Increases in malicious code in personal computers after visiting allegedly clean internet sites: seventh report of the Reporting and Analysis Centre for Information Assurance
Press Release, fedpol, 17.10.2008
Berne. The increase in mass hacking of websites, developments in the area of politically-motivated hacking, the risks posed by open wireless networks and the dangers involved in using social network sites: these are the topics of the seventh semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI). The report assesses the situation in the first half-year of 2008 and is now available at www.melani.admin.ch.
The report emphasis that current, targeted IT attacks cannot always be successfully defended against even with the help of technical security measures and good common sense. Refocusing the precautionary measures is therefore necessary, moving the protection of information to centre field and not only taking account of the protection of computers and networks.
Mass hacking of websites
The danger of infections (obtained mostly unwittingly) by simply visiting websites (by means of drive-by infections) is on the rise. Since January 2008, several mass hacks of websites have been observed with the intent of infecting users. These include websites with an excellent reputation and high visitor numbers. Due to the fact that this method allows computers to be infected without any user action being carried out provides criminals with a welcome opportunity to spread malicious code. Also Swiss websites are affected. The actual report shows the function and nature of drive-by infections. Additionally MELANI will publish more information on how to check own Websites for possible drive-by infections on their website.
Cyberattacks can be an important way to gain attention for a political concern. In addition to financial motives, political motives are increasingly becoming a focus of Internet crime. Politically-motivated hacking has already existed since the late 1990s. Recent developments have contributed to an increasing public discussion of this phenomenon and has moved up the political agenda in many countries.
Open wireless networks as a security risk
Local wireless networks (WLANs) have become widespread also among private individuals. If these networks are insufficiently secure, criminals may use them on the one hand to access data and information which is problematic in the case of business networks. On the other hand, insufficiently secure wireless networks allow crimes to be committed via the internet and in doing so conceal true identities. Such abuses are unfortunately becoming more and more frequent. Following certain basic rules can help keep one's network clean.
Social networks and the threat of data abuse
Social networks are popular since they offer the possibility of presenting oneself on the Internet with relatively little effort and communicating with others. The enthusiastic use of these sites, especially the way in which many users publish their personal information, bears dangers, however: personal information helps cybercriminals to launch targeted attacks.
Pascal Lamia, Head of the Reporting and Analysis Centre for Information Assurance (MELANI), Federal Strategy Unit for IT (FSUIT), tel. +41 31 323 45 06