Hackers set sights on Web apps

Cyber criminals are stepping up efforts to target South African Internet users to steal personal and confidential information for financial gain.

This is according to Dino Covotsos, CEO of Telspace Systems; a sponsor of next week's ITWeb Security Summit in Sandton.

“There are huge security risks at the moment and it's imperative that, in the future, companies and individuals look after their information security. The more prominent the country gets in terms of the World Cup, the more cyber criminals will be targeting SA.”

With 35 days to go until the Fifa World Cup, Covotsos claims a lot of local companies plan to deploy security procedures and policies over the tournament period. However, he adds many companies have started this process too late in the game.

Covotsos explains that while Web application threats haven't changed much in terms of complexity, the number of these attacks on South Africans has increased.

“We've been seeing the same SQL attacks and cross-site scripting attacks in the past several years. But we've been seeing an increase in SA. Because of the serious physical crime we have in the country, criminals are looking at the cyber world as an easier route to steal financial information, which can be utilised for identity theft and fraud.”

Covotsos says Telspace is driving training and security awareness campaigns. This follows last month's Hack in the Box 2010 event in Dubai. He adds that awareness around security threats is increasing and organisations are doing a lot more to secure applications.

“You don't really need to know a lot to create an attack and it's becoming easier for cyber criminals to conduct an attack which has serious consequences. New technologies such as Adobe Flash, PDF readers and so forth are making Web applications and plug-ins more vulnerable to severe attacks.

“Botnets are propagating all over the world, taking control of computers with outdated software and using vulnerable add-ons in the browser. These range from known vulnerabilities to 0-day issues.”

Simon Leech, TippingPoint technical director for Europe, Middle East and Africa, recently told ITWeb that in coming weeks, cyber criminals will disguise malware as Web applications relating to the World Cup. Cyber criminals will also use search engine optimisation techniques to populate major search engines with malicious links when fans type in World Cup search terms.

According to Symantec's NetThreat Web site - which is dedicated to driving awareness around World Cup-related security threats - the security company discovered massive data theft associated with the Qakbot botnet. This botnet reportedly steals 2GB of confidential information every week.

Researchers say the botnet steals online and credit card information and social network credentials accessed via an infected PC's browser. The Qakbot botnet is equally effective at stealing information from corporate environments as from home users.