Post by Nightwalker on Jan 25, 2006 17:05:15 GMT -5
You might think there are more hacker attacks these days than before. In fact, there are fewer of them, says IBM, but they're getting more dangerous.
That's because massive global outbreaks of viruses, the computer giant says, are going out of fashion, and something scarier is in store: This year the trend among cybervillains is to focus their tactics on specific organizations.
The warning was part of IBM's 2005 Global Business Security Index Report, released Wednesday, which provides an educated guess at potential security threats in 2006.
The predictions were echoed by Trend Micro, a security company that also released its predictions for 2006 and which described 2005 as the "year of grayware," or malware that is not specifically damaging but opens doors to other potentially dangerous activity.
Based on early indicators, IBM says it anticipates cybercrime to evolve from unfocussed global outbreaks to stealthier attacks designed for extortion purposes.
In fact, IBM said, there were fewer global malware outbreaks in 2005 than in 2004. Most of last year's "threat landscape" was set to "medium" level, despite occasional headline-grabbing viruses such as the Zotob worm, IBM said.
Once the province of kids creating viruses to impress their friends and colleagues with their programming skills, malware activity is being taken over by the criminal element, which was behind many spam, malware and other IT attacks last year.
Evidence of the criminalization of virus-making and hacking came with the high-profile arrests of cybercriminals in the United States and elsewhere who had links to organized crime.
IBM said software and networks are becoming increasingly more secure, so the company expects criminals to target the most vulnerable part of a company or organization: its personnel.
"The decrease in pervasive attacks in 2005 is counter-intuitive to what society at large believes is a major threat to their personal data," IBM vice-president Cal Slemp said in a statement.
Now, Mr. Slemp said, the environment has shifted. Increased security protection and stiffer penalties have resulted in organized, committed and tenacious profiteers enter the arena.
"This means that attacks will be more targeted and potentially damaging," he said.
Among other potential threats that might emerge in 2006, IBM included:
Insider Attacks: As software becomes more secure, computer users will continue to be the weak link for companies and organizations. Criminals will focus their efforts on convincing end users to execute the attack instead of the attackers wasting time discovering a system's vulnerabilities. Companies will be particularly weak during periods of employee layoffs and mergers and acquisitions, when there is great worker upheaval and frayed loyalties.
Emerging economies: Poor international co-operation against cyber-crime offers criminals the opportunity to launch cross-border attacks with little personal risk, so the threat to and from emerging and developing countries is therefore increasing. Trends show attacks are increasingly originating from regions such as Eastern Europe and Asia, where sanctions are more lenient and enforcement is limited.
Collaboration leakage: The increased use of collaboration tools such as blogging also increases the possibility of leakage of confidential business data.
Botnets: A collection of software robots that allow a system to be controlled without the owners' knowledge, botnets will continue to represent one of the biggest threats to the Internet. Newer botnets, which feature less-conspicuous malware, will likely move to instant messaging and other peer-to-peer networks for command and control of infected systems.
Mobile devices: Malware affecting mobile phones, PDAs and other wireless devices increased substantially in the past year, but has not yet materialized into pervasive outbreaks since they cannot spread on their own — yet. This trend continues to be on the radar for 2006.
In 2005, security experts intercepted two to three targeted e-mail attacks each week, IBM said. Since there were almost none in 2004, IBM says this is a trend to watch. The year saw attacks that are often financially, competitively, politically or socially motivated, and directed at government departments, military organizations and other large organizations. Among those in the crosshairs were the aerospace, petroleum, legal and human-rights fields.
In a relatively new phenomenon in 2005 called "spear phishing," criminals bombarded businesses with highly targeted spam that appears as though it had originated from inside the organization, typically from the IT or HR departments.
The typical tactic was to offer a small reward in return for information. Individuals who are duped into thinking the e-mails are legitimate often comply. They unwittingly reveal information that will enable the criminal to access restricted areas of the corporate network, which can result in the theft of intellectual property and corporate data.
