The article I chose to do an analysis of is titled “An overview of social engineering malware: Trends, tactics, and implications” by Sherly Abraham and Chengalur-Smith of the State University of New York. This article is an investigation to the practice of social engineering and the implications it has in the world of malicious programmers and hackers. It describes the actions taken and explains the spread of malicious content through the internet based on programming users through social engineering.
The target of this particular article and study would be technology professionals and especially information security agencies. This article speaks to the expert and is not intended for lay readers and novice computer users. Attempting to read this article without having any knowledge of the computers systems and infrastructure of today would be very difficult. It describes methods hackers and programmers use and the utilities that allow them to pass malicious content through infected systems. Words like “keylogger” and “rootkits” are examples of this. These tools hide themselves in places on a users system without their knowledge and are very difficult to detect even using modern and up to date antivirus protection. One common practice described in this article is that of the SMTP hijack. The small mail transfer protocol hijack is used on an infected user’s computer to send copies of itself via email using the user’s contact list as a jumping off point. The article also describes the theory of botnets, which is an infection that turns computers into a zombie like state. The computers wait for a command from the author and certain botnets have infected millions of computers. These botnets have the power to force entire countries of the web through what is called DOSA or “denial-of-service-attack”. These have been used to cripple famous web pages like MySpace, Facebook, and Live Journal off the web.
The article takes the reader in a very fluid and progressive manor; it builds a framework that leads to a very solid conclusion. The article fist beings with the standard introduction that is accustomed to research papers and technical documents. It explains very clearly the goal of the article and provides the settings for which the groundwork of the study was laid. Next it moves onto described how social engineering is used to program user’s to allow the malicious content on the system. It also details the trend of social engineering and the beginnings of “pop-ups” on the web to distribute malicious code. Then it flows onto the infiltration channels that this malicious code travels through, both in the enterprise environment and home user environment. Which leads the article up to the tactics that hackers and malicious programmers use to manipulate those channels and how that can maximize the effectiveness and spread of the Trojan to impact as many users as possible. Then described is the implication that these infections have on systems network, internet service providers, sensitive data like credit card accounts and bank accounts, and the military infrastructure. This all leads to a very solid conclusion that has a solution and how to go about approaching that solution and implementing it. In the end the article is very logically organized and walks the reader through the process of social engineering and how it is used to pass malicious code; all the way to how to prevent the spread of infection and altering social engineering to combat the situation.
The key idea I take way from this article is that the individual must work in cooperation with the rest of the community to provide a “healthy” and stable network. If an individual were to practice habits that prevent the spread of malicious content, that is just one more system that is safe from harm. As the internet spreads and grows more and more into our daily lives, we must cooperate as a community to ensure its stability and security. If continue to practice bad habits and click on every pop up and email we get, we are just crippling the system. This would lead to more drastic measures. One idea currently floating around to combat this problem is that of quarantine, and what that does is disconnects a system from their internet service provider if malicious content is detected coming from their system.
References
Abraham, S, & Chengalur-Smith, I. (2010). Technology in society. An overview of social engineering malware: Trends, tactics, and implications, (32), 183-196.
It's amazing what people will do to try to get a person's information these days. You said that the key idea is to provide a "healthy" and stable network and that is so true but it's amazing to hear how many people get viruses from emails.
ReplyDeleteThe cardinal rule I live by and tell my friends is: If you don't know the sender then don't open it and delete it immediately!
Great article!