Although the picture in this story shows a book for “dummies,” it would take some extremely intelligent people to stay one step ahead of the constant attacks being made on corporations by cyber-criminals. This book wouldn’t really help you very much. You might need a Master’s degree in computer programming at minimum.
Malware designed to damage computer systems is now being secreted into portable documents, commonly known as PDD, by cyber-criminals whose efforts usually are thwarted by antivirus software. Everyone should have antivirus software on their computers – that is Computer Protection 101.
These PDF attacks are said to be aimed at corporate and government institutions and according to Defense analysts cited in online commentaries. The attacks are part of sophisticated schemes aimed at extracting information from systems otherwise thought to be firewalled and secure.
Several corporate sources confirmed defense organizations were targeted in the attacks. The attacks not only appear to be well-funded, but they could come from an unknown country or corporate entity. This, of course, makes it harder to track down these cyber-criminals.
This latest cyber-threat became news after warnings came from the computer software company Symantec, along with comments from defense manufacturer Lockheed Martin and software provider Adobe that acknowledged the risk.
Cyber-criminals trying to take advantage of the alleged weakness in Adobe’s PDF reading and editing software use a well-known family of malware called Sykipot, Symantec said.
The attackers aim the malicious code at so called zero-day vulnerabilities. These are vulnerabilities that haven’t yet been reported by security experts or software makers. The attackers also hit PDF as a common business application hoping that many users wouldn’t have kept up with the latest security patches. This is another good reason to keep your software current with updates. Many of us are guilty of putting off our updates because we are rushed, working on open programs, or it’s a bad time to reboot our computers.
On Dec. 1, Symantec reported a high volume of e-mail carrying Sykipot malware aimed at Acrobat Reader and Acrobat editing software. The attackers sent the messages mostly to high-ranking executives who could have sensitive or strategic information on their computer networks.
Just to give you an idea of how sophisticated these attacks are: Commands can be sent to targeted computers to gather system and network information and determine whether a computer system is even was worth hacking into. The attackers were also able to customize commands to exfiltrate the information.
Symantec said cyber-attackers were behind a March 2010 attack on a zero-day vulnerability in Microsoft Internet Explorer.
Adobe was apparently alerted to the risk by Lockheed Martin and the Defense Security Information Exchange (DSIE), a group of major defense contractors that share information about computer attacks.
DSIE includes companies that are part of the so-called the “Defense Industrial Base.” It includes some of the largest U.S. defense contractors including Boeing, General Dynamics, Lockheed Martin, Northrop Grumman, Pratt and Whitney and Raytheon, Computerworld said.
Symantec published an image of a redacted email of the attack’s bait — the promise of a 2012 guide to policies on new contract awards — that it said was a sample of the pitches that tried to dupe recipients into opening the attached PDF document.
The Sykipot malware encrypts the stolen data after it has been retrieved from the victimized firm – while it is still stored on the company’s network and as it’s being transmitted to a hacker-controlled server.
Symantec said the same group of hackers who launched the attacks against IE6 and IE7 in 2010 were also responsible for Reader-based attacks since November.
Read story@ upi
