Research findings from Microsoft Corp.‘s (NASDAQ: MSFT) latest Security Intelligence Report indicates that organized crime activity on the Internet is increasing and more general awareness and education should be increasing as well.
Mohammad Akif, national security and privacy lead for Microsoft Canada, explains the Microsoft Security Intelligence Report is conducted semi-annually, with its most recent volume spanning the six-month period from January 1 to June 30, 2008. Data is collected by analyzing over 450 million unique computers around the world, in addition to utilizing other security and vendor Web sites, such as the National Vulnerability Database.
Perhaps the biggest takeaway from the report, Akif said, is realizing that organized crime on the Internet continues to increase.
“As the operating system (OS) becomes harder to attack, hackers and criminals are moving to the application layer,” Akif said. “In the last six months, 90 per cent of the vulnerabilities that were disclosed affected applications, whereas only 10 per cent affected the OS.”
Akif said the majority of today’s malicious activities are driven by a motive for financial gain. As such, in Canada, he said the rise of malware or potentially unwanted software (PUS) is increasing. To put things into perspective, Akif said for the first six months of the year, there were 72 per cent more distinct computers found in Canada that reported malware or PUS, compared to findings from the last report.
The top two categories that were reported for disinfected machines in Canada were Trojan downloader and droppers at 24.7 per cent, and Adware at 23.2 per cent. PUS ranked third, coming in at 21.8 per cent. In Canada, Akif said the top threat is Zlob, a Trojan downloader and dropper. Zlob, he explains, takes advantage of Internet users by opening up pop-up boxes that appear to be official, but in fact, aren’t.
“These will be boxes like, ‘You have spyware, so click here for free software to get your computer clean,’” he said. “Depending on the intensity and severity of this, your computer can then be breached and compromised. We saw 86,000 variants of Zlob in the last six months and we feel the reason this number is so high is because there’s a financial upside to it.”
PUS is also another problem for users to be cautious of, Akif said. PUS will notice end-user buying patterns and behaviour on the Internet. In Canada, this PUS is better known as ZangoSearchAssistant. By monitoring end-user purchasing habits and online behaviour, reports are then sent back to servers, which in turn store and sell the information to companies that can then solicit messages out to try to make money.
The key to solving these vulnerability problems, Akif said, is to raise general awareness levels. Akif said some people aren’t educated about, or are simply unaware of security practices they could use to protect themselves and their workplace and information.
“Customers should be enabling a firewall, enabling automatic updates with Windows Vista, Windows Server and Windows XP, and they should also be installing up-to-date anti-virus and anti-spyware programs,” he said. “Users should also not go to Web sites they don’t trust and should uninstall software they don’t frequently use.”
To further help educate the market on security practices, Microsoft is currently in the process of updating its partner portal and is working to get programs such as its Hack and Defend workshops in place. Hack and Defend, Akif said, is a workshop designed for Microsoft partners and customers.
“This is a free workshop that Microsoft is conducting for partners to come in and see how some of these attacks are being conducted,” he said. “We show them what can be done to protect against and to prevent them from happening. These workshops will be conducted in the Q3, February and March 2009 timeframe. We’re still figuring out which cities we’ll have these workshops in, but we’ll also have them available as Web casts for customers to participate in too.”