Security researchers from AlienVault Labs have discovered a flaw in the Internet Explorer browser that hackers have been using to perform surveillance on computer networks and systems to find out the security software tools in use and determine methods of circumventing them.
Hackers are able to gain illegitimate access to corporate networks, computers and servers hidden from the radar of security tools. And on a large scale at that. This allows attackers to sniff potential loopholes in the anti-malware software technology being run by the infrastructure.
AlienVault Labs believes it is paramount for hackers to scale the strength of their target so that they will be able to adjust their attack. The thinking is, it would be useful for them to know the level of attacks that they need to deploy or that the circumstances require of them in order to raise the alarm of security providers. In that way, they will remain generally anonymous to security software providers.
But conducting secret surveillance on security software systems is not the sole purpose of hackers. It turns out they are digging deeper as well. Administrative tools and applications are also within their focus with the goal of taking complete control of a computer system. They either plan their attacks in a short period of time or prepare with the information to launch cyber attacks in the future using the Internet Explorer loophole that they would discover.
But they do not just keep the details of the vulnerability with themselves, they also share it with underground forums, exposing computer systems to larger risks and wider attacks. Then the attackers would install malicious tools as a trap for the computer owner. When unsuspecting users give up sensitive information to hackers through this trap, it is the beginning of a broader magnitude of attacks, not only against the user’s computer but also of the enterprise as a whole, in which attackers gain unauthorized access to the entire network.
According to AlienVault Labs, the attackers usually come from China and are targeting federal, state and local government agencies in the United States. The techniques used for this kind of attack has been noticeable become easier to operate, not only for advanced and highly skilled hackers, but also of neophytes, the security firm observes, highlighting the close collaboration between hackers in leveraging these techniques.
Part of what makes the vulnerability far-reaching is its consolidation with the Windows operating system. Due to this connection, any minor flaw in one component of the Windows system becomes present in all others.
Microsoft said it has already fixed the vulnerabilities.