Hacking the Super Bowl

Not too long ago, security researcher Roger Thompson had an epiphany. He already had his global distributed network of honeypots well established and had detected a more than a few breaking viruses. But the days of seeing new threats such as Sasser and Netsky, both of which lit up his switchboard instantly, were over. Now attacks light up one honeypot in one part of the world, then in another part, then another.

The new attacks, he realized, were increasingly targeted and were being carefully meted out to avoid detection by honeypot networks such as his own. The attacks today are being discovered only by reading the honeypot log files well after the fact. Thompson realized that the current model was backward. Rather than sitting back and waiting for attacks to come to him, he needed a more active model; he needed to go and find the attacks as they are happening. And it's a good thing he made this paradigm shift. Shortly before the 2007 Super Bowl, thousands of visitors to the site quickly discovered how a perfectly legit Web site could also be the source of rather nasty Trojan horses. Security Watch: Hacking the Super Bowl - CNET reviews

Linked by shanmuga Saturday, 17th February 2007 9:53PM