What's virtual is virtual, and what's real is real. Right?
Maybe not.

Most experts think of cyberattack as something that will happen in the virtual world, with effects on, say, computer networks or access to bank accounts. Cyberattacks involving the use of online tools against the offline world would be much harder.

But a recent paper by a computer security researcher at Johns Hopkins University suggests that there are plenty of gateways that connect the cyberworld with the more familiar terrain of the physical world that some refer to as "meatspace." And since he is a security researcher, he does it by showing the potential for a cunning attack that crosses that gateway.

Aviel D. Rubin, the technical director of the Information Security Institute at Johns Hopkins University, describes in the paper with two co-authors a real-world attack that uses computers to automate tasks and the power of the Internet to disseminate information.

Using tools that have been published by search engines like Google that allow programmers to automate searches on a large scale, Rubin and his colleagues described a relatively simple program that could set the victim up to receive catalogs from hundreds of thousands of Web sites that have sign-up forms.

In fact, something like what Rubin describes has already happened. Last year, Alan Ralsky, a spam-sending entrepreneur known as the "spam king," gave an interview to The Detroit Free Press boasting about his 8,000-square-foot house and all the money he made from sending unwanted e-mail to hundreds of millions of people at a time. Shortly after that article appeared on Slashdot.org, a major online news source for technophiles, its readers signed Ralsky up for thousands of catalogs, brochures and more. Soon he was getting hundreds of pounds of mail every day.

Full Article:
CNet News