Crime.com more sophisticated than ever
With crimeware on the rise, cyber attacks are more sophisticated and targeted than ever, reveals Symantec’s Ninth Internet Security Threat Report.
Malicious threats, such as bot-networks or modular malicious codes, are increasingly used by attackers (80 per cent as opposed to 74 per cent in the previous semi-annual report) to steal data for commercial gain without attracting attention to them.
Richard Archdeacon, director of Symantec's innovation group, comments: “Gone are the days when script-kiddies used to develop attacks which would cause maximum damage and attract as much attention as possible. The people behind today’s cybercrime are using silent and more targeted methods to steal data and other sensitive information undetected.”
Symantec points out the emergence of an online mafia and a black market in the trade of vulnerability information purchased for criminal pursuits.
While bot-infected computers are being used for denial of service-based extortion attempts, phishing attacks still remain a threat to computers too; 7.92 million daily phishing attempts were identified during the last half of 2005.
Other findings show that China experienced the largest increase of bot-infected computers, most probably originating from the country’s rapid growth in broadband internet connections.
While a record number of over 1,896 new vulnerabilities - mostly moderate or highly severe - were discovered during the sixth month period, the amount of time between the announcement of a vulnerability and the release of associated exploit code is longer.
Archdeacon says: “All of the results from this report show that updating and patching security systems is still the most effective way of staying protected from these threats. Despite the increasingly sophisticated methods being employed ... the methods used still predominantly rely on email and internet downloads to spread. As these criminal gangs grow and their methods become ever more advanced, computer users need to make sure they are taking every step to remain protected.”
The irony is that practically the whole of the online world already knows how to communicate and share information – and does so every day via the web. Pick almost any subject – however arcane – and most likely a user group, forum, or electronic bulletin board about it exists in cyberspace. Often these e-spaces are only up for a few days ... sometimes only hours.
Moreover, these user groups, forums and electronic bulletin boards are often created spontaneously – either by someone seeking information or someone wanting to share information.
If the rest of the online world can succeed this with minimal direction and supervision, perhaps the intelligence communities should start to do so also.
Malicious threats, such as bot-networks or modular malicious codes, are increasingly used by attackers (80 per cent as opposed to 74 per cent in the previous semi-annual report) to steal data for commercial gain without attracting attention to them.
Richard Archdeacon, director of Symantec's innovation group, comments: “Gone are the days when script-kiddies used to develop attacks which would cause maximum damage and attract as much attention as possible. The people behind today’s cybercrime are using silent and more targeted methods to steal data and other sensitive information undetected.”
Symantec points out the emergence of an online mafia and a black market in the trade of vulnerability information purchased for criminal pursuits.
While bot-infected computers are being used for denial of service-based extortion attempts, phishing attacks still remain a threat to computers too; 7.92 million daily phishing attempts were identified during the last half of 2005.
Other findings show that China experienced the largest increase of bot-infected computers, most probably originating from the country’s rapid growth in broadband internet connections.
While a record number of over 1,896 new vulnerabilities - mostly moderate or highly severe - were discovered during the sixth month period, the amount of time between the announcement of a vulnerability and the release of associated exploit code is longer.
Archdeacon says: “All of the results from this report show that updating and patching security systems is still the most effective way of staying protected from these threats. Despite the increasingly sophisticated methods being employed ... the methods used still predominantly rely on email and internet downloads to spread. As these criminal gangs grow and their methods become ever more advanced, computer users need to make sure they are taking every step to remain protected.”
The irony is that practically the whole of the online world already knows how to communicate and share information – and does so every day via the web. Pick almost any subject – however arcane – and most likely a user group, forum, or electronic bulletin board about it exists in cyberspace. Often these e-spaces are only up for a few days ... sometimes only hours.
Moreover, these user groups, forums and electronic bulletin boards are often created spontaneously – either by someone seeking information or someone wanting to share information.
If the rest of the online world can succeed this with minimal direction and supervision, perhaps the intelligence communities should start to do so also.
posted by J David Galipeau at Friday, March 17, 2006
Handbook for bloggers and cyber-dissidents (PDF 1.2 MB)
0 Comments:
Post a Comment
<< Home