Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

Guest Charlie The Tramp

Well Are We Surprised

Recommended Posts

Guest Charlie The Tramp

So it`s now a Corporate Business in the criminal sense.

Thanks to Lava Soft

Movers, Shakers, and the Security Scenario:

A Summary on Spyware and Anti-spyware in 2005

Take just about any quantifiable parameter measuring the spyware landscape. Consider the turnover of cybercrime as well as number of software vulnerabilities reported, denial-of-service attacks, botnets, and phishing attempts. The same somber facts came up in survey after survey. Although the analyses for the year 2005 are not final yet, the trend is clear: the figures for the year 2005 will be higher than those of the preceding year.

Spyware is no longer a script kiddie hobby. It is a financially motivated, well-funded professional criminal activity and a full-blown industry. In fact, the turnover is difficult to accurately estimate but the figure is assumed to be in the billions of dollars, well exceeding that of anti-virus and anti-spyware companies, according to a Kaspersky Lab analysis in November 2005. The same source estimated there might be hundreds of criminal groups with thousands of members in the same line of business. Another analysis by Computer Economics estimated the damage of online crime to the global economy in 2005 to the tune of 23-25 billion dollars.

Computerworld spyware survey from October 2005 said 79% of surveyed companies with at least 1,000 employees had had"problems with spyware that required significant attention by" their IT organizations. The same companies voiced strong concerns about spyware's growth, its potential for identity theft, and the chances that it can be used for industrial espionage. Interestingly for anti-spyware vendors, more than 50% of the surveyed companies said they are not using enterprise-class anti-spyware products.

The economic losses to the economy and security worries of the companies are backed by some compelling statistics:

. The CERT Coordination Center (CERT/CC) says the number of vulnerabilities reported during the three first quarters of 2005 is 4,268, which exceeds the total number of vulnerabilities for the year 2004.

. The National Infrastructure Security Co-ordination Centre (NISCC) in Britain, referring to botnets, estimates that there could be in excess of 1,000,000 compromised hosts under the control of malicious world-wide". More alarmingly, Kaspersky Labs estimates that the number of zombie computers in botnets increases by 300,000 to 350,000 every month.

. According to the Anti-Phishing Working Group, the number of reported phishing attempts rose from 6,957 in October 2004 to 15,050 in June 2005. Phishers have shown remarkable readiness to exploit the various natural catastrophes during 2005 ranging from the tsunami to a series of hurricanes.

Some analysts have seen a shift in attack trends. Kaspersky Lab, for instance, says there have been fewer major, wide-ranging epidemics and more targeted attacks. This is confirmed by InformationWeek who now sees applications and network devices operating systems having become the primary targets, as opposed to operating systems and Internet services on Web servers and E-mail servers, which were targeted between 1999 and 2004. InformationWeek attributes this development to Microsoft since Windows has become less vulnerable and network administrators, who have been more diligent about patching.

Another trend is the increasing professionalism of cybercrime. Attackers use professionally written malicious programs. They have the technical sophistication to exploit the ever shortening time between published vulnerabilities and the patches to fix them as well as the boldness to launch DDoS attacks against enterprises to extort money. True, as SANS puts it, many of these online enterprises are of the more unsavory kind, less willing to report the attacks and more liable to pay, but this, of course, does not make it any less criminal. According to Infoworld, the criminal groups command vast botnets, which they hire for attacks using, unbelievably, slogans such as "The First Hour Is Free".

There is also some indication that consumer awareness of the Internet risks is on the rise. A recent survey commissioned by Sun Microsystems said that about two thirds of those surveyed said they would stop shopping online if they felt their personal information was compromised.

One catch phrase that certainly gained currency during 2005 is rootkits. A recent eWeek article, for instance, said that more than 20 percent of all malware removed from Windows XP SP2 (Service Pack 2) systems are stealth rootkits. The year 2005 also saw the first commercial rootkit scanners.

What does the future has on store? The British National Infrastructure Security Co-ordination Centre (NISCC) sees much greater homogeneity of networks as the current telephone, computer and TV networks, now separate, will gradually merge and adopt the same underlying protocols. In other words, the world will become IP based, which will provide new opportunities for attackers to exploit. Another contributing trend is the growth of the always-on high-speed Internet connections, which means people have static IP addresses, which in turn makes it possible to create massive zombie networks.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • 301 Brexit, House prices and Summer 2020

    1. 1. Including the effects Brexit, where do you think average UK house prices will be relative to now in June 2020?


      • down 5% +
      • down 2.5%
      • Even
      • up 2.5%
      • up 5%



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.