Dark Reading: Lessons From 5 Advanced Attacks Of 2013

/Home/Internet Security: Articles/Internet Security: Dark Reading/Dark Reading: Vulnerabilities & Threats

From Cryptolocker to the destructive attacks on Korean firms to the massive flood that made Spamhaus inaccessible, attackers delivered some hard lessons in 2013

By Robert Lemos
December 26, 2013

Distributed denial-of-service attacks targeted application and business-logic weaknesses to take down systems; fraudsters used encryption to scramble victims' data until they paid a ransom; and, attackers increasingly targeted providers as a weak link in the chain of the digital security protecting businesses. In 2013, there were no major revolutions in the way that attackers compromised, cut off, or just plain inconvenienced their victim's systems, but their techniques and tactics evolved. From more pernicious encryption in ransomware to massive DDoS attacked fueled by reflection, attackers showed that they still had options available in their bag of tricks.

"As the criminals have become more savvy and more technically knowledgable and understand the victims' environments better, they are able to see opportunities that they might otherwise overlook," says Jeff Williams, director of security strategy for the counter threat unit at Dell SecureWorks, a managed security provider.

Based on interviews with experts, here are five advanced attacks from 2013 and the lessons for businesses from those events.

Click the URL above to read the full article