Home Content Area
The primary objective of almost all online criminal activities is to generate financial gains. The attackers frequently choose the direct route by means of phishing in order to access the necessary confidential data. They thereby exploit the victims' good faith and helpfulness by sending them e-mails with false sender addresses, for example, in order to elicit the data they want. For an example, the European Emissions Trading Registry became the victim of phishing attacks.
In general, the attacks are increasing rapidly, and it must be assumed that attempts are now made every day to enter corporate networks in order to spy on them. During the first half of 2011, some spectacular espionage attacks took place on the US NASDAQ stock exchange, France's Ministry of Finance and the US defence and technology company Lockheed Martin, for instance.
In contrast to Anonymous, the hacker collective Lulzsec aims to use its actions primarily to draw attention to security vulnerabilities and problems on the Internet. After successful attacks, the hacker collective publishes data, folder structures and information on the hacked systems.
In Switzerland, hackers managed to access the programme of the Montreux Jazz Festival on the web server, and publish it one day before the official press conference.
While skimming, i.e. spying on credit card data, has been a major problem abroad for a long time, MELANI saw a surge in Switzerland during the first half of 2011. While 135 manipulated cash machines were found in the whole of 2010, 225 were discovered already in the first four months of this year.The attackers are increasingly trying to manipulate not only cash machines, but also payment devices in supermarkets and ticket machines. The perpetrators frequently have themselves locked in overnight in order to mount the necessary devices. According to the police, almost all of the perpetrators are from Eastern Europe.
The MELANI semi-annual report 2011/1 is published at: www.melani.admin.ch.