Today’s virus outbreaks are not as loud as the Code Red attacks of a couple years ago, but beneath the quieter computing landscape is a perilous push to turn the growing amount of personal computers and personal information into profit through cybercrime, the latest Threat Report from security firm Symantec indicated this week.
The Symantec findings — including a significant jump in malicious code that exposed confidential information — showed that attackers, now motivated by profit rather than notoriety, are setting their sights on individuals and commonly used applications instead of larger, corporate networks.
Still, other security experts indicate that the growing amount of personal data, including credit card numbers, stored by large companies continues to make corporations a target of ever-more advanced and increasingly quiet attackers.
“The whole threat landscape has changed dramatically in the last two years,” Verisign iDefense senior engineer Ken Dunham told The E-Commerce Times. “It’s these little nickel and dime exploitations that are giving hackers access into big networks and big assets. The risk has gone up with increased exploitation capabilities.”
Rogue Code Report
In the eighth volume of its semi-annual Internet Security Threat Report, Symantec said malicious code that exposed confidential information jumped from 54 percent of the top 50 threat samples reported to 74 percent in the second half of this year.
“Attackers are moving away from large, multi-purpose attacks on network perimeters and toward smaller, more targeted attacks directed at Web and client-side applications,” read a statement from Symantec Vice President Arthur Wong.
The security company also reported an increased incidence of networks of “bots” — compromised computers amassed by hackers and used for attacks. These bot networks are even made available to rent.
Other malware on the rise includes “modular malicious code,” bits of code with limited functionality that can then be updated with downloads, as well as phishing attacks — the creation of bogus sites intended to lure users into disclosing data. Symantec said that phishing had risen from an average of 2.99 million messages per day in the first half of this year to 5.7 million messages per day in the latest report.
From Blaster to Bots
Dunham said that, rather than seeking to seize corporate networks and tout their control, today’s profit-motivated attackers are more interested in nibbling away at the personal data that brings them profit.
“This shows a dramatic change in the nature of the risk. It’s all about command and control for cash,” Dunham said.
“It’s a migration from the Blasters of the world to bots,” he added, comparing the high-profile Blaster virus outbreak to the more recent Zotob outbreak, which involved many variants. “They’re like mosquitoes. They just pick at you until you have no blood left.”
Dunham also referred to the increase in bot networks, which are actually advertised for rent, sale or exploit among hackers online.
The security expert noted that Symantec’s latest report validated his own company’s findings, which mark the “movement to criminality for code” and an increase in “under-the-radar attacks.”
Staying Ahead of the Head Games
Symantec said that, as the threat landscape continues to change, users need to be diligent in keeping systems up-to-date. The company also warned that, as the financial rewards increase, attackers will likely develop more sophisticated and stealthier malicious code that will be “implemented in bot features and networks,” including disabling antivirus, firewalls and other protections.
Dunham said that users — both consumers and corporate — must also be aware of the social engineering tricks that are being refined by attackers, who are more likely now to single out a CEO or another official in an organization.