Spear phishing as a social engineering technique has also been used to bait people into opening malware.
Over all, e-mail viruses were on the decline in 2005. One in every 36.15 e-mail messages, or 2.8 per cent, contained a virus or Trojan. This number declined significantly from the 2004 level of 6.1 per cent, or one in every 16.39 e-mail messages.
Phishing continued to be a major threat in 2005. In 2005, phishing represented an average of one in every 304 e-mail messages, compared to one in every 943 in 2004. IBM believes that the rise in phishing activity has been due to the increased use of botnets being used to pump out massive volumes of scam e-mail.
The past year also saw a rise in ingenuity, as blended and increasingly complex threats with bot capabilities were integrated into existing malware. One example, Mytob, was based on the Mydoom worm but added bot capability and other features that to made it a much more dangerous virus.
The IBM Global Business Security Index Report was based on data and information collected by IBM's 3,000 worldwide information security employees.
For its part, Trend Micro's "year of grayware" saw the introduction of sneakier ways of installing grayware as new backdoors, downloaders, droppers, and other Trojan spyware more than doubled throughout the year, while spam and phishing attacks continued to be one of the major problems that both consumer and corporate users faced."
Propagating malware by dropping it on to network shared drives remained the most successful method of spreading malware (37 per cent of all cases), Trend said, while vulnerability exploits were the second-most successful methods employed (19 per cent of cases).
English was the referred language of 40 per cent of all spam received, but non-English spam grew by 20 per cent, which suggested greater localization and a more specific focus. Japanese spam was the second most prevalent (30 per cent of all spam), with Spanish spam having the largest increase to rank third, at 13 per cent.
Commercial spam dropped dropping by nearly half over 2004, but the popularity of gambling and games greatly increased this category of spam to 22 per cent. In 2004, it ran to a mere 1 per cent. Similarly, adult-content spam increased to 21 per cent from only 6 per cent in previous years.
(source: www.globetechnology.com/servlet/story/RTGAM.20060125.gthackjan25/BNStory/Technology/ )
That's because massive global outbreaks of viruses, the computer giant says, are going out of fashion, and something scarier is in store: This year the trend among cybervillains is to focus their tactics on specific organizations.
The warning was part of IBM's 2005 Global Business Security Index Report, released Wednesday, which provides an educated guess at potential security threats in 2006.
The predictions were echoed by Trend Micro, a security company that also released its predictions for 2006 and which described 2005 as the "year of grayware," or malware that is not specifically damaging but opens doors to other potentially dangerous activity.
Based on early indicators, IBM says it anticipates cybercrime to evolve from unfocussed global outbreaks to stealthier attacks designed for extortion purposes.
In fact, IBM said, there were fewer global malware outbreaks in 2005 than in 2004. Most of last year's "threat landscape" was set to "medium" level, despite occasional headline-grabbing viruses such as the Zotob worm, IBM said.
Once the province of kids creating viruses to impress their friends and colleagues with their programming skills, malware activity is being taken over by the criminal element, which was behind many spam, malware and other IT attacks last year.
Evidence of the criminalization of virus-making and hacking came with the high-profile arrests of cybercriminals in the United States and elsewhere who had links to organized crime.
IBM said software and networks are becoming increasingly more secure, so the company expects criminals to target the most vulnerable part of a company or organization: its personnel.
"The decrease in pervasive attacks in 2005 is counter-intuitive to what society at large believes is a major threat to their personal data," IBM vice-president Cal Slemp said in a statement.
Now, Mr. Slemp said, the environment has shifted. Increased security protection and stiffer penalties have resulted in organized, committed and tenacious profiteers enter the arena.
"This means that attacks will be more targeted and potentially damaging," he said.
