In the past, the perception of the 'typical' virus writer or hacker was that of a male teenager, beavering away at a PC in his bedroom, intent on gaining notoriety for his exploits. Now a British teenager who fits that description is facing extradition to the US to stand trial for what has been described as 'the biggest military hack of all time'. If found guilty, Gary McKinnon could face decades in jail as well as massive fines.

We often hear about cases where individuals from the online world have received severe offline punishments for their crimes. Yet, despite the fact that the stakes are high, hackers and virus writers are increasingly lured by the prospect of monetary gain and are honing their skills accordingly.

Spyware provides a lucrative revenue stream for the growing number of criminals who have control over robot networks (or botnets). In a survey conducted by the US National Cyber Security Alliance (NCSA) and AOL last December, it was found that 61% of the computers in the survey had some type of spyware or adware installed on them, less than 10% of which was with the owner's knowledge or permission (see http://www.staysafeonline.info/pdf/safety_study_2005.pdf).

A criminal can make several thousand dollars by installing adware remotely on the compromised PCs under their control, without the owner's knowledge. While each installation may generate only a few pennies of revenue, for someone with control over a large botnet, the overall gain can be significant. More concerning are the malicious worms that are used to create the botnets. These gather very sensitive information from users' machines, including cracked usernames, passwords, credit card numbers and other personal data stored inside web browser auto-fill databases. With this level of intelligence, fraudsters can target their attacks very effectively.

Indeed, the bad guys are becoming increasingly tactical and their attacks more targeted. For example, the days of the scatter-gun approach to phishing seem to be numbered, having been replaced by 'spear-phishing'. By improving the structure and content of the phishing emails, reducing the size of each attack and targeting selective groups of addresses – such as employees of a particular bank or organisation – phishers can improve their chances of success significantly.

According to the most recent MessageLabs Intelligence Report (see http://www.messagelabs.com/Threat_Watch/Intelligence_Reports/), phishing levels declined during the first part of 2006 (1 phish in every 356.2 messages in Q1 06, compared to 1 in every 279.8 messages in Q4 05), but they are expected to rise again due to the adoption of spear-phishing techniques.

We've discussed just some of the threats associated with email, which has become as ubiquitous as the telephone. Although email is currently the favourite vehicle for the bad guys, other tools like Instant Messaging, VoIP telephony and mobile devices will increase in popularity and will increasingly be targeted by criminals in the future.

With the threat landscape moving beyond email and increasing in sophistication, many companies have tightened their security, but there is still room for improvement beyond reactive security software. The reality is that traditional anti-spam and anti-virus solutions provide inadequate protection, and are circumvented easily by criminals.

 

Latest articles:

Bulletin Archive