Security Market Segment LS
Wednesday, 10 February 2010 17:41

It's "business as usual:" 2009 Q4 McAfee Threats Report


McAfee's latest "Threats Report" demonstrates that the cops are getting better, but so are the robbers.

Although identifying a reduction in spam volume of 24% in the previous quarter, the report finds an increase of 35% since the previous year.

According to the report, "Malware continues to grow, with 2009 figures increasing more rapidly than those in 2008. Fake security software, AutoRun USB infections, and especially social networking attacks contributed to the totals.

Starting in November we saw dangers on the web greatly increase, with phishing, continuous activity from Koobface, many new Trojans and PUPs, and a sudden spike in suspicious domains registering during the week of December 20."

The practice of "headlining" has become more prevalent.  This is where a major world event (for example Michael Jackson's death) is used as the theme for a spam campaign.  "The body of the message won't necessarily have anything to do with the subject (usually the message body is unchanged from the current spam campaign), but it can often trick the victim of the spam to take an extra moment to look at the message."

Another event was the June 4th speech in Cairo by President Obama to the Muslim world.  "It was quickly followed by these spam headlines: 'Shocking Obama's speech,' 'Obama cursed by Pope,' 'Super Obama's pants,' and 'Obama sued for his speech.' The spam authors were clearly watching the trip carefully, though what they learned from it leaves much to be desired."

In 2009, McAfee saw a tremendous rise in malware.  In fact they refer to it as a Malware Tsunami.  "At the source of this malware tsunami is money. Threats and malware make money. Bots make money.  Fake security software makes tons of money. The lures and methods criminals use differ; however, they reflect common online user behaviors more than ever before.

"When a celebrity dies or a catastrophic weather event happens, people want information on it. The cybercriminal knows that people will go to the Internet to get this information and they react rapidly to the opportunity. Almost all high-impact news will lead to many of the same threats - fake websites and poisoned search results with the same goal in mind: data theft."

SQL-injection attacks seem to be a specialty of Chinese attackers.  Close to 55% of all attacks originated in China, with the US claiming a little over half of the remainder.  Most attacks were based on publicly-known SQL-injection techniques; "We also noticed remnants of the Damnec botnet in some of the attempts, reminding us that automated web server exploitation continues to thrive."

During the latter part of 2009, police forces around the world had a number of successes.  One of the best known was the FBI's Operation Phish Phry where over 50 US residents and nearly 50 more Egyptians were arrested and charged with a variety of fraud-based offenses.

Additionally, Romanian police caught 19 members of an alleged card skimming ring.

"In November, a group of Russian and Estonian hackers were indicted by a U.S. federal grand jury on charges of conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud, computer fraud, and aggravated identity theft. In November 2008, they allegedly obtained unauthorized access to the computer network of RBS WorldPay, the U.S. payment-processing division of the Royal Bank of Scotland Group PLC, located in Atlanta.

"The indictment alleges that the group used sophisticated hacking techniques to compromise the data encryption protecting customer data on payroll debit cards.8 Once the encryption was compromised, the hacking ring allegedly raised the account limits on compromised accounts, and then provided a network of "cashers" with 44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from over 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada. The $9 million loss occurred within a span of fewer than 12 hours."

The McAfee report also deals with issues such as the speed with which cybercriminals update their software tools, with 'hacktivism' (politically-motivated hacking) and all manner of bot-nets.  It certainly makes for interesting reading.

However, taking an eagle's eye view of the world, there seems to be one clear observation:

Plus ça change, plus c'est la même chose.

Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.


WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News