Cybercrime on the rise, survey finds
Criminal attacks online are on the upswing, and they are getting stealthier, according to Symantec.
NEW YORK (CNNMoney.com) - Cybercrime is on the rise -- and today's attacks are often silent, hard to detect and highly targeted, according to a new survey.
Danger in the ether
Symantec (down $0.57 to $15.96, Research), which makes anti-virus software for businesses and consumers, found a notable increase in "cybercrime" threats to computer users, according to the latest installment of its semiannual Internet Security Threat Report. Cybercrime consists of criminal acts performed using a computer or the Internet. Symantec also found a rise in the use of "crimeware," or software used to conduct cybercrime.
Cybercriminals are also getting more sophisticated. Attacks designed to destroy data have now given way to attacks designed to steal data outright, often for financial gain, according to the survey, which covers the six-month period from July 1, 2005 to December 31, 2005. Eighty percent of all threats are designed to steal personal information from consumers, intellectual property from corporations, or to control the end user's machine, according to Symantec.
Moreover, today's attackers are abandoning large-scale attacks on corporate firewalls in favor of targets such as individual desktop computers, using Web applications that can capture personal, financial and confidential information that can then be used for financial gain. That continues a trend Symantec found in its survey covering the first half of 2005.
That means that high-profile viruses, such as the "Blaster" worm that affected computers worldwide in 2003, are being abandoned in favor of more targeted attacks that are actually designed to go undetected by the user -- so that an attacker may sneak onto a computer and gather information without the user ever knowing their machine was attacked.
In keeping with today's increased Web usage, as consumers shop online and download music and other applications in ever greater numbers, a large amount of threats now come through Web browsers, according to Vincent Weafer, senior director of Symantec's security response team.
"Many attackers switched to Web browsers as a primary download channel," said Weafer. "Almost 70 percent of weaknesses are related to Web technologies. You really have to be careful as to what programs you are downloading."
Under the radar
Because attacks are getting harder to detect, many organizations don't even know their systems have been compromised until they find out from a third party such as Symantec, according to Mark Lobel, a partner in PricewaterhouseCoopers' security advisory group focusing on security services. That's a far cry from the days when hackers used to brag about their handiwork to the companies they attacked.
"Now they sneak in, get away with information, and the company hears about it from third parties asking why their customer list is for sale," said Lobel.
Symantec's Weafer said many attacks are transferred through free programs such as games or online gambling applications.
"Phishing" threats, which are attempts to steal financial and personal data from computer users via e-mail, accounted for one in every 119 e-mail messages processed during the last half of 2005, for an average of 7.92 million phishing attempts per day. That is an increase over the first half of 2005, when one in every 125 messages constituted a phishing attempt.
Such e-mails often appear to have come from a user's financial institution and urge the victim to update their account information on the firm's Web site. Because these e-mails direct users to scam Web sites, where the user's information is collected for criminal purposes, phishing counts as a Web-based attack, Weafer said.
The good news is that consumers can protect themselves, Weafer said. As consumers become more educated, the chances that they'll suffer from a cybercrime attack declines, he added. And most of the preventative measures haven't changed.
"Stay away from dark alleys of Internet, and be careful what you download," he said. "There's no such thing as free software in many cases." He added that users should make sure they've downloaded the latest security patches for their operating system and software programs, and keep on top of their passwords.
Also, home users with multiple machines should be particularly careful, Weafer said. Frequently, one machine is often very well protected in a user's home, while another is not. That's particularly true of laptops, Weafer said. He also recommends that home users who have set up networks should make sure that network is secure, in part by setting and maintaining passwords.
Lobel of PricewaterhouseCoopers also recommends that consumers regularly check their bank and credit card statements for unauthorized charges.
Who are the cybercrooks?
Today's cybercriminals take three forms, according to Weafer. First, there are organized criminals who are using data obtained maliciously for extortion and money laundering. Also, there are malicious companies that install and use "spyware" to collect information about a user without their knowledge, and others that use "adware" to send unwanted ads to a user. These programs often linger on a machine, unbeknownst to the user. In between those two groups lies a "middle market" of criminals who steal data and sell it to third parties, who use the information for criminal activity.
Cybercrooks create "botnets," or networks of compromised computers that an attacker has control over, and rent them out to spammers or other criminals. Weafer said that today, botnets are actually shrinking in size, but are being used more aggressively for sending spam or sending out new attacks.
As for where attacks occur, the U.S. is still the most attacked country, with the highest number of vulnerable machines, Weafer said. It's also where the most attacks originate, with 31 percent of all attacks coming from the U.S. But China is rising in the ranks, in part because computer and Internet usage is increasing there. In the last six months of 2005, the number of bot-infected computers in China grew 37 percent. China also experienced the fastest growth in originating attacks, with a 153 percent increase in attacks coming from China in the last half of 2005.
But the report brings some good news as well. The amount of spam users receive is actually on the decline, according to Weafer.
Symantec conducts the surveys using its "Global Intelligence Network," which consists of more than 40,000 sensors monitoring activity on computers in over 180 countries. The firm also gathers data from over 120 million computer systems that use Symantec's anti virus products.
For more technology news, click here.