Friday, June 17, 2016

Cybercriminals using botnets that imitate humans to access user accounts

Botnets that imitate humans are used by cybercriminals to gain access to accounts

According to Britain's National Crime Agency (NCA), cybercriminals are making use of more and more advanced botnet attacks in order to carry out attacks on online banking and shopping accounts. Fraudsters after purchasing stolen details on the dark web have begun using huge automated attacks to confirm usernames and passwords, permitting them to access accounts.
Botnets that imitate humans are used by cybercriminals to gain access to accounts  According to Britain's National Crime Agency (NCA), cybercriminals are making use of more and more advanced botnet attacks in order to carry out attacks on online banking and shopping accounts. Fraudsters after purchasing stolen details on the dark web have begun using huge automated attacks to confirm usernames and passwords, permitting them to access accounts.  The top dangers include Remote Access Trojans (RATS), which is targeted at individual as well as company finances. Intended to look like authentic software, they let people to distantly observe and take control of another computer, getting access to confidential files and information.  During hacking attacks, Distributed denial of service (Ddos) attacks targeted at closing down or deactivating online functions were also widespread.  Speaking to The Times newspaper, an NCA spokesman said, "These style of attacks can also attempt to mimic human-user behaviour, making them much more difficult to detect.”  Further, in a statement last month, Vanita Pandey, a Vice President at the cybersecurity company ThreatMetrix said, "Fraudsters can create pitch-perfect attacks because they know so much about us."  The company, which validates transactions on behalf of 4,000 customers across the world, found that attacks when compared to last year had increased by three folds to 264 million in the first quarter of 2016.  Adding that the attacks are basically difficult to find out, as they are not always selected by traditional measures, Pandey said, "Our normal lines of defence just aren't working.”  Along with sophisticated attacks, ThreatMetrix, which examines one billion transactions each month, reported that online businesses were unintentionally offering means to anonymously test stolen payment records, referring to the example of "a series of $5 payments made with stolen credit cards targeting the charity sector".  The blunt forewarnings comes in the wake of numerous high-profile cyberattacks on British companies in the last year.  Telecoms giant TalkTalk suffered a security breach in November 2015, which revealed the personal information of more than 150,000 customers.  Prior to that, nearly 2,000 customer accounts of Vodafone users had been gained access to by the hackers, possibly offering criminals with customers' names, the last four digits of their bank accounts, mobile numbers, and bank sort codes.  In early 2015, hackers attacked Carphone Warehouse with online traffic as a smokescreen while they stole the personal and banking details of 2.4 million people.  A study of investigations concerning the NCA's National Cyber Crime Unit over 2015 found the average age of suspects to be 17, in spite of an apparent increase in the number of crimes.  Majority of young people and their parents are unaware as to what creates a cybercrime or the consequences of getting involved in it, pointed out the agency commissioned by the research.  Speaking at the launch of the #CyberChoices campaign in December 2015 Richard Jones, Head of the National Cyber Crime Unit's Prevent team said: "We know that simply criminalising young people cannot be the solution to this and so the campaign seeks to help motivate children to use their skills more positively."  He added: These individuals are really bright and have real potential to go on to exciting and fulfilling jobs. But by choosing the criminal path they can move from low level 'pranking' to higher level cybercrime quite quickly, sometimes without even considering that what they're doing is against the law."


The top dangers include Remote Access Trojans (RATS), which is targeted at individual as well as company finances. Intended to look like authentic software, they let people to distantly observe and take control of another computer, getting access to confidential files and information.

During hacking attacks, Distributed denial of service (Ddos) attacks targeted at closing down or deactivating online functions were also widespread.

Speaking to The Times newspaper, an NCA spokesman said, "These style of attacks can also attempt to mimic human-user behaviour, making them much more difficult to detect.”
Further, in a statement last month, Vanita Pandey, a Vice President at the cybersecurity company ThreatMetrix said, "Fraudsters can create pitch-perfect attacks because they know so much about us."

The company, which validates transactions on behalf of 4,000 customers across the world, found that attacks when compared to last year had increased by three folds to 264 million in the first quarter of 2016.

Adding that the attacks are basically difficult to find out, as they are not always selected by traditional measures, Pandey said, "Our normal lines of defence just aren't working.”
Along with sophisticated attacks, ThreatMetrix, which examines one billion transactions each month, reported that online businesses were unintentionally offering means to anonymously test stolen payment records, referring to the example of "a series of $5 payments made with stolen credit cards targeting the charity sector".

The blunt forewarnings comes in the wake of numerous high-profile cyberattacks on British companies in the last year.

Telecoms giant TalkTalk suffered a security breach in November 2015, which revealed the personal information of more than 150,000 customers.

Prior to that, nearly 2,000 customer accounts of Vodafone users had been gained access to by the hackers, possibly offering criminals with customers' names, the last four digits of their bank accounts, mobile numbers, and bank sort codes.

In early 2015, hackers attacked Carphone Warehouse with online traffic as a smokescreen while they stole the personal and banking details of 2.4 million people.

A study of investigations concerning the NCA's National Cyber Crime Unit over 2015 found the average age of suspects to be 17, in spite of an apparent increase in the number of crimes.

Majority of young people and their parents are unaware as to what creates a cybercrime or the consequences of getting involved in it, pointed out the agency commissioned by the research.

Speaking at the launch of the #CyberChoices campaign in December 2015 Richard Jones, Head of the National Cyber Crime Unit's Prevent team said: "We know that simply criminalising young people cannot be the solution to this and so the campaign seeks to help motivate children to use their skills more positively."

He added: These individuals are really bright and have real potential to go on to exciting and fulfilling jobs. But by choosing the criminal path they can move from low level 'pranking' to higher level cybercrime quite quickly, sometimes without even considering that what they're doing is against the law."

No comments:

Post a Comment