|
|
Cybercrime on the rise
Criminal attacks online are on the upswing, and they are getting stealthier, according to Symantec.
Danger in the ether
Symantec (down $0.57 to $15.96, Research), which makes anti-virus software for businesses and consumers, found a notable increase
in "cybercrime" threats to computer users, according to the latest installment of its semiannual Internet Security Threat Report.
Cybercrime consists of criminal acts performed using a computer or the Internet. Symantec also found a rise in the use of "crimeware,
" or software used to conduct cybercrime.
Cybercriminals are also getting more sophisticated. Attacks designed to destroy data have now given way to attacks designed to steal data
outright, often for financial gain, according to the survey, which covers the six-month period from July 1, 2005 to December 31, 2005.
Eighty percent of all threats are designed to steal personal information from consumers, intellectual property from corporations, or to
control the end user's machine, according to Symantec.
Moreover, today's attackers are abandoning large-scale attacks on corporate firewalls in favor of targets such as individual desktop
computers, using Web applications that can capture personal, financial and confidential information that can then be used for financial
gain. That continues a trend Symantec found in its survey covering the first half of 2005.
That means that high-profile viruses, such as the "Blaster" worm that affected computers worldwide in 2003, are being abandoned in favor
of more targeted attacks that are actually designed to go undetected by the user -- so that an attacker may sneak onto a computer and
gather information without the user ever knowing their machine was attacked.
In keeping with today's increased Web usage, as consumers shop online and download music and other applications in ever greater numbers,
a large amount of threats now come through Web browsers, according to Vincent Weafer, senior director of Symantec's security response
team.
"Many attackers switched to Web browsers as a primary download channel," said Weafer. "Almost 70 percent of weaknesses are related to Web
technologies. You really have to be careful as to what programs you are downloading."
Under the radar
Because attacks are getting harder to detect, many organizations don't even know their systems have been compromised until they find out
from a third party such as Symantec, according to Mark Lobel, a partner in PricewaterhouseCoopers' security advisory group focusing on
security services. That's a far cry from the days when hackers used to brag about their handiwork to the companies they attacked.
"Now they sneak in, get away with information, and the company hears about it from third parties asking why their customer list is for
sale," said Lobel.
Symantec's Weafer said many attacks are transferred through free programs such as games or online gambling applications.
"Phishing" threats, which are attempts to steal financial and personal data from computer users via e-mail, accounted for one in every
119 e-mail messages processed during the last half of 2005, for an average of 7.92 million phishing attempts per day. That is an increase
over the first half of 2005, when one in every 125 messages constituted a phishing attempt.
Such e-mails often appear to have come from a user's financial institution and urge the victim to update their account information on the
firm's Web site. Because these e-mails direct users to scam Web sites, where the user's information is collected for criminal purposes,
phishing counts as a Web-based attack, Weafer said.
The good news is that consumers can protect themselves, Weafer said. As consumers become more educated, the chances that they'll suffer
from a cybercrime attack declines, he added. And most of the preventative measures haven't changed.
"Stay away from dark alleys of Internet, and be careful what you download," he said. "There's no such thing as free software in many
cases." He added that users should make sure they've downloaded the latest security patches for their operating system and software
programs, and keep on top of their passwords.
Also, home users with multiple machines should be particularly careful, Weafer said. Frequently, one machine is often very well protected
in a user's home, while another is not. That's particularly true of laptops, Weafer said. He also recommends that home users who have set
up networks should make sure that network is secure, in part by setting and maintaining passwords.
Lobel of PricewaterhouseCoopers also recommends that consumers regularly check their bank and credit card statements for unauthorized
charges.
Who are the cybercrooks?
Today's cybercriminals take three forms, according to Weafer. First, there are organized criminals who are using data obtained maliciously
for extortion and money laundering. Also, there are malicious companies that install and use "spyware" to collect information about a
user without their knowledge, and others that use "adware" to send unwanted ads to a user. These programs often linger on a machine,
unbeknownst to the user. In between those two groups lies a "middle market" of criminals who steal data and sell it to third parties, who
use the information for criminal activity.
Cybercrooks create "botnets," or networks of compromised computers that an attacker has control over, and rent them out to spammers or
other criminals. Weafer said that today, botnets are actually shrinking in size, but are being used more aggressively for sending spam or
sending out new attacks.
As for where attacks occur, the U.S. is still the most attacked country, with the highest number of vulnerable machines, Weafer said.
It's also where the most attacks originate, with 31 percent of all attacks coming from the U.S. But China is rising in the ranks, in part
because computer and Internet usage is increasing there. In the last six months of 2005, the number of bot-infected computers in China
grew 37 percent. China also experienced the fastest growth in originating attacks, with a 153 percent increase in attacks coming from
China in the last half of 2005.
But the report brings some good news as well. The amount of spam users receive is actually on the decline, according to Weafer.
Symantec conducts the surveys using its "Global Intelligence Network," which consists of more than 40,000 sensors monitoring activity on
computers in over 180 countries. The firm also gathers data from over 120 million computer systems that use Symantec's anti virus products.
More
| |