Live map shows cyber-war in real time

Cyber-intelligence firm builds heatmap to show online attacks around the world as they happen

A heat map depicting cyber-warfare as it happens has revealed the extent of the online attacks that ricochet between China and the United States. The mesmerising depiction has been created by Norse Corporation – a company that monitors global spyware and malware. The map is based on 130 terabytes of information gathered from 40 countries and eight million so-called "honeypots" – computers that emulate the kinds of programs cyber-attackers tend to attack, like ATM software and corporate email, BuzzFeed explains. The map shows a range of different information, including which country a cyber attack comes from, where it is aimed, and details about what kind of attack it is. The attacks it displays represent only one per cent of the total data Norse tracks. If the company attempted to display any more than that it would become illegible, it says. Although many of the attacks seem to be emanating from China, that impression may be misleading, NetworkWorld says, as "many attackers are good at masking their real location".  At time of writing, the five most frequently attacked countries appear to be the US, China, Singapore, UK and Thailand. And apart from China, the assaults seem to originate from the US, the Netherlands, Russia and what looks like a small island off the south coast of Ghana labelled "Mil/Gov". Rather than this being a secretive US military base in the Gulf of Guinea, it is in fact a random location on the equator that Norse has selected to represent cyber-attacks committed by and against the American government, where location data is unavailable. The map is "weirdly hypnotic" Quartz's Heather Timmons says, and looks rather "like the vintage video game Missile Command". Another tool that does a similar job is Kaspersky’s stunning interactive cyber threat map. Kaspersky Lab, a provider of anti-virus software has over 60 million users and detects more than 300,000 malicious objects every day. According to Kaspersky, the most infected countries in the world are currently Russia, India, Vietnam, the US and Germany. For further concise, balanced comment and analysis on the week's news, try The Week magazine. Subscribe today and get 6 issues completely free. Source: The Week UK, Image Courtesy: https://pbs.twimg.com/media/BrJK-NACMAERLH6.jpg:large

Read More........→July 15, 2014

Malware re-birth a new threat?

Indian Express, Agencies : Washington, Scientists have claimed that new breeds of malware could leave computer systems and even critical infrastructure defenceless to attack from cyber criminals or foreign governments. An international team, led by Murray Brand, says that a theoretical attack strategy it calls a malware rebirthing botnet would render existing antivirus measures obsolete by using different kinds of malware in a coordinated strike. The attacker would first use a worm to create a botnet of infected slave computers, then upload a honeypot programme to attract and capture other malware from the internet. The captured malware would then be sent back to the attacker and altered in what Brand calls a rebirthing suite, improving its defences against antivirus programs with anti-analysis tools and tailoring them for the coming attack before distributing them among the botnet. The attacker now has an array of advanced, customised malware that are extremely difficult if not impossible for antivirus programs to detect that can be deployed against a target system from multiple angles. "Recognition of malware is dependent upon an analyst having already analysed the behaviour of the malware and extracted an identifying signature," Dr Brand said. If the new malware is significantly different to any known malware, antivirus software is unlikely to recognise the threat until the malware has disabled it, say the scientists. Dr Brand says antivirus software is already struggling to keep up with the growing volume of malware rapidly appearing on the internet, more than 75 million by the end of 2011. He says one third of malware in existence was created in the first 10 months of 2010 and new threats are often not properly identified for 48 days, with another 48 hours to program new definitions. Dr Brand says the processing power needed to scan for and delete malware may soon outstrip capacity of most computers. "At the other end of the spectrum, customised malicious software that does have a coordinated objective could be used to take over control of critical infrastructure or network operations in a very stealthy manner," he added. Source: Indian Express

Read More........→September 21, 2013