Subscribe to Our e-Infosources | Search | LOGIN




Home arrow Asian Channels arrow Channels Web Stories arrow Channels Web Stories Archive arrow Asian Channels December 2006 arrow Organized crime will continue to be a serious Web Threat in 2007
Organized crime will continue to be a serious Web Threat in 2007 Print E-mail
In: Asian Channels December 2006
Written by Shanti Anne Morais   

Research gathered and analyzed by TrendLabs demonstrates that in 2006 organized crime continued to be key to identity theft, corporate espionage and extortion.  Botnets have emerged as a popular tool among attackers looking to carry out targeted attacks. 

Moving into 2007, it is expected that a further increase in web threats -- those threats that use the Internet to perform malicious and often self-perpetuating activities -- and in particular those threats targeting social networking sites will be observed.  These web threats will emerge from the shadows of email threats.

Owing to increased bandwidth in many countries, the downloading of media files, cool programs and other data types is becoming very popular.  Malicious attackers are increasingly using public networking sites to hide their malware, with unsuspecting users downloading malicious files, often triggering multiple infection routines.

Money remains the primary driver behind the majority of threats.  During 2006, image spam has come to the fore, with its emergence helping fuel the trade in the illegal manufacturing and sale of brand-name drugs.  Also, hackers, spyware- and malware-creating groups have joined forces to make money from home and business users.

2006 saw the disappearance of large virus outbreaks, replaced instead by smaller targeted or regional attacks.  A targeted attack focuses its aim on a particular group of people – such as a specific company or user group.  Regional attacks are similar, but target a country or region with a carefully crafted piece of malware using some type of event that would be of importance to the target group.  Outbreaks are quite different in this new situation, affecting fewer users and often combining multiple pieces of malware to create one blended threat. All this indicates that malware authors are using stealthier means of propagating threats. Trend Micro anticipates that this trend will continue to be used by attackers in 2007 and beyond. 
Noteworthy findings from Trend Micro’s 2006 Threat Report and 2007 Forecast include:

Digital threats have increased at an average of around 163 percent year on year

  • Web-based threats have increased by almost 15 percent since last December accounting for almost half-a-million reports this year 
  • The fight against spyware appears to have reached its peak, thanks to its creators finding new, innovative ways to distribute them. Some adware is on the verge of becoming malware with the advent of click fraud
  • On average, Trend Micro has identified more than two-million different pieces of spam flooding the Internet each month with English being the predominant language used, likely due to its global application in the business world. Regionally targeted spam for the Japanese market is on the rise while Chinese spam is the third largest, with more than half a million pieces recorded. The most successful spam leverages topics that are likely to be a concern to a majority of people – thus ensuring propagation via social engineering.
  • Bots are also increasing greatly.  Trend Micro recorded an average increase of 15 percent since last December with more than 140,000 bots being flagged every month
  • Rootkits are still a growing concern as they are employed by malware and spyware to hide in infected systems. The longer malware remains active, the higher the chance of obtaining confidential and personal data. Rootkits buy malware more time by hiding processes, registry entries and related filed from antivirus scanners and other security checks. With Microsoft vista, kernel-level rootkits will be on the decrease. However, user-lever rootkits will continue to be a threat and while easier to remove, will remain a formidable enemy.
  • With Microsoft Internet Explorer 7 (IE7) set to become the most popular web browser worldwide, Trend believes this will open the floodgates to more opportunities of spyware, specifically adware, exploits. This includes tab-jacking which allows spyware companies to create persistent, ad-based tabs that will reappear when IE 7 is re-started, even if the user closes the ad-tabs; and RSS injection where Trend Micro anticipates that adware companies will soon inject their own RSS feeds, providing a stream of content into RSS data. In addition, Trend Micro expects to see a proliferation of search box stealing mainly because IE 7’s search box is configurable allowing spyware companies to hijack it to operate searches on their own desired search engines, thereby generating search engine Pay Per Click revenue for adware companies.
  • Mobile phone malware will likely increase with the increasing number of smart phones on the market. At the moment, mobile phone malware seems to be the work of smaller groups, not criminal organizations, but the lure of trapping more potential victims may change this for the worse.

"Computer crime has evolved into organized crime, it is no longer the game of individual attackers," notes Jamz Yaneza, senior threat research analyst. "With money as their main driver, our research has tracked how attacks have moved from being fast and large scale to being cleverly crafted to attack very specific groups under the radar.  The unseen web threat is maturing, and users should be ever-more careful about what they download and install, as blended threats are ever-more cunning in their attempt to steal corporate and personal data or money."

By Shanti Anne Morais

 
[ Back ]
SITF DCI Channel Enablers CMO Council