How can you stay safe from targeted attacks

By SecurityAsia Editors | Jul 19, 2010

0 comments

Digg

 Email

 Print

Operation “Aurora", the sophisticated Chinese cyber attack that hit several dozen companies in December 2009, not only compromised the intellectual property of the companies, but also raised the critical issue of Internet browser security. 

The primary enabler of this specific exploit was an un-patched vulnerability in Microsoft Internet Explorer (IE). By taking advantage of this unfixed security hole in the popular Web browser, cyber attackers compromised users systems.

It happened when a victim was lured into navigating to a malicious web page from a vulnerable Microsoft Windows system, where JavaScript code then exploited the vulnerability. The infected system then contacted remote servers controlled by the attackers, allowing them to view, create, and modify information on the compromised system.

Browser vulnerabilities affect all Web browsers and vendors and are far from being an issue for Microsoft’s exclusively. However, since it’s the most commonly used browser with hundreds of millions of users around the world and the largest market share, Internet Explorer naturally tends to be a favorite target for cyber attacks.

Yet, Apple Safari, Opera or Mozilla Firefox have had their share of security flaws, which, if exploited, could also lead to the same type of attack that we witnessed recently.

In spite of vendors’ constant efforts to release new, higher performance, more secure web browsers – for example, Google recently launched the ‘Google Chrome’ browser and Microsoft is currently testing now a new ‘Gazelle’ browser -- numerous Web browser attacks and vulnerabilities continue to be reported.

In 2009 alone, over 300 browser vulnerabilities were publicly reported in the CVE (Common Vulnerabilities and Exposure) repository, including several dozens for each vendor.

What makes the Web browser such a popular vector of attacks?
The Web browser is one of the most ubiquitous applications used throughout the computing community. Browsers today integrate many complex applications such as ActiveX, Cookies, Plug-In, Flash Player, Java, Acrobat Reader and so on, which extend the browsers’ functionalities and enable them to host graphics, friendly users’ interfaces and all sorts of animations.

Many websites actually require the user to install additional software to enable these features. Alternatively, those bundled programs are commonly enabled in most browsers’ default settings.

Each application, however usable it is, likely contains additional flaws and vulnerabilities in addition to the web browser itself, therefore increasing the total security risks for users. Some of the risky web features include:

ActiveX:

Used by Microsoft Internet Explorer on Microsoft Windows systems, ActiveX is a technology that has seen various vulnerabilities and implementation issues. One of the latest ActiveX vulnerabilities was discovered in July 2009 in Microsoft DirectShow Video ActiveX Control. The exploit, through drive-by-attacks, compromised thousands of Web sites, which in turn infected endpoints with malware and exposed companies to potential data leakage.

0 comments

Digg

 Email

 Print