Statistics point up lack of progress

By on

Last year saw new threats but some old problems too, as Ron Condon reports

With all the money we spend on cybersecurity, we might have expected to see some a little more progress in the war against the black hats.

According to researchers at security company Sophos, there were more than 10,000 new viruses identified last year, bringing the total viruses in existence to nearly 100,000.

"What's truly frightening is that, with the exception of Sober-I, nine of the top ten viruses in 2004 were discovered and protected against within the first six months of the year," says the company's senior security analyst Gregg Mastoras, in his end-of-year report.

"That these viruses continue to wreak havoc on users emphasizes the importance of practising safe computing habits. Protection for these viruses have been available for over half a year, and yet there are many out there that are either too complacent or too uninformed to protect their systems."

Ironically, and despite all the talk of organized crime taking over the internet (more of that later), most of the grief originated from a conventional source – a disaffected teenager. Sven Jaschan, a young German, wrote both the Netsky and Sasser worms, which were responsible for more than 55 percent of all virus reports in 2004.

"When Sven Jaschan goes to trial early next year, a year after having first set Netsky-A loose on the world, his ill work will still be infecting innocent computers worldwide," said Mastoras.

As a sign of what we can expect in 2005, the first mobile phone virus Cabir managed to move steadily westward from the Far East, and by December was entrenched in Western Europe. Although it has been dismissed as merely a proof-of-concept exercise, it is clearly a sign of things to come.

Spam

According to Sophos, the United States continues to lead the world in spam, accounting for more than two out of every five spam emails. But Russia could soon overtake it.

"Although it didn't make it onto 2004's Top Ten list of most spamming countries, we can expect to see an increase of spam originating from Russia as more Russians get connected," predicted Mastoras.

"Spam continues to be hugely profitable, and we need to use legislation, technology and education to combat it."

While some people might feel they have conquered the spam menace, the spammers have not gone away, and are trying new tricks to get under the radar. On average, they now change their domain every two days, compared to every week three months ago.

"Spammers are becoming more and more clever," said Mastoras. "In the past year, they have not only joined forces with virus writers, but have also come into the turf of organized crime. These two serious developments bode ill for the lives of the typical users."

By hijacking entire networks of innocent, broadband-connected PCs, the cybercriminals are able to hide their identities. "Most online criminals don't instigate attacks from their own computer networks for fear of being caught," says Mastoras. "Instead, they create and have access to a wide web of innocent users who have failed to protect their computers." .

Furthermore, that extension of spam – the phishing attack – has also grown to be even more dangerous, using trojans to steal personal information from users visiting legitimate sites.

"Virus-powered phishing is the most dangerous result of the marriage between virus writers and spammers," says the report.

"This scam is insidious in its quietness. It emphasizes again the importance of vigilance to safeguard your computer."

The law fails to bite

Despite an increase in law enforcement, the volume of threats, such as viruses and spam, continues to rise.

"Despite stronger legislation and more proactive law enforcement, the vast majority of virus writers and spammers continue to evade significant punishment," says the Sophos report. It blames a number of factors, including a lack of international co-operation, and the lack of a formal framework that allows disgruntled computer users to report virus infections or spam more easily.

Sophos also fired a shot at those companies that have employed former hackers, arguing that it sends out bad signals to the rest of the industry, and encourages people to take up hacking in the first place: "It's discouraging to see our colleagues hiring these cybercriminals to protect the public. The very people from whom we're trying to protect our computers are those being put in charge of our IT safety.

"The companies that are hiring these miscreants are sending out a terrible message: 'Break the law, and we will give you a job!'."

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?