Who would have thought that online financial Web sites would be far from secure? With Symantec Corp.’s release of its Internet Security Threat Report (ISTR), Volume XII today, the results show that cyber criminals are getting smart, almost too smart for our own good.
Michael Murphy, vice-president and general manager of Symantec Canada, said based on the report’s findings, today’s hackers exhibit a high level of intelligence and organizational skills when it comes to carrying out malicious attacks.
“Most attacks are profit driven for financial gain,” Murphy said. “Looking at attack trends with underground economy servers, there’s a lot of trading going on with credit cards, identities and bank accounts.”
One of the most important findings from the ISTR is that cyber criminals are now moving towards trusted Web sites such as financial and social networking websites to target unsuspecting users. It is in these spaces that cyber criminals compromise the sites and can then target and gain access to confidential user information that can then be used to carry out identity theft and fraud.
Based on the current report, Symantec found there has been an exemplified amount of phishing and MPack toolkits used among cyber criminals. Murphy says MPack has become a popular method of choice for cyber criminals to launch attacks due primarily to the fact that it’s easily accessible in the underground economy with a price point of around US$1,000. Once attackers get a hold of these toolkits, they can then install malicious code and threats on computers in virtually any part of the world.
Murphy notes that viruses and worms, which were popular forms of attack before, are now slowly starting to taper off with the recent increase in Trojan attacks in Canada. The reason for the drop in worms, Murphy says, is because they are now highly visible to users. Trojans are not so visible since they are a piece of code that can track key strokes and user passwords, which can lead to compromised systems and/or applications being susceptible to threats.
He added, one of the trends during this period were long and slow attacks that for the most part, often go unnoticed by security and desktop protection software since these attacks are often slow in spreading.
“By the time people do start to take notice, the threat has already moved on and passwords may already been gone,” Murphy said.
The report also found that the education sector accounted for the majority of data breaches with 30 per cent, while the healthcare industry accounted for the least amount of breaches with only 15 per cent.
Murphy points to Norton anti-virus software to help businesses and consumers protect themselves against malicious attacks by saying it offers the utmost in security protection since it protects against vulnerabilities.
“As market share continues to grow, threats and attacks will also grow,” Murphy said. “Attackers will always find ways to send out threats and spam and it’s our job as an IT risk management company to ensure that these vulnerabilities don’t happen.”
The ISTR also found cyber criminals starting to move into the online gaming space to target victims for financial gain since in some instances, items can be purchased with real money directly from the game.
When it comes to future trends, Symantec predicts there will be a different philosophy when it comes to using the whitelist/blacklist feature.
“We’ll move towards a whitelist philosophy where only the good things will run on the computer,” Murphy said. “This is because the threats are starting to outweigh the goods, so it would be much easier if things would run after a whitelist check is completed.”
In addition to security software offerings, Murphy also points to Symantec’s channel for help.
“There’s a tremendous amount of opportunities for our partners in this space,” Murphy said. “We rely on the channel to help with our services. Where the channel has value is that they already sell hardware and applications. We at Symantec will then work with them to help them with their expertise for service offerings and their performance.”
Published bi-annually, this period’s ISTR covers the time frame spanning from Jan. 1, 2007 to Jun. 30, 2007. The ISTR is an extensive report with an emphasis on security data and malicious code threats and trends that Symantec sees based on information collected from over 40,000 sensors in more than 180 countries. The purpose of the report is to educate and raise awareness in order to help mitigate future security risks.