Report finds online attacks shift toward profit
August 2, 2005IBM reported that virus-laden emails and criminal driven security attacks increased by 50 percent in the first half of 2005 - underscored by a significant rise in 'customized' attacks on the government, financial services, manufacturing and healthcare industries.
This substantial increase, along with a decrease in less profitable threats, such as spam and simple computer viruses, indicates a growth in targeted attacks against specific organizations and industries -- apparently created with the purpose of stealing critical data, identities or extorting money.
The Global Business Security Index, a worldwide barometer of security trends collected and analyzed by IBM's Global Security Intelligence team and its partners, indicates that such customized, 'for profit' attacks have been predominantly directed at government agencies, financial services companies, healthcare organizations and large multinational corporations, particularly within the aerospace, petroleum, and manufacturing industries.
According to the report, there were more than 237 million overall security attacks in the first half of the year. The government was the most targeted industry, with more than 54 million attacks, while manufacturing ranked second with 36 million attacks, financial services was third with approximately 34 million, and healthcare was hit with more than 17 million attacks - accounting for more than 137 million of all attacks this year.
IBM has seen a resurgence of targeted phishing attacks for money laundering and identity fraud purposes, believed to be largely driven by criminal gangs that have become more astute in the creation and delivery of such attacks. According to its latest Global Business Security Index, in the first half of the year, there were more than 35 million phishing attacks launched to steal critical data and personal information for financial gains.
Spawns of phishing threats such as 'spear phishing' - highly targeted and coordinated attacks at a specific organization or individual designed to extract critical data - increased more than ten-fold since January of this year alone. Unlike in previous years, when viruses were mainly created and launched to slow down and cripple IT systems, these types of 'customized' attacks have shown their potential to defraud businesses, steal identities and intellectual property and extort money, while damaging the brand and eroding customer trust.
The ratio of spam to legitimate email continuously decreased over the course of the last six months, from 83 percent in January to 67 percent in June 2005, while virus-laden email increased fifty percent over the same period. At first glance what appears to be good news - the leveling off of massive outbreaks that cripple IT environments on a regional or global basis in the past six months - seemingly indicates that hijacking computers to send spam is no longer the network disruption of choice.
Hackers have turned toward more criminal and lucrative areas of directing attacks to specific individuals or organizations, often financially, competitively, politically or socially motivated. IBM's Global Business Security Index shows that in December of 2004, one in every 52 emails was infected by some sort of malicious security threat; by January it was one in every 35 emails, and by June, that ratio increased to one in every 28 emails - signifying a fifty percent increase from last year - a disturbing trend for businesses and consumers alike.
"IBM advises its clients to rapidly adopt a holistic, enterprise-wide approach to security and risk management," said John Lutz, general manager, Financial Services Sector, IBM. "To protect their critical data, infrastructure, brands, and money, IBM advises businesses to rethink how they protect their operations, business processes and governance structures. Companies can employ the latest protective technology, while ensuring that their own customers get highest level of protection available."
Additional key findings from IBM's First Half 2005 Global Business Security Index:
Top 10 malware (malicious software) detected, by family, included: W32.Mytob; W32.Agobot; W32.Opaserv; W32.Sober; Ranky and Sdbot Dropper; W32.Backdoor; W32.Ranky; W32.Mydoom; W32.Sdbot and W32.Maslan
New threats emerged:
In March 2005, the emergence of a potential new threat affecting the Internet - pervasive Domain Name Service (DNS) cache poisoning was discovered. DNS cache poisoning is the act of corrupting a DNS server's ability to map machine host names to its proper IP address and would hijack visitors to an advertisement or inappropriate web site instead. While these types of threats have been seen for a few years, the new version uses two new technologies and any DNS server that is not configured properly may be susceptible to this type of attack
In May 2005, a malware business was uncovered operating from iframeDOLLARS.biz. This Web site attempted to recruit partner Web sites to host a variety of malicious code to exploit Internet Explorer browsers, which paved the way for numerous trojans, backdoors and spyware installed on a computer .
The IBM Global Business Security Index Report is a monthly report that assesses, measures and analyzes potential network security threats based on the data and information collected by IBM's 3,000 worldwide information security professionals and thousands of monitored devices.
For more information, please visit: http://www-1.ibm.c … crs/a1008776 .
-
Bogus training offer opens hacker doors to bank accounts
Feb 05, 2012 |
5 / 5 (5) |
3
-
Anonymous, loose-knit group of 'hacktivists'
Jan 20, 2012 |
5 / 5 (1) |
0
-
Hackers attack Philippine vice president's website
Jan 02, 2012 |
not rated yet |
0
-
Controversial research on bird flu
Dec 28, 2011 |
4.6 / 5 (8) |
13
-
'Anonymous' hackers target US security think tank
Dec 25, 2011 |
5 / 5 (11) |
96
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (30) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (3) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (1) |
0
More news stories
Zynga partners with toy maker Hasbro
Old school toy maker Hasbro and online social game star Zynga on Thursday announced a partnership to mesh the Internet firm's hits with real-world products.
35 minutes ago |
not rated yet |
0
US video game sales fall 34 percent in January
(AP) -- U.S. retail sales of video game hardware, software and accessories fell 34 percent in January from a year earlier to $751 million due to the lack of new game titles, according to market researcher NPD Group.
1 hour ago |
not rated yet |
0
Samsung can continue selling Galaxy tabs in Germany: court
South Korea's Samsung Electronics can continue to sell its Galaxy Tab 10.1N tablet computer in Germany, a German court ruled Thursday, rejecting a bid by arch-rival Apple to have them banned.
22 hours ago |
4 / 5 (4) |
3
Digital photos could put kids at risk
A study published in the International Journal of Electronic Security and Digital Forensics this month suggests that parents and carers could be putting children at risk if they upload digital photos that are automatically "geota ...
18 hours ago |
5 / 5 (1) |
3
Google launches Chrome browser for Android smartphones
With more and more people connecting to the Internet through a phone or a tablet instead of a PC, Google Inc. is bringing its fast-growing browser, Chrome, to the newest Android-powered mobile devices.
21 hours ago |
5 / 5 (5) |
0
Humans may have helped the decline of African rainforests 3000 years ago
(PhysOrg.com) -- Large areas of rainforests in Central Africa mysteriously disappeared over three thousand years ago, to be replaced by savannas. The prevailing theory has been that the cause was a change ...
Japan scientist makes 'Avatar' robot
A Japanese-developed robot that mimics the movements of its human controller is bringing the Hollywood blockbuster "Avatar" one step closer to reality.
Protein libraries in a snap
(PhysOrg.com) -- A Rice University undergraduate will depart with not only a degree but also a possible patent for his invention of an efficient way to create protein libraries, an important component of biomolecular ...
Sleep breathing machine shows clear benefits in children with sleep apnea
Children and adolescents with obstructive sleep apnea had substantial improvements in attention, anxiety and quality of life after treatment with positive airway pressure (PAP)a nighttime therapy in which a machine ...
Neurologic improvement detected in rats receiving stem cell transplant
In a study to be presented today at the Society for Maternal-Fetal Medicine's annual meeting, The Pregnancy Meeting, in Dallas, Texas, researchers will report that early transplantation of human placenta-derived mesenchymal ...
Miami battling invasion of giant African snails
No one knows how they got there. But an invasion of African giant snails has southern Florida in a panic over potential crop damage, disease and general yuckiness surrounding the slimy gastropods.