Until recently, Google was used by hackers mainly as an excellent source of easy potential hacking targets. With over 8 billion pages indexed and only a small percentage of users knowledgeable about internet security, it was easy to find the websites that could be hacked virtually on a fly. Rather advanced system of Google search operators facilitated this task even further.

Another way to quickly identify the topics of interest and of increased popularity is of course by Keeping eye on Google trends (yet another invaluable tool for both hackers and SEO specialists).

While hackers were playing their games, Black Hat SEO guys were playing theirs, dominating many lucrative SERPs and cashing in on a free targeted traffic.

But to the best of my knowledge, they were not combining their forces, at least at large scale.

Well, now they do.

SEO specialists from Poland identified one of the factors which are currently heavily used by Google to define relevancy of the search results. I’m talking about the velocity. In lame terms velocity is nothing more than the “freshness” of the particular post and links. The more recent the post is, the bigger its weight. Sure, there are many other factors that are taken into consideration as well – such as the number of incoming links, domain age, etc. I’m talking about velocity here, because that’s what allowed seo pros to exploit Google algorithm and, along with artificially generated incoming links, get millions of pages ranked for the keywords of their choice.

This is impressive on its own, though disturbing. What’s even more disturbing, they combine their efforts with hackers, and all those pages were filled with specific type of malware.

Panda Security Labs identified a list of keywords that were compromised. To be more precise, the top SERPs for those keywords displayed absolutely irrelevant results linked to some domains in Warsawa:

http://www.webpronews.com/topnews/2009/04/14/seo-blackhatters-target-ford-via-google

On second thought, it doesn’t mean that hackers and SEO pros are from Poland. It only means that they control the server in Poland, and the domain from Poland.

You probably think this article will be about heroin, cocaine, marijuana, LSD or something similar, right?

Not even close, my friend. It will be about something you’re very well familiar with yet you never thought about it as a drug (though you really should).

Introducing: Virtual Drug

By the way, marijuana and LSD are not as dangerous as they sound. There are some legal substances that are more dangerous. According to the study published this year in “The Lancet”, alcohol and tobacco are much more dangerous than marijuana or LSD and are included in the list of the 10 most dangerous drugs in the world. As you know both alcohol and tobacco are legal, and marijuana is forbidden in most countries. Just a food for thought. You can clearly see from this example that if something is legal it doesn’t necessarily mean it’s harmless and vice verse.

Why did I decide to emphasize this fact? Because today we’ll be talking about something that is as legal as it gets yet at the same time it has high level of risk based on all the risk factors that are usually considered during the analysis of the risk level for potentially dangerous substances.

There are many risk factors that could be considered for such analysis, and the factors could vary. But here are the 3 major factors that are considered in one form or another in all such analysis.

· What is the level of physical harm the drug could potentially cause to the user?
· What is the level of addiction? (In other words, how easy and safe would it be to withdraw from further usage if the user would decide to stop?)
· What is the overall drug impact on society at large?

Soon you will find out what I consider the worst drug on the planet. But first let’s establish a few statements.

Statement 1. Most drugs could be useful in a small dosage.

In order to agree on this it’s enough to remember that many drugs are used as a pain-killers. And some have unique healing qualities that are hard to find in other medications. For example, according to several researches, THC can help to prevent cancer. Let’s not forget that it’s the main active ingredient of marijuana.

Statement 2. The over-dose can seriously harm the individual or cause the lethal outcome.

I don’t feel that for this statement we need to search for any proof – just look at thousands of people dying every year from drugs.

If you think about it, any substance or influence that has high impact on individuals based on those major risk factors and 2 statements mentioned above, should be considered a drug.

So why do we usually limit our comprehension of drugs to physical substances only?

For example, what about all those ads that you see on your TV each and every day that are brainwashing you? (Yes, I know, you can order TiVo or similar services and fast-forward all this trash, but it’s rather expensive and is not used by a large percentage of general public).

Now let’s look at another service that is used by the majority of people on the planet. I’m talking about Internet. Yes, the Internet, this information super-highway. Is it good or evil? It certainly has over-grown its initial purpose of providing the easy ways of worldwide communications a long time ago and now can be not only extremely useful but extremely dangerous as well.

Remember, many drugs can be useful in small dosage, but they are deadly in big portions. The same is true about the Internet.

Paradox, but its danger lies in its extreme usefulness and self-sufficiency. Internet resembles the snake biting its own tail. In a small dosage it’s very helpful – you can get virtually anything on the Internet – from information on any subject to any product.

However, the strongest side of the Internet is at the same time it’s weakest spot.
Since people can find whatever they want on the Internet nowadays, a rare person can restrict himself/herself from not using it for more than a few hours per day.

Let’s scrutinize the Internet through a prism of the 3 major risk factors we listed earlier.

  1) Physical harm or influence on a health of the individual.

