are no good to their handlers if they are detected and sanitized before they can be “rented” out, and as such, the most effective malware infection is often one that exists quietly on your technology until it is called into service. Obviously, this could result in your computers or servers, previously well-behaved and performing normally, suddenly acting up and running slowly, usually at the most inconvenient time for you and your business. Always make sure your anti-malware software is installed, updated and working properly.
Keep in mind that it’s even possible for website engines to become compromised and used as a zombie. Unless you tend to your site regularly, it’s possible for it to become compromised without you even noticing – that is until a customer visits your website, notices something wrong, and takes the time to report it to you instead of moving on to something else. Not sure if your computers or servers are secure? Give C2 a call and let us put your mind (and business) at ease!
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
Bromium, a new startup by the same braintrust that founded Xen – a popular virtualization platform now owned by industry giant Citrix – is promising their new product, “vSentry” will return computer users to the heady days of pre-virus computing. The basic idea behind this product is basically a combination of virtualization and hardware/software compartmentalization that creates agents called “microvisors” that act as a disposable “mini-computer” that are fired up to do things like read email, surf the web, play games, etc. and are then discarded completely once you have finished with that task. Conceptually, if, during the course of that task, the microvisor was attacked and infected by malware, the malicious code would end up going nowhere in the end, as the agent was dismissed from use. Think of the microvisor as a pair of impermeable, disposable gloves, tossed into the waste bin after every use, without the landfill aftermath.
What this means for you:
Based upon what I could tell, the product is still in the very early stages, and not yet readily available to the average computer user. It’s nice to imagine an internet where you can open an email from a friend, click a strange attachment and not worry about utterly destroying your computer. Even with the best-in-industry anti-malware software installed on your computer, the weakest link is still the operator at the keyboard. Until this product becomes a reality, and gets installed on every computer, vigilance is still your best defense against the wild internet. Always make sure your anti-malware software is installed, updated and WORKING. Always back up your data, and make sure those back ups are good. And if you are ever in doubt about your computer’s security, give us a call!