The Devil You Know: Responding to Interface-based Insider Attacks
It is estimated that up to eighty-five percent of attacks are perpetrated by insiders. These attackers often stumble across weaknesses in the user interface design, and hijack them as vectors for system compromise. As these attackers are already on the network, they do not have to circumvent peripheral network defences. Instead, they are able to use their computers, computers they are fully authorized to use, to gain illicit access to information. Many of these attacks take advantage of problems that are inherent in user interfaces.
Since interfaces seek to be user-friendly, they often make the intruder's job easier. Investigators need to understand the vectors for attack interfaces offer. The article makes suggestions for investigators and response teams to detect and investigate interface-based insider attacks. It is also hoped that this article will provide the basis of incident response policies for responding to and investigating insider attacks that exploit interface-based vulnerabilities.
The link for this article located at SecurityFocus is no longer available.