1

New research shows that hackers are becoming increasingly lazy in their search for online exploits, with 98% of Remote File Inclusion and 88% of SQL injection attacks now being fully automated.

It comes as no surprise whatsoever to DaniWeb administrators and moderators that your average cybercriminal is looking for the easiest way to earn a dishonest buck. After all, we have recently completely re-coded the DaniWeb forum from the ground up partly in order to deal with the increasing number of spambot attacks that were being launched against us across much of last year. Spammers have long since used software to automate both the spam-posting process but during the past few years we have seen them increasingly turning to software solutions that automate the forum registration process as well, including breaking the various CAPTCHA-based security systems that forum operators put in place to stop just such occurrences.

dweb-auto The Hacker Intelligence 'Automation of Attacks' report published today by security specialists Imperva suggests that this highly automated approach to law-breaking is rife within the hacking community. The report is a detailed analysis of data collected between January and March 2012, and reveals that as much as 98% percent of Remote File Inclusion (RFI) and 88% of SQL injection attacks are automated, including by two software tools: Havij and sqlmap.

With making money the driving force behind most web application attacks, why would hackers want to waste time actually studying vulnerabilities and learning how to exploit them when they can use tools developed by others with more technical ability to do the job for them? The 'Script Kiddies' are well and truly back on the scene it would seem.

The report highlights how traffic characteristics such as attack rate, attack rate change and attack volume can be used to identify automated attacks and reveals how the automated tools used leave fingerprints that can be extracted from the source code to identify an automated attack with a high degree of certainty.

“Using automated software tools, even an unskilled attacker can attack applications in a short period of time, potentially collect valuable data and move on to the next target,” said Amichai Shulman, CTO at Imperva. “Automated tools can be used to evade an enterprise’s security defenses.”

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

2
Contributors
1
Reply
10
Views
5 Years
Discussion Span
Last Post by LastMitch
0

“Using automated software tools, even an unskilled attacker can attack applications in a short period of time, potentially collect valuable data and move on to the next target,” said Amichai Shulman, CTO at Imperva. “Automated tools can be used to evade an enterprise’s security defenses.”

I agree what he mention but it's still hard to shut down a software. Each year, new features make it hard to really deferred the Spamming. I'm not sure if anyone can really prevent that.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.