?Bot (or zombie) networks create unique problems for organisations and individual PC users as systems can be automatically upgraded with new exploits very quickly, allowing attackers to outpace efforts to patch or download security updates.?

Quoted by Symantec just last week.

But after the series of worm attacks starting with MS Blaster in fact the worm/spyware world has achieved in less than one year what one could in fact now call "virtual attack machines at will" which is really what Symantec is saying but not saying to it's customer base as they themselves have not sure how to answer this this problem.

Here are a number of items that lead to the conclusion that in fact there are indeed "virtual attack machines" in place that can at will be used to commit ID theft,extortion, fraud, grey money laundering activities, DoS, DDoS etc.

One could in fact if all the worms below were truly analyzed for their command lines and what these command lines carried out every aspect of a "cyberware attack methodology" has been testede and checked off.
MS Blaster
Sasser
Witty
Plexus
Kibuv
Bobax
Bagle_AE and AQ with variants
Robot-GR
MyDoom_O
SDBOT-UH (now with first reported ?sniffer abilities?)

New Spyware threats with ?drive-by downloads and blended threats? called: (techniques now being copied by worm writers)
SCOB
Web Money Infection

Vendor device vulnerabilities creating ever larger opportunities:
Posioned JPEG
?Denial of Silence?-exploitation of the RFCs/IEEE requirements in WLAN
40 DoS vulnerabilities reported on Oracle
HTTP tunneling hacking (all together currently 10 tunneling attacks to include ICMP)
Reported VoIP and WLAN DoS vulnerabilities
Caller ID spoofing in VoIP
Bluetooth hacking
First reported Windows CE virus



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/268/28593#28593