Attacks have increased in sophistication and are often tailored to their specific victim. Trend tracking has shown that in 2008, the Web has become a primary conduit for attack activity. According to Symantec’s Top Internet Security Trends of 2008, attackers have become more difficult to track as they have shifted away from mass distribution of a small family of threats to micro distribution of large numbers of threats.
Spam and Phishing
This may be the most well known form of computer breaching, and yet it is still the healthiest and fastest growing of attacks. In 2004, Bill Gates predicted that spam would be resolved in another two years. In 2008, we were seeing spam levels at 76 percent until the McColo incident in November 2008, at which time spam levels dropped 65 percent. The battle with spammers has turned into an all out war and spammers are showing no sign of surrendering.
Spammers take advantage of current events, such as the presidential election, Chinese earthquake, Beijing Olympic Games and the economy. They use these widely socialized issues as headlines to lure people into clicking on a link to malware or sending money for unrealistic charitable campaigns. Social networks are only feeding the beast by making it easier for spam attacks to propagate quickly through a victim’s social network.
Phishing walks hand in hand with spam as it utilizes current events to make their bait more convincing. Another phishing tactic particularly recognized over the last year is by offering users a false sense of security by targeting .gov and .edu domains. Although cybercriminals cannot register domains under these domains, they find ways to compromise the Web servers to grant them control. Once control is gained, it becomes harder to fix because the domain cannot be simply deactivated. Lengthy measures are taken to have the company remove the compromised page from their website and secure their servers. The time it takes to make these changes allows the phished page to remain active and hit more victims.
Fake and Misleading Applications
Fake security and utility programs aka “scareware” promise to secure or clean up a user’s home computer. The applications produce false and often misleading results, and hold the affected PC hostage to the program until the user pays to remedy the pretend threats. Even worse, such scareware can be used as a conduit through which attackers install other malicious software onto the victim’s machine.
In 2008, the Identity Theft Resource Center (ITRC) documented 548 breaches, exposing 30,430,988 records. The significance of this data is truly spotlighted after realizing that it only took nine months in 2008 to reach the 2007 total. What is most interesting about data breaches is that most are not malicious in nature. In many cases, inadvertent employee mishandling of sensitive information and insecure business processes are the most common ways that data is exposed. This can be attributed to the increase of mergers, acquisitions and layoffs resulting from the thundering economic climate changes in 2008.
What to Watch for in 2009
Looking at attack trends and techniques malware creators favored in 2008 help us predict what to expect in 2009. Some of these new attacks are already starting to show up and users need to be aware so that they can stay safe online in 2009.