Hacker attacks increasingly strong cloud computing security crisis increases

Hacker attacks are becoming more intense

HC Security Network in the past year in the commercial computing system, although the number of loopholes in the amount of the same as in previous years, but hackers for these vulnerabilities to take a locked attack frequency is increasing, that is, not patched or updated system loopholes, it is bound to let the safety of enterprises exposed in high-risk groups.

Nearly half of all security vulnerabilities are not core systems, but are most likely to be in Web application, or plug-in portal interactive services sites, but these vulnerabilities pose a great threat to the overall security of the enterprise.

Network attack packs and botnets, which can easily be bought on the web and used to attack corporate websites, light causes network paralysis, and heavy corporate confidential information is stolen: And this type of cyber-organized crime has increased dramatically, which has caused considerable financial and material losses to companies around the world.

Enterprise cloud information How to prevent attack?

With the growing popularity of cloud storage and computing technology, for enterprise users, whether public or private, the next most important thing for an enterprise is cloud computing security. Because the cloud host virtualization, no one knows the host, hard disk, the location of the server, so it is very likely that enterprises and hackers to rent the same cloud host, if this happens, enterprise host how to prevent their own cloud information not to be attacked?

Sony's PSN was attacked, a total of 77 million or more user information was stolen, Sony was afraid to confirm that the stolen information, whether including credit card transactions related information; In addition, the average cost of processing each stolen information is $318, and the conversion results in a total cost of up to 24 billion dollars, If there are credit card information stolen by the theft of brush, the cost of loss is bound to be more alarming. This shows that if the enterprise security is not done well, the consequences insulting.

According to HP Digital Vaccine Laboratory analysis, enterprise network security can be divided into two major trends, one is the vulnerability trend, in the in-depth study of various application vulnerabilities found that Cross-site scripting attacks (cross-sitescripting, referred to as XSS) is still found in the largest attack type of vulnerability, The second is SQL injection and blocking attacks (Denialofservice, DOS), while SQL injection is still the most popular way for database thieves and botnet botnets to launch Drive-bysql injection attacks.

The HP Digital Vaccine Laboratory found that another attack trend in the HTTP client and server side, the 2010 was a large number of hackers malicious attacks, server-side average of about 90,000 per month, but the client average of up to 1.8 million per month , most of the attack methods are malicious JavaScript and PHP file entrainment attacks. At the same time, it is obvious that the mode of hacker attack is shifted from 60% traditional (SMB) to service attack against HTTP. They are also automated, botnet or worm-based flooding attacks.

In addition to attacks against HTTP, there are internet-based blocking service attacks (Denialofservice, Dos), and distributed interrupt Service attacks (Distributeddenialofservice, for short, DDoS), The aim of these attacks is simple: to concentrate on fire, so that the services of the site can not operate effectively, or simply can not operate. If the hacker faith organization "Anonymous" (Anonymous) uses Loworbitioncannon (Loic) to attack such as Visa, MasterCard, Bank of America and other targeted sites.

The HP digital vaccine Laboratory points out that the purpose of hacking the site from the early days of fame, the conversion to the current underground economy for the purpose, that is, the hacker attacks only ransom, even the less capable hackers, can also buy attack kits on the network, or rent botnets for criminal attacks in order to gain the illegal benefits.

The attack toolkit will be on the network to sell the characteristics of two, one is easy to use, because the attack tool pack high efficiency, plus the program content and the Web page system similarity is high (usually mostly Trojan program).

The second is that the attack toolkit has a high success rate because the attack pack has prepackaged a set of attacks that can exploit various host vulnerabilities, including operating systems, Web browsers, and various browser plug-ins, such as adobepdf and Flash. Each new version of the Attack Toolkit includes a set of 0 jet-lag attacks, which increases the likelihood of attack success. Even some toolkits retain programs that are 4 or 5 years old, so that they can still occur when you encounter an earlier computer.

A large British financial institution was hacked into in July 2010 and a Bank Trojan Horse program (ZEUSV3) was installed on the client computer of the finance company to be logged into the banking network to steal customer information and then transfer the money from the customer account into the hacker's own account. At the same time in order to ensure that the transfer is not detected by bank customers, the attack program will automatically generate a false balance details, so that the bank customers and the bank host will not find that the entire invasion, more than 3,000 people were affected, the hacker from the bank account to steal 675,000 pounds.

To avoid intrusion from the attack kit, from the user's point of view, it seems to be becoming more and more difficult, but it is not impossible, the most effective way is to install the patch on the computer host, although it is possible to encounter a zero-difference attack toolkit, may be due to the lack of timely access to the latest patches poisoning, But at least it can reduce the chance of attack.

Another approach is to use IPs virtual patch technology to think about prevention from the perspective of Vulnerabilities (CVE) and from the perspective of stealth (JavaScript), so as not only to reduce the number of attacks, but also to reduce the risk of attacks on Web pages, especially for Web browsers. Consumers should update the latest version of the browser and plugin at any time in order to reduce the risk of attack.

Hacker attacks are constantly being updated, and we need to learn more defensive techniques to deal with the threats posed by hackers.

(Responsible editor: Duqing first)