Cybercriminals modernize, but stick to vintage exploits

Cybercriminals are looking to the past and the future simultaneously, according to Cisco's Midyear Security Review.

That is, they are using vintage exploits along with modern management techniques to promulgate increasingly sophisticated attacks and make their illegal activities more lucrative.

For example, according to the report, which was released this week, some recent cyberattacks are using dated exploits of vulnerabilities that were discovered in 2006. Though only a small number of unpatched PCs may exist in an enterprise, criminals find and break into them, according to the report.

“If you have even 0.1 percent of your PCs that are not being patched, there are criminals who are working very hard to break into them,” Patrick Peterson, Cisco fellow and chief security researcher, told SCMagazineUS.com Thursday. “If someone misses an update, they are likely to get owned.”

In addition, criminals also demonstrate increasingly strong business acumen. They collaborate, prey on peoples' fears and interests, and make use of legitimate internet tools such as software-as-a-service, according to the report.

“These guys are collaborating and finding complementary ways to partner,” said Marie Hattar, vice president of network systems and security solutions marketing in a blog post. “Not only that, they're also getting smart about search-engine optimization techniques.”

Botmasters increasingly rent networks of compromised computers, form alliances, or just exploit each other, according to the report. And many botmasters borrow the best practices and strategies of the real business world.

“Criminals have been working on their cyber MBAs,” Peterson said. “They seem to have been going though the same kinds of training you would see at the Harvard Business School. They're restructuring and reorganizing their businesses to be more efficient, more dangerous and more profitable.”

Other findings in the report include: Web 2.0 applications, prized for their ease of use and flexibility, have become lures for criminals; criminals target people who use online banking with well-designed, localized text message scams — and leave virtually no trail; and there is an increasing use of “spamdexing,” or packing a website with topical keywords or search terms. That way, users searching for a specific search term may click on the malicious links, which have risen above the legitimate results.