Attack Toolkits - Newest Cyber Security Threat

Security firm Symantec, Mountain View, California, USA has given details of a new cyber threat - Attack Toolkits. The ease of use and accessibility of these toolkits has become the cause for more attacks and more attackers.

According to Symantec, attack toolkits are software programs launched by cybercriminals to facilitate launch of widespread attacks on networked computers. Typically, they are composed of prewritten malicious code used to exploit vulnerabilities and can customize, deploy, and automate widespread attacks. Attackers use secondary websites to deploy them where the computers of unsuspecting users will be compromised.

"Today's attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized," Stephen Trilling, senior vice president of Symantec Security Technology and Response, said in a statement.

There seems to be a special market for these toolkits. One of the more popular toolkits, Zeus, was sold for $8,000 in the underground markets where attack toolkits are sold. Typical toolkits are sold for $15.

Zeus is a toolkit used to pose serious threats to small businesses. It aims to steal bank account credentials. Since small businesses have fewer safeguards in place to guard their financial transactions, they are an easier target.

Recently a ring of cybercriminals, who used Zeus, were arrested for using the toolkit to steal $70 million over an 18-month period.

Along with Zeus, MPack, Neosploit, Nukesploit P4ck, and Phoenix were named the most prevalent attack toolkits by Symantec. Predictable, adult entertainment, was the most malicious website category.

New York State, USA, Proposes Law against Cyber Bullies

The world has taken another step towards combating the ever-increasing threat of cyber crimes against youngsters.

New York State, USA, has now proposed a bill to fight cyber bullying.

The bill has been forwarded by New York State Assemblyman, Charles Lavine, in light of the constant threat of cyber bullying facing youngsters online.

It is felt that this was a necessary step considering the almost epidemic state of student suicides occurring due to cyber-bullying.

Children online are very often victimized and harassed even to the point of committing suicide because of how they look or how they behave, or in many cases, for their perceived sexual orientation.

The proposed bill will punish cyber bullies and also those who participate in such activities indirectly.

This bill will create the crimes of cyber-assault and cyber-impersonation in New York State. The new crime of cyber-assault will punish those who go online to hurt others. Cyber impersonation will punish those who assume a false identity to commit these acts.

National Crime Records Bureau Tallies Cyber Crimes

According to a report recently released by the National Crime Records Bureau of India, Karnataka has the received the dubious distinction of having the highest number of cyber crimes reported in 2009.

97 cases were lodged with the Cyber Crime Police Station.

The report has also brought forth the lack of awareness that is attached to the adjudication of these cases. The report shows that of the approximately 50 cases of financial losses caused to people, not one has been reported to the IT Secretary of the state, who is also the Adjudicating Officer for Karnataka.

A public interest litigation filed by students of Asian school of Cyber Laws had led to the appointment of IT Secretaries of states as Adjudicating Officers to decide the fate of cyber crime cases in 2003.

An overall survey of the statistics of cyber crimes registered across the states shows that 233 cases were registered under section 66, while there were 139 cases under section 67 and 21 cases under section 65 of IT Act. The police have also registered cyber crimes under IPC for forgery (146 cases) and criminal breach (90 cases).

Teenager Arrested for Sending Threatening Email

A 17-year-old student from Dhanbad has been arrested for sending a threatening email to Anil Ambani, chairman of the Reliance ADA Group.

The Mumbai Police Crime Branch’s Cyber Crime Investigation Cell made the arrest.

The teenaged student believed that India had not given an adequate response to Pakistan after the 26/11 attacks. He misguidedly believed that if he posed as a Pakistani and threatened a prominent Indian, the Government would retaliate against Pakistan.

Anil Ambani received the email threats on 15th January 2011. The Reliance ADA group immediately lodged a complaint and a case was registered. Investigators found that the IP from which the email had originated in Dhanbad. A team was sent there and the youngster arrested.

The email had been sent from his personal computer and he has now been charged under the relevant sections of the IT Act and also with criminal intimidation under the Indian Penal Code.

Students Caught for Hacking School System

At least five students of the Wellington High School, Wellington, Kansas in USA will now face criminal charges for illegally logging into their school system and improving their grades.

Rick Weiss, the school Superintendent, said that they were alerted to the felony due to rumours doing the rounds in school about some students who had been able to change their grades. This prompted the teachers to go back to their papers to check the original grades versus the grades on the school computers. The two sets of grades did not match.

The police department has clarified that this act will be treated as a serious felony and not just a misdemeanour. These students first stole the school passwords, then logged in and changed the grades.

The youngsters involved may very well be asked to leave school. They also face the chances of not being able to graduate.

While the school continues to investigate to see how many other students could have been involved, police have served search warrants and seized computers as evidence in the computer crimes case.

The district attorney will most likely get the case by the last week of January 2011.

This case underlines the need to teach youngsters the difference between right and wrong in the cyber world. They need to be told that working harder is any day easier than getting involved in such criminal acts. They don't just need to be cyber literate (which most of them are) but also cyber smart.