Experts: 2004 seen bringing more, worse cyberattacks

The New Year will offer weary network administrators little respite from a new generation of Internet worms, viruses and targeted hacks that appeared in 2003, according to security experts.

In 2004, malicious hackers will continue to take advantage of security weaknesses in popular communications protocols such as Remote Procedure Call (RPC), while improvements in hacker tools will shorten the time that technology vendors and their customers have to respond to new vulnerabilities, according to comments by leading security researchers and corporate security experts at the InfoSecurity 2003 Conference and Exhibition in New York City Wednesday.

The experts, including chief security officers from eBay Inc. and Siebel Systems Inc., took part in a panel discussion of security vulnerabilities and so-called "zero-day" exploits -- vulnerabilities that are exploited by attackers before software patches have been issued.

Attacks that take advantage of holes in RPC will continue next year, according to Gerhard Eschelbeck of security company Qualys Inc. RPC vulnerabilities in Microsoft Corp.'s products were behind recent worms such as Blaster and Welchia, which spread worldwide in August.

While many of those attacks will target Microsoft operating systems, malicious hackers may also look for ways to exploit RPC security holes in Unix and Linux, he said.

"RPC is a fundamental component of client-server computing. Next year we expect a multitude of vulnerabilities in (RPC), and those could lead to targets and attacks that are not homogenous, with a sudden shift to target different operating systems," Eschelbeck said.

With Microsoft planning security improvements to prevent Blaster-style attacks with the release of Windows XP Service Pack 2, hackers are also shifting their attention to areas not covered by Redmond, Washington, according to panel member Jeff Moss, president and chief executive officer (CEO) of BlackHat Inc.

In particular, hackers are exploring ways to attack memory "heaps," or areas of computer memory that are created dynamically when programs run. Such attacks would sidestep protections Microsoft is building into Windows XP to protect against memory stack overflows, which Blaster caused, he said.

Improvements in the quality of software programs that hackers can use to develop code that exploits security vulnerabilities may result in more zero day exploits. At the same time, better "rootkits," that allow hackers to surreptitiously control hacked computers, will make identifying compromised machines even more difficult, Ross said.

Corporate security experts recommended a variety of strategies for protecting networks and mitigating damage.

Online auction company eBay uses layered security, including two-factor authentication and VPN (virtual private network) technology for remote users, automated patch management and reporting software, access control lists, gateway and desktop antivirus software, as well as desktop firewalls for remote users, according to Howard Schmidt, the company's chief security officer.

Siebel Director of Global Security David Mortman also swears by his company's patch management software, saying it has saved him from more than one ugly outbreak. After an infection by Slammer hobbled parts of Siebel's corporate network, the company became more aggressive about distributing software patches to affected systems, he said.

Siebel distributes most patches to users within 36 hours and no longer performs exhaustive tests on patches to make sure they don't break key software applications before deploying them, Mortman said.

"After Slammer, we realized (testing patches against applications) is not worth the cost of getting infected," he said.

Organizations will also have to do a better job of securing resources within their corporate networks in 2004, experts agreed.

The Blaster worm was the first example of an attack that did not cause widespread disruptions on the Internet, but spread rapidly within corporate networks by exploiting holes in corporate networks used by telecommuters and mobile workers, Eschelbeck said.

"Blaster was a real turning point. You now have to look at the resources you have internally, not just on the outside," he said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Roberts

IDG News Service
Show Comments

Brand Post

Shining a light on creativity

MSI has long pushed the boundaries of invention with its ever-evolving range of laptops but it has now pulled off a world first with the new MSI Creative 17.

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?