New research shows that hackers are becoming increasingly lazy in their search for online exploits, with 98% of Remote File Inclusion and 88% of SQL injection attacks now being fully automated.

It comes as no surprise whatsoever to DaniWeb administrators and moderators that your average cybercriminal is looking for the easiest way to earn a dishonest buck. After all, we have recently completely re-coded the DaniWeb forum from the ground up partly in order to deal with the increasing number of spambot attacks that were being launched against us across much of last year. Spammers have long since used software to automate both the spam-posting process but during the past few years we have seen them increasingly turning to software solutions that automate the forum registration process as well, including breaking the various CAPTCHA-based security systems that forum operators put in place to stop just such occurrences.

dweb-auto The Hacker Intelligence 'Automation of Attacks' report published today by security specialists Imperva suggests that this highly automated approach to law-breaking is rife within the hacking community. The report is a detailed analysis of data collected between January and March 2012, and reveals that as much as 98% percent of Remote File Inclusion (RFI) and 88% of SQL injection attacks are automated, including by two software tools: Havij and sqlmap.

With making money the driving force behind most web application attacks, why would hackers want to waste time actually studying vulnerabilities and learning how to exploit them when they can use tools developed by others with more technical ability to do the job for them? The 'Script Kiddies' are well and truly back on the scene it would seem.

The report highlights how traffic characteristics such as attack rate, attack rate change and attack volume can be used to identify automated attacks and reveals how the automated tools used leave fingerprints that can be extracted from the source code to identify an automated attack with a high degree of certainty.

“Using automated software tools, even an unskilled attacker can attack applications in a short period of time, potentially collect valuable data and move on to the next target,” said Amichai Shulman, CTO at Imperva. “Automated tools can be used to evade an enterprise’s security defenses.”

198 Views
About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Member Avatar
LastMitch

“Using automated software tools, even an unskilled attacker can attack applications in a short period of time, potentially collect valuable data and move on to the next target,” said Amichai Shulman, CTO at Imperva. “Automated tools can be used to evade an enterprise’s security defenses.”

I agree what he mention but it's still hard to shut down a software. Each year, new features make it hard to really deferred the Spamming. I'm not sure if anyone can really prevent that.