New year brings fresh security fears

Everybody knows that the pace of change in the technology world is relentless and that today's hi-tech hotshot can be tomorrow's also ran.

Change also happens quickly in hi-tech crime circles. What was a popular technique or target one month may fall out of favour quickly.

In 2005 the increasing speed with which computer security firms react to new strains of viruses, spyware and other malicious programs was motivating tech-savvy criminals to find fresh ways to frustrate us and separate us from our money.

Business as usual

To begin with the loud background noise generated by security problems in 2005 looks set to continue in 2006.

The opening three weeks of 2006 saw the debut of more than 40 Windows viruses, almost all of which are variants of well-known malicious programs. Some viruses now have many hundreds of variants.

Many of these are being written so they can be used to make money for their criminal creators.

"It's about the crooks," said Philippe Courtot, founder and head of security scanning firm Qualys.

Mr Courtot said the net was hugely attractive to criminals now because so much commerce was generated via the net. The lure of tapping into that flow of cash was proving a real draw.

"There's real money to be made," he said.

Security experts see novel threats emerging on several fronts. They expect to see attacks coming from countries with little or no history of producing computer criminals.

They also expect 2006 to see malicious and criminally minded hackers embrace new technologies and exploit the more collaborative ways of working the net permits.

Chris Boyd, security research manager for FaceTime Security, said he had seen evidence that hacker groups in the Middle East were starting to mount attacks.

Digital detective work led him to think that the groups were based in the Middle Eastern nations. In the past many nations named and shamed as hacker havens, such as China, have only hosted the machines compromised by malicious hackers in other nations.

Phishing attacks are getting more sophisticated
Mr Boyd said the Middle Eastern groups he was keeping an eye on were hatching very sophisticated attacks.

One group had set up a large 'bot net of more than 17,000 compromised PCs that they could control remotely. It was also experimenting with the BitTorrent file-sharing system to download data to these machines.

Evidence for the emergence of the Middle East as a fertile region for hacker groups came out in late August 2005, when two men were arrested in Morocco and Turkey for their part in creating and distributing the Zotob worm.

The writers of viruses and spyware are also searching for new ways to get their creations on to users' PCs, said Simon Heron, technical director at security firm Network Box.

One likely avenue for attack would be poisoned music and video files, he said.

The growing use of portable media players, smart phones and high-capacity flash drives meant more and more people were carrying around media.

Few people were aware that media files could harbour viruses, spyware and other trojans said Mr Heron.

"Because of the massive increase in interest there are a lot of downloads going on," he said, "But most people think of it just as music or video."

There were also hints that malicious hacker and criminal groups were starting to target the tools that people use to collaborate at work.

Attacks on instant messaging networks continued to rise, said Mr Heron, and were likely to grow as the separate systems started to work together much better.

IBM, in its annual Global Business Security Index report, said that attacks launched by criminal hacking groups were getting much more finely targeted.

Phishing gangs in particular were moving away from blanket e-mail campaigns and now preferred to exploit much smaller groups.

Such attacks, called "spear fishing" disguise e-mail messages to look like they come from inside a company often from the human resources or technology support sections.

"The attacks are tuned to make it look like they are from organisations we would usually trust," said Nick Coleman, IBM's head of security services.

Statistics gathered by IBM suggest that the numbers of phishing e-mails in circulation is rising. In 2004, every one in 943 e-mail messages was a phish. In 2005 the figure was one in 304.

Figures gathered by Telewest suggest that protecting yourself against viruses, phishing attacks and other mail-borne attacks can be expensive.

The average cost of fixing or replacing a computer infected by a virus comes out as £261.61 according to its estimates.

"The cost of leaving your PC open to infection is not to be sniffed at," said Philip Snalune, a spokesman for cable firm Telewest.
By Mark Ward
Technology Correspondent, BBC News website

Posted in Blog on