B2B Marketers » Reach Pre-Qualified IT Decision Makers with a Custom Lead Gen Program » Get Details
Welcome Guest | Sign In

Report: Hackers Will Be Bolder, Smarter, Craftier in 2009

By Jack M. Germain
Dec 15, 2008 10:30 AM PT

As malware writers and Internet attackers become more sophisticated, 2009 looks to be a year of more focused attacks by profit-driven criminals bent on stealing data from businesses, employees and consumers.

Report: Hackers Will Be Bolder, Smarter, Craftier in 2009

Networking firm Cisco released its annual Threat Report Monday, citing a nearly 12 percent increase in the number of disclosed vulnerabilities over 2007 and a tripling of vulnerabilities in virtualization technology since last year.

Targeted attacks and blended, cross-vector assaults, along with a 90 percent growth in threats originating from legitimate domains, top this year's list of the most worrisome new trends plaguing computer users, according to the report.

Attackers are changing tactics, leaving infected attachments behind for more specialized methods. Malware volume propagated via e-mail attachments declined by 50 percent from the previous two years (2005-2006), noted Cisco researchers.

"The cybercriminals this year changed the entire threat landscape," Patrick Peterson, Cisco fellow and chief security researcher, told TechNewsWorld.

Open Door Browsers

While some of the current Internet threats are older viruses and Trojans from previous years, Internet criminals have staked out new attack vectors this year based on the use of Web-based services reached through standard browsers.

"The old adage that threats follow usage is still true. Everybody is using the Web browser for everything," said Peterson.

As a result, criminals have refocused their efforts to capitalize on browser vulnerabilities and infected Web sites.

Web Mafia

Technology and cooperation are greatly assisting cybercriminals. They do not necessarily have to be very technically advanced and spend time reverse engineering the Web to find vulnerabilities.

"The criminals form their own little ecosystems where they can buy criminal infecting kits," said Peterson.

The goal of these attacks is to inject malware into a vulnerable Web site, he said.

Spam Still King

Spam accounts for nearly 90 percent of all e-mail worldwide, according to Cisco. Despite spam filters and e-mail appliances to help control the flood of spam messages, they remain an ever-present threat on the Web.

The United States is the biggest source of spam messages at 17.2 percent. Turkey generates 9.2 percent, Russia generates 8 percent, Canada generates 4.7 percent and Brazil generates 4.1 percent. Other sources include India (3.5 percent), Poland (3.4 percent), South Korea (3.3 percent), Germany and the United Kingdom (2.9 percent each).

Web Threats

Cisco researchers found a growing threat level associated heightened use of a tactic known as "spearphishing" -- phishing attacks that precisely target a certain individual or small group. Attacks using botnets, social engineering and reputation hijacking became noticeably more prevalent.

For instance, targeted spearfishing represents about 1 percent of all phishing attacks; however, it is expected to become more prevalent as criminals personalize spam and make messages appear more credible.

Botnet success is pronounced. Botnets have become a nexus of criminal activity on the Internet. For instance, this year numerous legitimate Web sites were infected with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites.

On the Rise

Another threat on the rise this year is social engineering. Attackers entice victims to open a file or click links which allow malware to download. These messages appeal to the receiver's career or actual social memberships.

Cisco expects that in 2009, social engineering techniques will increase in number, vectors and sophistication. Even more threatening is reputation hijacking.

More online criminals are using real e-mail accounts with large, legitimate Web mail providers to send spam. This attack method increases the deliverability of spam because it makes spam harder to detect and block. Cisco estimates that in 2008 spam resulting from e-mail reputation hijacking of the top three Web mail providers accounted for less than 1 percent of all spam worldwide but constituted 7.6 percent of the providers' mail traffic.

Developing Trends

For 2009, Cisco's researchers expect more instances of three key attack trends. These developing threats are posed by insider threats, data loss and mobile devices.

Insider threats come from negligent or disgruntled employees. The global economic downturn may prompt more security incidents involving employees, making it crucial for IT, HR and other lines of business to collaborate on mitigating threats, according to the report.

Data loss through careless workers or breaches by hackers -- as well as from insiders -- is a growing problem that can lead to grave financial consequences, noted Cisco. Technology, education and clear, well-enforced data security policies can make compliance easier and reduce incidents.

The trend toward remote working and the related use of Web-based tools, mobile devices, virtualization, cloud computing and similar technologies to enhance productivity will continue in 2009. These will create new challenges for security personnel. The edge of the network is expanding rapidly, and the increasing number of devices and applications in use can make the expanding network more susceptible to new threats, according to the report.

Fighting Back

While security experts are still largely playing catch-up, the growing Web threat this year has produced some meaningful results, Peterson said. For instance, the software industry now is placing more focus on creating secure applications.

In addition, steps have been taken to make Web sites more secure through penetration testing, Peterson said. He is seeing some signs of hope for better Web security.

For example, two prominent Web attacks this year were the Kaminsky Attack and the Clickjacker Attack. The quick distribution of patches fended off a significant amount of the damage these attacks could have caused, he said.

However, Peterson is not very optimistic about security measures getting ahead of attackers. Human nature rules, and security decisions by corporations are sometimes only made after a problem develops.

Which type of online advertising is most likely to attract your favorable attention?
Straightforward display ads
Ads based on my interests
Informational articles on products/services
Video ads
Ads designed to grab my attention, e.g. pop-ups, autoplay
None -- I avoid all online ads