Take the stealth, creativity, and patience of Stuxnet. Add the commercialism, wide distribution, and easy-to-use toolkits of Zeus. Consider that despite more than years of activity, as of May 2011, neither of these cybercriminal teams has been exposed. You now understand the recipe—and potency—of today’s malware. Start planning now. It will take more than signatures and operating system-level protections to protect your intellectual property and other assets against criminals wielding these weapons.
Stealth is the art of travelling undetected, of being invisible. Stealth technology allows military aircraft, Ninjas, and malware to sneak up on the enemy to launch an attack, gain intelligence, or take over systems and data.
Although stealth techniques are used in sophisticated attacks like Conficker and Operation Aurora, the Stuxnet attack offers a new blueprint—and benchmark—for how committed criminals can use stealth techniques to steal data or target computing systems. Stuxnet innovations included a combination of five zero-day vulnerabilities, three rootkits, and two stolen digital certificates.
Powerful toolkits, like what is available in the Zeus Crimeware Toolkit, make stealth malware development a “point- and-click” endeavor, no longer restricted to the most knowledgeable programmers. While there are no definitive industry figures, McAfee Labs estimates that about 15 percent of malware uses sophisticated stealth techniques to hide and spread malicious threats that can cause significant damage.
These attacks form the cornerstone—the “persistent” part—of advanced persistent threats (APTs). When Stuxnet innovations combine with easy-to-use programming toolkits like Zeus, these complex stealth attacks will occur more often and threaten mainstream enterprise targets. This will be the new reality of crimeware, and enterprises will need to adopt new anti-crimeware that moves beyond the traditional operating system.