What is a Blended Threat?

Dennis Faas's picture

" What the heck is a blended threat? "

I'm glad you asked ;-)

According to searchSecurity.com a blended threat is "a computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other physical systems." (Source: searchSecurity.com)

Now that's a mouthful!

In more simpler terms, a blended threat is an attack that combines two or more vulnerabilities or attack methods on a remote machine. Blended threats are usually quite effective in accomplishing their goals.

The latest blended threat I just read about is combining a vulnerability present in Internet Explorer with a spoofing attack (See: Microsoft Security Advisory #917077, March 23, 2006).

At the time of this writing, Microsoft has yet to release a patch for this exploit.

Here's an example of how the attack works:

  • An attacker sends out unsolicited email to hundreds of thousands of unsuspecting victims (I.E.: he spams them). The e-mail contains real excerpts from a BBC news story and presents the reader with a link to "read more". But instead of taking the reader to the BBC's website, he is redirected to a fake site that looks exactly like BBC's website.
  • Not only is the site a fake, but the page the victim is taken to has some code present that silently installs a keylogger on the victim's machine. The keylogger is able to execute automatically because of the vulnerability present within Internet Explorer.

The fact that Microsoft has yet to release a patch for this vulnerability heightens the risk of this particular blended threat.

So, what can you do to protect ourselves from these blended threats?

The same sort of things we should be doing normally:

  1. Have good common sense (i.e., don't click on unsolicited email links, and steer clear of unestablished web sites).
  2. Keep up to date with security patches from Microsoft's Windows Update website.
  3. As I mentioned in an earlier article, and as an extra security layer: you might want to switch to Mozilla Firefox instead of using Internet Explorer. (Source: Keeping Spies Out, Part 3)

Till the next time!

For more great tips like this one, be sure to download David's free security newsletter to your mailbox, today!

Rate this article: 
No votes yet