There is a whole range of direct and indirect health problems that can be caused by the Internet. Direct health problems derivate from the fact that Internet is most frequently accessed through computers. And sitting in front of the computer screen for long hours without often breaks will lead to diminishing eyesight, headaches, neck and shoulder pain.
But at least direct physical problems are not lethal. Now let’s look at indirect ones. On the Internet, you can get both legal and illegal products with almost the same ease.

Hacking manuals? Drugs? Illegal weapons? Money laundry? Pornography? People can get anything, and it’s much more difficult for authorities to track the source of delivery than if the trade would take place in a physical world.

And people get a sense of pseudo-safety since they do not physically participate in the trades, and they don’t see criminals with guns and all other usual attributes of such “meetings”. In reality if they are buying/selling “stuff” from their homes it doesn’t mean they can’t get in trouble or seriously hurt/killed participating in such “deals”.

There are numerous other ways that Internet can be used to trick people into different scams (through phishing, spamming, etc). And people can be seriously hurt.

Not to mentioning online predators who use popular social networking sites and chats to find new victims. Of course there are filters that could be used to limit children exposure to sites with sexual content and to potentially dangerous chats and forums. But they are not 100% effective – child can simply go to the computer without filter.

Sure, you can say that these examples have nothing to do with the Internet, all those crimes could happen in the offline world too. And my answer to you would be: Internet made all those things much easier, more accessible, lightening fast and available worldwide. At the same time it provides the false sense of pseudo-safety. All things combined, it increased crime ten-fold.

I hope now you can see that based on the “physical harm” risk factor this virtual drug deserves to be placed on the highest position.

  2) Now let’s look at another risk factor – addiction.

How many times per day do you check your email? How many hours per day do you spend online? Come on, be honest. And if you would be unable to check news or chats, see your favorite sites or check emails every day would you feel uncomfortable? Wouldn’t you try to find wireless access asap to login your laptop? Even when you’re on vacation? I rest my case. For many people it’s almost impossible today to live without the Internet.

Which brings us to the last risk factor:

  3) Drug impact on society at large.

None of the currently existing physical substances has even remote impact on society as Internet does.

And I am not talking here about the positive influence of the Internet, far from it. Millions of people around the globe have buried themselves in the virtual world trying to avoid a harsh reality of the physical one.

Millions and millions have been scammed out of their last pennies through different MLM schemes, Forex/stocks super-returns schemes, spending tens of thousands of dollars buying “how to become filthy rich in 1day” type of “manuals”, etc.

Countless millions of Internet users spend all their “free” time and sleepless nights online trying to build their online businesses. While there is nothing wrong with this approach, it doesn’t hurt to remember that only 5% of such businesses succeed and you need a substantial set of skills to become successful online or a budget to hire people with those skills. And the rest 95% lose all their money, hope and in many cases – their families too. Not many spouses are willing to put up with their better halves spending all the time on the computers…

Here you have it – brief introduction to the Virtual Drug – the most dangerous drug of the 21st century….

Though the implementation of IPv6 can somewhat increase the security of the lower layers of OSI, the main stream of actual hacking happens on the application layer of the model.

We will talk about firewalls and intrusion detection systems in future articles, as well as the ways to further secure your hosts with live response toolkits and forensic image toolkits that can help you to define possible kernel rootkits, etc.

The network reconaissance is helpful if hacker plans to attack particular network. But in
reality this approach is used less often today.

The main trend of [tag]internet security[/tag] attacks for 2006-2007 is to use “wholesale approach”.

That means no network, organization or individual serves as a specific target. Instead the
target is every machine that is exposed to certain vulnerabilities.

Another trend that is clearly seen is the combination of different techniques. If in
2004-2005 intruder would (mostly) use either email with embedded virus or worm, or use the exploit that would give him a direct access to the system, now the intermediate hacks are more popular.

They are used to get initial access to the system and as a platform for backdoor downloads.

To facilitate the distribution of the malicious code, the combination of several techniques and methods is used. Quite often large spam networks are utilized for the initial distribution of the spam emails. In order to avoid current malware filters, no virus is usually embedded in the email. Instead, the reader is sent to the malicious url. The web-based url is used for automatic download of the exploit.

Such spam email campaigns can target over billion email addresses thus ensure the large amount of opened and clicked-trough emails. Huge targeted audience ensures a large  base for the of users infected with a new virus through such spam attack.

So what applications are currently targeted more often for the attacks?
According to Symantec Internet Security Threat Report for the second half of 2006 (Volume 11), mostly targeted group for attack were web browsers and third party web applications.

Among web browsers, IE holds the crown and accounts for 77% of web-broser-targeting attacks.

Another confirmation that direct attacks are more often replaced by “wholesale” approach  is derived from the fact that home users are the targets in 93% cases of latest attacks!

Which is logical, since the home users is the least educated group of computer users (as far as internet security is concerned) and can be rather easily tricked by the combination of spam and web-based located urls hosting payloads with middle-level of security threat security threat.

In other words, they can be easily tricked to open spam emails, download the malicious code and thus get their computers infected.