Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Cyber criminals increasingly professional says Symantec
Posted on 18-Sep-2007 08:29. | Tags Filed under: News.



The latest Internet Security Threat Report (ISTR), Volume XII released by Symantec Corp. concludes that cyber criminals are increasingly becoming more professional – even commercial – in the development, distribution and use of malicious code and services.

While cybercrime continues to be driven by financial gain, cyber criminals are now utilizing more professional attack methods, tools and strategies to conduct malicious activity.

“As the global cyber threat continues to grow, it has never been more important to remain vigilant and informed on the evolving threat landscape,” said Dan Lohrmann, chief information security officer, State of Michigan. “Symantec's Internet Security Threat Report continues to provide us with critical information on the most current online security trends, helping us better protect our state's infrastructure and citizen information.”

During the reporting period of 1 January 2007, through 30 June 2007, Symantec detected an increase in cyber criminals leveraging sophisticated toolkits to carry out malicious attacks. One example of this strategy was MPack, a professionally developed toolkit sold in the underground economy. Once purchased, attackers could deploy MPack’s collection of software components to install malicious code on thousands of computers around the world and then monitor the success of the attack through various metrics on its online, password protected control and management console.

Phishing toolkits, which are a series of scripts that allow an attacker to automatically set up phishing Web sites that spoof legitimate Web sites, are also available for professional and commercial cybercrime. The top three most widely used phishing toolkits were responsible for 42 percent of all phishing attacks detected during the reporting period.

During the reporting period, Symantec detected attackers indirectly targeting victims by first exploiting vulnerabilities in trusted environments, such as popular financial, social networking and career recruitment Web sites.

Symantec observed 61 percent of all vulnerabilities disclosed were in Web applications. Once a trusted Web site has been compromised, cyber criminals can use it as a source for distribution of malicious programs in order to then compromise individual computers.

Credit cards were the most commonly advertised commodity on underground economy servers, making up 22 percent of all advertisements; bank accounts were in close second with 21 percent.

Symantec documented 237 vulnerabilities in Web browser plug-ins. This is a significant increase over 74 in the second half of 2006, and 34 in the first half of 2006.

Spam made up 61 percent of all monitored e-mail traffic, representing a slight increase over the last six months of 2006 when 59 percent of e-mail was classified as spam.

Theft or loss of computer or other data-storage medium made up 46 percent of all data breaches that could lead to identity theft. Similarly, Symantec’s IT Risk Management Report found that 58 percent of enterprises expect a major data loss at least once every 5 years.




More information: http://www.symantec.com/threatreport...

comments powered by Disqus




Trending now »

Hot discussions in our forums right now:

NZ Prime Minister John Key Resigns
Created by ajobbins, last reply by gzt on 7-Dec-2016 22:36 (190 replies)
Pages... 11 12 13


Wilson's Car Park - When Free is not free
Created by nzkiwiman, last reply by benokobi on 7-Dec-2016 21:48 (33 replies)
Pages... 2 3


The President Of The USA - Who do you think?
Created by TimA, last reply by Fred99 on 6-Dec-2016 14:57 (899 replies)
Pages... 58 59 60


Dishwasher not Working Properly
Created by tdgeek, last reply by mdav056 on 5-Dec-2016 20:18 (28 replies)
Pages... 2


What the F is the deal with lotto?
Created by Rikkitic, last reply by freitasm on 7-Dec-2016 23:43 (21 replies)
Pages... 2


Spark not planning to deploy native IPv6 at all. Ever.
Created by Erayd, last reply by sbiddle on 7-Dec-2016 20:57 (19 replies)
Pages... 2


'Quality' NZ news on the way?
Created by Rikkitic, last reply by alasta on 4-Dec-2016 09:49 (91 replies)
Pages... 5 6 7


JB Hifi Cost & GST Sale - 7th Dec
Created by Finch, last reply by Kopkiwi on 7-Dec-2016 15:11 (16 replies)
Pages... 2