Possible Computer Attack Methods on the Horizon in the Near Future

by | Friday, February 25, 2011 11:06:00 AM | 0 comment(s)

Security researchers at the SANS Institute say pervasive memory scraping is one of the most dangerous attack methods that hackers will use in the coming year. In such an attack, hackers gain administrative privileges for a file system in order to access personally identifiable information and other sensitive data, even if it is encrypted.

This is done by accessing the data when it is unencrypted before being processed, and by stealing encryption keys from the system's memory to unencrypt the data. Consultant Ed Skoudis notes that this attack method is increasingly being seen in data breaches.

Organizations may need to turn to the Metasploit Meterpreter software module to protect themselves from pervasive memory scraping, as data-loss prevention products and freeware may not provide sufficient protection from such attacks, experts say.

SANS Institute researchers also warn about threats that may arise from the migration from IPv4 to IPv6. This migration can be dangerous because attackers can access IPv6 networks that organizations may not even know are turned on in newer versions of certain products, and because older versions of firewalls and intrusion prevention systems may not be looking for IPv6 traffic at all. As a result, organizations should turn off IPv6 on all devices if they do not need to use the protocol, says SANS' Johannes Ullrich.


Machine-Solution.com
We enjoy helping our customers each and every day.

COMMENTS (must be logged in to post comments) Login