EUIST

EUIST

Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

Blended threats – are the computer security’s new nemesis?

August 24th, 2006 · No Comments ·

Elsewhere we have outlined the following issues:

Blended threats are exploit code that combines malicious code with vulnerabilities in order to launch an attack. As such they use multiple avenues for attacking a system.

Blended threats (what is a blended threat) (Was ist ein Blended Threat?) is a more technical term and has been used since about 1999 (e.g., EICAR conference in Aalborg – Denmark). For 2005 some people predicted that we could expect to see more blended threats that we have had in the past.

The same was stated for 2006 that attackers would continue to combine viruses, worms, Trojans, spyware and “phishing” methods into increasingly more potent blended threats in 2006.

So eight months have passed just about and what has happened? The nemesis has not happened. We propose that a blended threat has:

    > a _social entineering side_ whereby it is often your user that has to do something, such as being tricked into visiting a phishing site to start it all off, and> a _technical dimension_, whereby the tricked user may be infected by malicious code visiting a website (e.g., see XSS, Ajax and Web 2.0 for illustrations of this facet) that exploits one or more vulnerabilities and, as importantly, could propagate itself through several channels (e.g., Instant Messaging and email).

We probably can all agree that the social engineering side is the one we have to worry about probably as much as we do about the technical one with the new Windows Vista coming.

For the rest, things are still bad but far from worse we could probably all agree about this…. and for the rest we have to wait and see.

_PS 1

The term blended threat might have been useful for industry but today it appears a bit quaint. While the term describing that more than one vector of attack may be used is technically correct it may, however, not be the point for corporate and home users. In both insteances, the impact may be far more important than the technical specifics.

_PS 2

Instant Messaging (IM) attacks are part of a blended threat all right. Simply, this means that malware that is hijacking IM clients is also using services like e-mail and the Web to propagate itself. However, it adds little to the discussion beyond what we already understand.



|

→ No CommentsTags: basics · blended · nemesis · practices · rest · term · tricked · visiting