Computer Attack Trends Challenge Internet Security

Nowadays, more organizations than not rely on the Internet to store their data and to conduct business. As such, these organizations must make sure their systems operate safely and can survive malicious attacks. In order to defend from these attacks, it is important to have some knowledge on typical cyber attacks. In this paper we describe current trends in attack techniques and tools in order to help raise awareness for these organizations, using data from the CERT Coordination Center, which has been observing intruder activity since 1988.

Since the beginning of the Internet, the level of automation in attack tools have constantly been increasing. However, these automated attacks usually involve four phases, including scanning for victims, compromising vulnerable systems, propagating the attack, and coordinated management of attack tools. These attack tools additionally have become more sophisticated in that it is harder to analyze the signatures of these tools in order to determine the identity of intruders. Three characteristics of attack tools are their modularity, dynamic behavior, and anti-forensic techniques. Furthermore, vulnerabilities of systems are being discovered at a faster rate, and firewalls are becoming weaker simultaneously. Finally, infrastructure attacks, which widely affect the main components of the Internet are becoming more concerning due to the sheer mass of Internet users, and include DNS attacks, worms, and more.