Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Handlers On Duty

Published: 2005-12-27
Last Updated: 2005-12-27 17:48:11 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Today Donald and I are tag teaming as Handler On Duty, so you are likely to see stories with a wide range of topics. Thanks Donald for tag teaming with me today.
Keywords:
0 comment(s)

What will 2006 have in store?

Published: 2005-12-27
Last Updated: 2005-12-27 17:39:39 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Well, 2005 is soon to come to a close.  What a tremendous year this has been!  We have had lots of exciting discussions about everything from "soup to nuts".  Looking back we have seen new exploits, new holes in the Internet and the usual round of viruses and worms.  I was the Handler On Duty - New Years Eve 2004 and asked our readers who checked in with us to tell us what they thought 2005 was going to bring. Here is a recap of some of the responses that were received:

From Greg:
   With the developing trends in botnets and denial of service with them, I'm willing to bet that we'll see more    
    frequent use of ddos for hire and malware distribution by zombie pcs. It also would be a shock to see an
    adaptive botnet..that can change and adapt to discovery on the fly..shutting down discovered nodes and such.

From John:
    As direct electronic invoicing becomes more popular, crimals will try to leverage poor implementations of
    Web Services to submit fraudulent invoices for payment. Agencies that have done away with support staff
     necessary for manual invoice processing will pay dearly.

From David:
    I can't think of a new 'technical' threat but the existing technology joy-ride hackers are using could end up
    being more dangerous in the near future. Currently when we find a hacked system it is normally being used to 
    share copyrighted music, movies or applications.  They mainly want to use our disk space and bandwidth and
    have no dangerous agenda.  This could change in the future, however.  As financial institutions tighten up
    security the money motivated hackers may turn to using BotNets to harvest documents.  Instead of hijacking a
    system to use the disk space and setup detectable FTP servers they may end up harvesting all of the documents
    from the system in hopes of gaining financial or personal information for identity theft. Pretty scary to even think
    about it.

From Jack:
    DNS Poisoning/Hijacking

From Anonymous:
    Just thought I'd add some of the potential issues that we might start seeing in 2005. First, is the spread of bots
    to IP enabled devices. Once more as devices reach that "on-line all the time" state, the vulnerabilities will be 
    exploited more. This could include a range of devices from cellular phones, to even the next generation console
    systems. (Note: viruses and exploits for console systems may deserve to be its own potential issue). Second, an
    increase of malware for alternative operating systems (non-Windows), primarily for the Tiger OS. Third, IPv6
    will become wider spread, and while it will be a partial remedy for some sercurity issues; improper
    implementation will create added security risks and issues -- primarily in the areas of content
    management/filtering, simpler facilitation of cryptographic malware, and brand new vulnerabilities for IPv6
    enabled products.

So what do you think?  How did our predictors do for 2005?  What do you think were the biggest issues for 2005? I will be the Handler On Duty on News Years Eve and will print some of the responses we receive.

What are your predictions for 2006?  Let us know. Your response could be used in a Diary next year.




Keywords:
0 comment(s)

Quiet Weekend - not much news

Published: 2005-12-27
Last Updated: 2005-12-27 17:04:45 UTC
by Deborah Hale (Version: 1)
0 comment(s)
It has been a very quiet weekend so not much exciting news.  Perhaps all of the script kiddies got new computers for Christmas and haven't gotten them fully up to speed yet.  Or perhaps many of there rogue machines were also replaced by new ones this year and they will have to go out and rebuild their army.  At any rate, whichever is the case, we here at the Storm Center appreciate the break.


Keywords:
0 comment(s)
Diary Archives