Among other potential threats that might emerge in 2006, IBM included:
Insider Attacks: As software becomes more secure, computer users will continue to be the weak link for companies and organizations. Criminals will focus their efforts on convincing end users to execute the attack instead of the attackers wasting time discovering a system's vulnerabilities. Companies will be particularly weak during periods of employee layoffs and mergers and acquisitions, when there is great worker upheaval and frayed loyalties.
Emerging economies: Poor international co-operation against cyber-crime offers criminals the opportunity to launch cross-border attacks with little personal risk, so the threat to and from emerging and developing countries is therefore increasing. Trends show attacks are increasingly originating from regions such as Eastern Europe and Asia, where sanctions are more lenient and enforcement is limited.
Collaboration leakage: The increased use of collaboration tools such as blogging also increases the possibility of leakage of confidential business data.
Botnets: A collection of software robots that allow a system to be controlled without the owners' knowledge, botnets will continue to represent one of the biggest threats to the Internet. Newer botnets, which feature less-conspicuous malware, will likely move to instant messaging and other peer-to-peer networks for command and control of infected systems.
Mobile devices: Malware affecting mobile phones, PDAs and other wireless devices increased substantially in the past year, but has not yet materialized into pervasive outbreaks since they cannot spread on their own — yet. This trend continues to be on the radar for 2006.
In 2005, security experts intercepted two to three targeted e-mail attacks each week, IBM said. Since there were almost none in 2004, IBM says this is a trend to watch. The year saw attacks that are often financially, competitively, politically or socially motivated, and directed at government departments, military organizations and other large organizations. Among those in the crosshairs were the aerospace, petroleum, legal and human-rights fields.
In a relatively new phenomenon in 2005 called "spear phishing," criminals bombarded businesses with highly targeted spam that appears as though it had originated from inside the organization, typically from the IT or HR departments.
The typical tactic was to offer a small reward in return for information. Individuals who are duped into thinking the e-mails are legitimate often comply. They unwittingly reveal information that will enable the criminal to access restricted areas of the corporate network, which can result in the theft of intellectual property and corporate data.
Spear phishing as a social engineering technique has also been used to bait people into opening malware.
Over all, e-mail viruses were on the decline in 2005. One in every 36.15 e-mail messages, or 2.8 per cent, contained a virus or Trojan. This number declined significantly from the 2004 level of 6.1 per cent, or one in every 16.39 e-mail messages.
Phishing continued to be a major threat in 2005. In 2005, phishing represented an average of one in every 304 e-mail messages, compared to one in every 943 in 2004. IBM believes that the rise in phishing activity has been due to the increased use of botnets being used to pump out massive volumes of scam e-mail.
The past year also saw a rise in ingenuity, as blended and increasingly complex threats with bot capabilities were integrated into existing malware. One example, Mytob, was based on the Mydoom worm but added bot capability and other features that to made it a much more dangerous virus.
The IBM Global Business Security Index Report was based on data and information collected by IBM's 3,000 worldwide information security employees.
For its part, Trend Micro's "year of grayware" saw the introduction of sneakier ways of installing grayware as new backdoors, downloaders, droppers, and other Trojan spyware more than doubled throughout the year, while spam and phishing attacks continued to be one of the major problems that both consumer and corporate users faced."
Propagating malware by dropping it on to network shared drives remained the most successful method of spreading malware (37 per cent of all cases), Trend said, while vulnerability exploits were the second-most successful methods employed (19 per cent of cases).
English was the referred language of 40 per cent of all spam received, but non-English spam grew by 20 per cent, which suggested greater localization and a more specific focus. Japanese spam was the second most prevalent (30 per cent of all spam), with Spanish spam having the largest increase to rank third, at 13 per cent.
Commercial spam dropped dropping by nearly half over 2004, but the popularity of gambling and games greatly increased this category of spam to 22 per cent. In 2004, it ran to a mere 1 per cent. Similarly, adult-content spam increased to 21 per cent from only 6 per cent in previous years.
(source: www.globetechnology.com/servlet/story/RTGAM.20060125.gthackjan25/BNStory/Technology/ )