Cyber threats are on the rise
Third-quarter cyberthreat stats reported by Secure Computing reveal troubling trends
The volume of spam hit record levels last summer, with more of
it than ever coming from sources in the United States, according to
the third-quarter Internet Threats Report that Secure Computing
Corp. released Oct. 27.
The findings from the company's study of worldwide
Internet traffic continue long-established trends, with online
threats becoming more common and more criminal, said Sven Krasser,
director of data-mining research at Secure Computing.
'We expected what we saw,' Krasser said. 'We
see that threats continue to be a rising concern.'
The most disturbing aspect is the growing use of spam, malicious
code and botnets by organized criminals who are in it to take your
money, Krasser said.
'It's becoming a big business,' he said.
Projections suggest that it is only likely to get worse. E-mail
volume already tops 200 billion messages a day, and most of it is
spam or other malicious material. The company predicts that the
volume could grow to 250 billion messages a day during the coming
holiday season.
'Spam volume keeps growing and sucking up
infrastructure,' Krasser said, which means it is important to
stop unwanted traffic at the network boundary to protect resources.
'Most people have e-mail solutions because spam makes e-mail
unbearable without it.'
Because of that, blended threats that combine e-mail messages
with malicious code hosted on Web sites ' many of them
legitimate 'continue to grow. Malicious use of
social-networking and other interactive Web sites is also on the
rise.
Spammers are nothing if not topical, and e-mail messages
offering links to headline news Web sites that contain malware are
becoming a bigger phenomenon, especially with more people using
mobile Internet-connected devices to stay informed about events.
Phishing e-mail messages that attempt to capitalize on fears about
the economic crisis are also emerging. Banking messages made their
way into the top 10 types of spam encountered in the past three
months.
'Phishing attacks spiked significantly following the
announcements of various bank failures in late September,'
the Secure Computing report states. 'While there was no
strong trend towards using any one specific bank or failure,
overall increases in phishing activity in the days following each
major announcement were recorded.'
However, some things haven't changed: The top spam subject
remains male enhancement, accounting for more than 30 percent of
spam messages, followed by advertising at 19 percent and
prescription drug pitches at about 11 percent.
One topical subject that saw rapid growth among spammers in the
third quarter was election-related messages. As if legitimate
campaigning wasn't bad enough, election-related spam is
estimated to be reaching 100 million messages a day.
'After a surge on Sept. 3, the spam race between the two
presidential candidates has narrowed but remains biased towards
Obama, who has maintained a minimum 10-point lead on most
days,' the report states. 'After the second
presidential debate on Oct. 7, Obama again gained popularity among
spammers, and over 80 percent of election-related spam currently
bears his name.'
The significance of that bias is difficult to determine, Krasser
said. It probably reflects the level of media attention the
Democratic candidate receives, but it could also be a reflection of
his campaign's successful use of the Internet and the
assumption that his supporters are more likely to be Internet
savvy. 'But it's all speculation,' Krasser said.
'Spammers don't have a political agenda.'
Another interesting shift was the growth in the percentage of
spam originating in the United States. Already the No. 1 source of
worldwide spam, the country nearly doubled its lead, growing from
16.6 percent in the second quarter to 32 percent in the third.
Turkey, Russia and Brazil all remained distant runners-up with each
accounting for 5 to 7 percent of the market.
'The significant increase in the amount of spam attributed
to the U.S. in the last three months is not easily explained, but
the fact remains that the U.S. now sends more spam than the next
seven leading countries combined,' the report states.
The top five types of malware detected in the third quarter,
ranked by prevalence, were:
- Infection of legitimate Web sites through SQL injection
attacks.
- Trojan.Hijacker.Gen, a generic name for new malware that
creates backdoor access to computers.
- The Netsky worm, which keeps compromised computers generating
e-mail traffic for years despite most anti-malware products'
ability to detect it.
- The FSG runtime packer, which continues to create new variants
of malware and hide malicious intent.
- A new entry, HIDDENEXT.Worm.Gen, that spreads through removable
devices such as USB thumb drives.
The success of malicious code is reflected in the continuing growth
of botnets, which are networks of compromised computers that can be
used for criminal activities. An estimated 5,000 new zombie
machines are compromised every hour.
'It is incredible that they are able to sustain that rate
of infections,' Krasser said.