Tuesday, November 27, 2007

Targeted e-mail attacks spoof DOJ, business group

This article from the November 21st issue of the BNA Internet Law News talks about how two e-mail attacks were launched 2 weeks ago targeting different corporations. The first attack was sent to about 400 people in different institutions and seemed as though it was a complaint from the U.S. Department of Justice sent specifically to that individual. A second attack just a few hours later was similar but claimed to the coming from the Better Business Bureau. The attachments in these e-mails would send out a Trojan virus and take over their system. A security analyst claims that once these were installed that they could use that machine for basically anything. These e-mails are very hard to detect because they seem to be coming from legitimate sources. One big issue with these are the number of attacks has increased drastically in the past few years.

I feel like this is a big issue. If these are hard to detect and hard to trace back to the source that they came from, how do we know that people aren't extracting valuable resources that they can actually hurt out country. For instance if a terrorist group sends out on of these attacks and is able to take over some of our systems, how do we know that they won't receive valuable information that is supposed to be confidential. This case may be a little extreme, but in these attacks people's identities may also be taken which is a serious issue. I feel the United States need to come up with another smart system that will be able to detect and track any of these viruses.

No comments: