Security

McAfee’s Threat List Incomplete, Analyst Says

McAfee has released a list of the top 10 computer threats of 2004, but the security firm hasn’t gone far enough, according to one analyst.

“The McAfee list, while I’m sure it’s accurate according to theirmethodology, leaves quite a few very important points unsaid,” Ed Moyle ofSecurityCurve told TechNewsWorld.

“First of all,this is being billed as the ‘top 10 threats for 2004.’ It clearly isn’t.While I understand that McAfee has a reason to want to focus on malware– since they sell malware products — I think that they need to qualify thatby adding that these are top threats within their scope only.”

Bots, Exploits, Mass Mailers, Adware

The list, composed by McAfee’s Avert antivirus team, lists adware, botsand viruses. The team reported that bots and mass mailers are still viruswriters’ favorite methods of spreading their attacks in business settings.

Sixty percent of threats to home users come in the form of exploits andadware, Avert said. After dropping 5 percent per year between 2000 and 2003, therate of virus production increased in 2004.

Avert’s list, in alphabetical order, includes Adware-180, Adware-Gator,Exploit-ByteVerify, Exploit-MhtRedir, JS/Noclose, W32/Bagle, W32/Mydoom,W32/Netsky, W32/Sasser and W32/Sdbot (the family including sdbot, gaobot,polybot, spybot).

McAfee said that it expects continued increases in the threat from bots, programs that install on acomputer but are controlled from outside it; adware and spyware; andphishing scams.

Better Ads Than ID Theft

While McAfee names phishing — the attempt to tricke-mail users into revealing passwords and other personal information bycreating links, return addresses and Web sites that look legitimate but aren’t — as an increasing threat, the company did not specifically put any phishing scams on its top 10 list.

Moyle, however, believes phishing has been and will continue to be a muchgreater threat than adware, much of which has to be actively downloaded ontoa computer by its user.

“Some of the worms listed are unquestionably virulent and destructive –they’ve lead directly to lost dollars from network downtime,remediation efforts, etc.,” Moyle said in an e-mail.

“However, also on the list are things like Gator and the MS Java BytecodeVerifier issue. In my opinion, neither of these things should come in aheadof an issue like phishing, which isn’t represented on the list at all. Iwould think that phishing — which directly leads to identity theft and fraud –is more dangerous than Gator. I’d take being marketed to over having myidentity stolen given the choice.”

Help on the Way

Moyle agreed that spyware, adware and pests will be a growing problem, buthe added that help may be on the way.

“Coupling the relative immaturity of the product selection and the interest of regulators — financial, government — in the problem, I think quite a fewenterprises will be deploying technologies very soon. I think that over thenext year or so, there will be a consolidation of the anti-spyware market inthe same way as the consolidation of the antivirus market in the mid tolate ’90s.”

Companies are also fighting back against phishing, although as both McAfeeand Moyle noted, a big part of the problem is that many consumers are stillunaware of the issue. Moyle mentioned the Netcraft toolbar (toolbar.netcraft.com), already available for the Internet Explorerbrowser and in the works for Firefox, which identifies “trusted” URLs andblocks others.

In other security trends to watch out for in 2005, applicationvulnerabilities will continue to be exploited, and new worms willcontinue to be written. “Malware authors are getting less press out ofwriting worms. Maybe that will help lead to a reduction in self-propagatingmalware, but I’m skeptical,” he said.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels