Online crime more sophisticated, professional: Symantec
Last Updated: Monday, March 19, 2007 | 8:55 AM ET
CBC News
Related
Internal Links
Online criminals looking for sensitive information are diversifying their strategies and turning their attention to lower-level vulnerabilities in software, security company Symantec said in a report released Monday.
"From an attack perspective, the line between high- and medium-severity vulnerabilities has blurred," Dean Turner of Symantec told CBC News Online. "In a way, that's good news. First, that's because there aren't as many high severity vulnerabilities and they get patched almost immediately."
But the same cannot be said of lesser security holes in software, he suggested. "Medium vulnerabilities remain unpatched for a longer term," making them ripe for exploitation, he said.
Malicious activity increasing
Turner was the principal author of Symantec's semi-annual Internet Security Threat Report, in which the company said it has, over the past year, observed a rise in malicious online activity, which now includes systematically co-ordinating various attack methods such as viruses, phishing, Trojans, bot networks and spam.
For example, a software vulnerability could be exploited by infecting a computer with a virus or Trojan — a program that appears to perform one function but disguises its malicious purpose — or tricking the user into disclosing sensitive information such as a password through a phishing scam.
The technique could enable the attacker to hijack a computer and turn it into part of a bot network that sends out infected e-mails or spam that lures more potential victims to a phishing or Trojan site that steals their information.
The value of the stolen information or finances to which it grants access is almost impossible to gauge, Turner told CBC News Online.
"It's hard to track real dollar amounts for this sort of thing," said Turner. "I've seen estimates of anywhere from hundreds of millions to billions of dollars. The truth is probably somewhere in between."
Turner said Symantec had observed that at least some of the malicious activity had shifted from something done by teenagers showing off to their peers to an almost normalized occupation.
"There's certainly a professional aspect," he said, citing the Bancos family of Trojans — which created fake login pages for certain Brazilian banking sites to steal usernames and passwords — as an example. "We felt it was a 9-to-5 job and when we looked at the release times and dates, that's what we found."
Attackers are also sending out more "pump and dump" stock spam, the report notes.
When a mass e-mail dupes enough people into investing in a stock to drive its price up, criminals can profit from the movement in the market, Turner said.
"These guys are sophisticated," Turner said. "We see a lot of spam disguised as legitimate looking investment newsletters."
New types of threats
The report, covering the period July 1 to Dec. 31, 2006, tracked a number of security threat indicators for the first time in response to trends Symantec had been observing, Turner said.
One such indicator was the origin of threats. Symantec noted the countries responsible for the most malicious activity, finding the United States was responsible for 31 per cent, followed by China with 10 per cent and Germany with seven per cent.
"Where you have the highest internet penetration will also be where you have the most malicious activity, so that's not surprising," Turner said.
'Where you have the highest internet penetration will also be where you have the most malicious activity.'—Dean Turner, Symantec
In contrast, the proportion of malicious activity attributable to a single user on average placed Israel at the top of the list of top 25 offenders. Israel was responsible for nine per cent of online attacks, followed closely by Taiwan at eight per cent and Poland with six.
Infected computers that were hijacked into being part of an active bot network that distributes malicious code or spam e-mail rose 11 per cent to about 63,912 infections a day, while the overall figure for compromised computers was 6,049,594, a 29 per cent increase over the first half of 2006.
The company tracked stolen data for the first time in the new report, finding that 51 per cent of trade in credit cards and stolen identities was conducted on computer servers in the U.S. The government sector worldwide led in potential identity theft data breaches, at a quarter of all such incidents.
Spam made up 59 per cent of all e-mail traffic observed, up five points over the first half of the year when it was 54 per cent.
The report also found that the number of vulnerabilities that were reported and exploitable on the same day rose sharply, with 12 of the so-called "zero-day" vulnerabilities in the latter half of 2006 compared to just one in the first part of the year.
Share Tools
Top News Headlines
- Everest victim's husband says family not seeking government help
- The husband of a Toronto woman who died trying to climb Mt. Everest on Saturday says his family is not seeking government help to cover the cost of bringing his wife's body home. more »
- B.C. premier unhappy with disgraced Mountie's transfer
- B.C. Premier Christy Clark says she is not happy with the RCMP decision to transfer a disgraced Alberta Mountie to the West Coast. more »
- Henrique's OT goal sends Devils into Stanley Cup final
- The New Jersey Devils will vie for a potential fourth Stanley Cup in franchise history after defeating the New York Rangers in six games in the Eastern final, courtesy of rookie Adam Henrique's goal early in overtime. more »
- Employment Insurance review boards to be scrapped
- The federal government is scrapping two review boards used by people appealing decisions made about their employment insurance. more »
Latest Technology & Science News Headlines
- Unloading of docked SpaceX capsule to start Saturday
- The privately bankrolled SpaceX Dragon capsule made a historic arrival at the International Space Station on Friday, and astronauts will begin unloading some of the 544 kilograms of food, water, clothing and other supplies its carrying starting Saturday. more »
- South Africa, Australia to share world's largest telescope
- South Africa and Australia will jointly host the Square Kilometre Array, which promises to be the world's largest telescope, the international consortium in charge of the project said Friday. more »
- Bonavista, N.L., 'coyote' was really wolf, tests confirm
- Wolves have not been seen in Newfoundland since around 1930 and were believed to have been hunted to extinction on the island, but genetic tests have confirmed that an 82-pound animal shot on the Bonavista Peninsula in March was, in fact, a wolf. more »
- Once-rare argus butterfly thriving thanks to climate change
- Global warming is threatening the existence of many species, such as the giant polar bear, but in the case of Britain's brown argus butterfly, it took a species in trouble and made it thrive. more »
- Yahoo scraps digital magazine designed for iPad
- Yahoo has killed Livestand, a tablet magazine, just six months after its debut on the iPad. more »
Bob McDonald's Blog
Government to shut down unique fresh water research area May. 25, 2012 12:31 PM The Experimental Lakes Area research facility in Northern Ontario is being closed down after 44 years of providing invaluable data to scientists in Canada and internationally, a decision that has stunned researchers and environmental groups.
Quirks & Quarks
- May 26: Before the Lights Go Out May. 25, 2012 4:15 PM A new book, "Before the Lights Go Out: Conquering the Energy Crisis Before It Conquers Us", suggests that the unpredictable, unplanned, ad-hoc way our energy use developed in the past will shape our energy future.
Latest Features
- Aylmer triple stabbing leads to first-degree murder charges
- Everest victim's husband says family not seeking government help
- B.C. premier unhappy with disgraced Mountie's transfer
- Third B.C. salmon farm quarantined
- What a Greek euro exit could mean for Canada
- RCMP officer charged in fatal crash
- Canada ending 'Buffalo shuffle' for visas, closing consulate
- Reclaiming the dead on Mt. Everest
- Employment Insurance review boards to be scrapped
