So if you, like half of the rest of the nation, were trying to figure out what actually happened with the whole Tiger Woods incident, you could have jeopardized your computer security. If “Tiger Woods accident rumors” was entered into Google, a website about handguns and a website about a small church were among two of the results. These sites, not intended to be malicious, do not have a site administrator dedicated to keeping them secure. Hackers planted a PHP code (general scripting language code used for web development) to attack people searching for information. Those using Firefox were alerted to the hacked sites, but those using IE were not. If the hacked website was attempted to be accessed using IE, it engages a pop-up saying that you have viruses that need to be checked. Regardless of if you choose 'OK' or 'Cancel' it pops up an imitation Windows explorer browser eventually trying to get you to download malicious software.
There are two issues that I want to talk about here:
First is the idea that hackers are using current events as a way to target people. I had not personally heard of this strategy before, but it makes sense. They are able to affect how things show up in search results by messing with insecure sites. One suggestion that Sean Sullivan suggests is to use the News function in Google, because it's harder to come up with sites that have been compromised.
Second is differing browsers. Microsoft's Internet Explorer still has a large chunk of the market share among browsers. I feel like this is slowly changing, but could cause people problems. IE runs into problems with websites and seems to not be as secure as some newer browsers, like Mozilla Firefox and Safari. So, it's recommended that you actually look into what browser you are going to use and understand the differences in web browsers.
Finally, those little green check marks that you see net to searches sometimes actually do mean something. Whether you're using McAfee or some other type of detector, you generally don't want to try and access sites that aren't trusted by these types of detectors.
If you want to take a look at this Tiger Woods example, there is a Youtube video: http://www.youtube.com/watch?v=5BgQo84olhY
Source: http://itknowledgeexchange.techtarget.com/security-bytes/hackers-use-tiger-woods-saga-to-conduct-search-attacks/
Monday, December 7, 2009
Subscribe to:
Post Comments (Atom)
Posts
This post is very interesting to me because I did not know that some web browsers are more secure than others. It makes sense when you think about it though because not all browsers have the same capabilities, which means they most likely do not have the same vulnerabilities. I feel like the reason that the hackers have targeted Internet Explorer is because IE has the largest market share, which means that they will be able to affect more people by targeting IE instead of Safari or Firefox.
ReplyDeleteThis does seem like a rather clever way to attack internet users based on their browsers. It's true that Windows IE still dominates the browser usage today, but I think that most of these users tend to be the older generation, like our parents. While my sisters and I, and most people my age, tend to use web browsers like Firefox or Safari, my parents and most non-tech savvy users tend to stick to Windows IE (in spite of suggestions to switch over to Firefox) for mostly convenience purposes. Because IE doesn't have the 'safety' indications that Firefox provides on its search engines, I can see how so many people can be exploited by these attackers. This particular situation provides a hybrid of problems, as it also presents a popup of malware disguised as software to be downloaded in order to check your computer for viruses. Most of these disguised malware look like legit programs, and so are easily missed by less-aware/savvy internet users. I think that IE should definitely make an effort to try to at least update their browser in order have that safety feature on the search engines, or else it'll leave several users vulnerable to future attacks like these which, quite frankly, I think will become more common.
ReplyDelete