Panel: Video New Avenue for Viruses5 Oct, 2007 By: Erik Gruenwedel
The popularity of community Web sites such as YouTube and MySpace has the potential to introduce a Pandora's Box of cyber viruses and illicit codes to users' video players and computers, said a panel of Internet experts.
The panel — which included Vint Cerf, one of the founders of the Internet now working for Google — was the feature presentation in the Georgia Tech Information Security Center's annual summit meeting last week in Atlanta.
Panelists said Internet hackers are now focusing on the end-user through infected videos, PDF and Excel files, and e-mails.
Although the incidences of corrupted videos sent through the Internet remain small, panelists said the success of video-sharing sites, fueled by the reality that most people will view video files sent to them, will make these distribution channels a more common threat in near future.
“There are going to be various types of new threats … due in part to the openness of the Internet,” Cerf said.
Panelists said hackers have the ability to send viruses, take over a PC and query personal information via video clips.
Panelists said traditional phishing scams (hoax e-mails sent to steal identities and gather personal information) are giving way to more permanent threats whereby hackers install malware on end-users' computers.
“Attackers will continue to post malicious links as part of the user's everyday online activity — at the end of an instant message [IM], hidden in a YouTube video or embedded in an Excel spreadsheet,” said Paul Judge, SVP and CTO with Secure Computing.
Judge said 90% of all e-mails are unwanted and considered spam. He said hundreds of thousands of new Zombies (computers attached to the Web that have been compromised by a hacker) come online annually to deliver unwanted traffic to networks.
“That is four new computers coming online every four seconds sending unwanted attacks,” he said. “Now we are dealing with anonymous decentralized adversaries. Attackers are trying to be wolves in sheep's clothing.”
Panelists said upwards of 11% of all computers linked to the Internet are corrupted. About 40% of illegal hacks go undetected by traditional signature and other safety protocols.