Friday, February 1, 2008

Prediction 3 - A major site gets hacked

I'm not so sure about this one and I have been thinking about it for too long. If I take much longer my predictions will be very accurate because it will be December and I'll have hindsight.

Online service providers (yahoo, gmail (google), hotmail (microsoft)) seem to take their security really seriously and that is great. I think that they are targets but they are aware of this and they realise that an attack could render them dead. Their business is all about trust and a loss of trust would break their business.

However, the web was never designed to be so secure and application based. It is meant to be static pages delivered non sequentially (images load up when they can). This is not a very good base to have for a service.

I see that the hackers are already playing with session keys and such. My prediction is that this year or in the foreseeable future malware (all kinds including bots) will try suck session keys from traffic and use them to steal information or do unauthorised actions on "behalf" of a user. This has happened in the past but I believe that it will become more widespread, targetted and automated.

Example possible attack scenario: "Bob logs onto Gmail from an infected PC. He logs into his account on gmail waking and wakes up the malware which either forwards the session key to the attacker or drafts an email to the attacker from Bob with a list of all his contacts. Attacker sells these good emails to spammer. Or malware downloads a preconfigured spam message and sends the message to all of Bob's contacts. All of this happens in a scripting environment and Bob is not aware of anything strange because windows don't pop up."

If this is happening already then I applogise for coming to the prediction party late.. and I'll just predict that it will increase until http is replaced with something else, new online standards are developed for services or it becomes as bad as spam is today.
Post a Comment