Most Dangerous Attacks - Day 1

I cross paths with the world's best and brightest cybersecurity minds everyday. So, when <a href="http://www.inguardians.com/">Ed Skoudis</a>, a founder and senior security consultant with InGuardians, provided me with a list of today's most dangerous attack vectors for a project we're working on, I knew it deserved exposure.

I cross paths with the world's best and brightest cybersecurity minds everyday. So, when Ed Skoudis, a founder and senior security consultant with InGuardians, provided me with a list of today's most dangerous attack vectors for a project we're working on, I knew it deserved exposure.

Skoudis studies this stuff, and knows more about the types of attacks infiltrating government and nongovernment entities than I could probably imagine. Of course, because Ed is so deeply embedded, much of what he knows is classified, making his most dangerous attack vector list that much more important.

I see this small window into the world of what our government faces. Maybe more important, this is an overview of the stealthy enemy penetrating our daily computing lives. Either way you dice it, we're all vulnerable to attacks, so it's important to know how they work.

I'll release the attack vectors one at a time, starting today. I'm doing this because they all deserve equal attention and if I lump them into one blog post, I think they'll overshadow each other. I also want to make sure I address in each post, the ways we can mitigate these types of attacks, where they come from, why they're the most dangerous, and who is responsible.

The first attack I'll release we've already covered, but as a short review; Search Engine Optimization (SEO) to distribute malware is becoming increasingly prevalent. This attack works best when a big news story breaks. Computer attackers use SEO techniques, the same ones a legitimate company would utilize to boost its search result rankings on Google and other search engines, to compete with the credible news sites. When average-Joe-unsuspecting user takes his comfy seat on the couch, laptop in hand, to look up the latest media buzz, he or she might find a link in the search results that doesn't belong there. After clicking on the link, the attacker's Web site delivers back an exploit for client software, infecting the machine.

For more information and to protect yourself read my other post on this kind of attack. Stay tuned for the rest of Skoudis's note worthy list.