As the Web has become vital for day-to-day
transactions, it has also become an attractive
avenue for cybercrime. Financially motivated,
the crime we see on the Web today is quite
different from the more traditional network
attacks. A few years ago Internet attackers relied heavily
on remotely exploiting servers identified by scanning
the Internet for vulnerable network services. Autonomously spreading computer worms such as Code Red and
SQLSlammer were examples of such scanning attacks.
Their huge scale put even the Internet at large at risk; for
example, SQLSlammer generated traffic sufficient to melt
down backbones.
As a result, academia and industry alike developed
effective ways to fortify the network perimeter against
such attacks. Unfortunately, the attackers similarly
changed tactics, moving away from noisy scanning and
concentrating more on stealthy attacks.
Not only did they change their tactics, but also their
motivation. Previously, large-scale events such as network
worms were mostly exhibitions of technical superiority.
Today, cybercriminals are primarily motivated by economic incentives not only to exploit and seize control of
compromised systems for as long as possible, but also to
turn their assets into revenue.
The Web offers cybercriminals a powerful infrastructure to compromise computer systems and monetize the
resulting computing resources, as well as any information
that can be stolen from them. Cybercriminals use the
Web to serve malicious content capable of compromising
users’ computers and running arbitrary code on them.
This has been made possible largely by the increased complexity of Web browsers and the resulting vulnerabilities
that come with complex software. For example, a modern
Web browser provides a powerful computing platform
with access to different scripting languages (such as JavaScript), as well as external plug-ins (such as Flash or Java)
that may not follow the same security policies applied by
the browser.
While these capabilities permit sophisticated Web
applications, they also allow people to collect informa-
tion about the target system and deliver exploits specifi-
2.0
When the Cloud Turns Dark
Web-based malware attacks are
more insidious than ever.
What can be done to stem the tide?
