
Stealth attacks are after your intellectual property...
Published: 28 July 2006 09:20 GMT
The latest threat to intellectual property comes in the shape of malicious software that is capable of infecting a computer, hiding itself until the user accesses specific files or websites - in order to steal files or passwords - and then deleting any trace of itself.
Speaking at the IT Security in Government Conference in Canberra, Australia on Friday, Brian Denehy, security assurance engineer at CyberTrust, told delegates the vast majority of new malware uses "some type of stealth" or anti-forensic technology in an attempt to remain undetected before, during and after an attack.
According to Denehy, techniques used not only include 'the obvious ones' such as encryption and rootkits but also "compression bombs" - which are compressed files that try to make life difficult for forensic tools by attempting to expand to an infinite size when executed.
He said: "Generally these techniques are seen in about 65 per cent of all forensic investigation these days.
"Some just do a complete wipe on the disk - equivalent to a low level format - to make sure that some of the remnant magnetisation is not left behind. Most of you may well appreciate that just writing on a hard disk still leaves evidence there that can be recovered with the right tools.
"People also use the slack space at the end of files or introduce extras in the bad sectors list to hide their data… it makes life more difficult."
When conducting investigations, it's always Denehy's hope that these techniques haven't been used by hackers. "It is pleasing to find an inexperienced hacker that has not used these things and has made it easy to analyse," he said.
Munir Kotadia writes for ZDNet Australia
Software Support Engineer, Northamptonshire, 35-45K IT Company The Software Support Engineer (SWSE) has primary responsibility for providing ...
JOB TITLE: UK Sales Executive-Disk Encryption & Data Protection Sales SELLING: Disk Encryption and Data Protection SELLING TO: Enterprise and Mid ...
Other responsibilities include: Implementing preventative measures; minimising business disruption; minimising risk of security attack, malicious ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy