|
contents | software | |||||||
| 2006: The Year Spam Raised Its Game and Threats Got Personal MessageLabs has announced the results of its 2006 Annual MessageLabs Intelligence Report which examines trends seen over the last twelve months and looks forward to 2007. The report highlights the relentless escalation of spam activity throughout the year, with annual average spam levels reaching 86.2 percent, driven by an increase in sophistication of botnets and new targeted techniques. The adoption of new levels of ingenuity has changed the focus of the threat landscape significantly, with spam overtaking viruses as the dominant menace over the last twelve months, a trend which is predicted to continue through 2007. Corporate and industrial espionage attacks are also on the rise through targeted trojans intended to steal intellectual property and confidential information. MessageLabs now intercepts two attacks per day, compared to a much lower rate of one per week at the same point in 2005. The targeted approach is prevalent in phishing attacks too, an increasingly dominant force in all malicious emails intercepted by MessageLabs, with levels rising from 10.6 percent in January to 68.8 percent in December. A key component in the success of these highly targeted attacks is the distribution of spyware and adware which has grown into a multibillion dollar industry and fueled an increase in the number of botnets being created. Botnets have the ability to retrieve information such as cracked usernames, passwords, credit card numbers and other personal data stored in the web-browser's auto-fill database. MessageLabs analysts saw an increased number of bad guys renting one to two thousand bots for just $50-$60 a week, with the option of trading payment for stolen credit card numbers. A trend we are likely to see continue in 2007. MessageLabs security experts predict that 2007 will be the year of true convergence, between spam, viruses and spyware and also across business communication protocols, a trend that started to appear in 2006. Instant Messaging threats will become more aggressive as more IM ecosystems open their networks to each other in 2007, like Yahoo! and MSN did in 2006. Attacks against social networking sites such as MySpace and professional sites like LinkedIn and Plaxo are expected to continue due to useful and accessible contact information and user interests, making it easier to launch targeted attacks. Top Trends in 2006: - Spam: In 2006 the annual average spam rate was 86.2 percent, with botnets responsible for 80 percent of all spam in circulation. MessageLabs Skeptic technology identified that 63.4 percent of spam came from new and unknown sources. Geek spam, using technology buzzwords hidden in the body of the spam to dupe traditional anti-spam tools, was a new development. - Viruses: With the exception of the Nyxem.E virus (otherwise known as MyWife.D, Blackworm or Kama Sutra) in January 2006, no major virus outbreaks took place this year. MessageLabs intercepted more than four million copies of the virus during the first week of the outbreak. The annual average virus rate in 2006 was 1 in 67.9, a significant drop from 1 in 36.2 in 2005. - Phishing: Phishing attacks grew this year with the 2006 average phishing rate reaching one in every 274.2 emails. Phishing attacks accounted for 24.8 percent of all malicious emails intercepted by MessageLabs in 2006, rising from 10.6 percent in January to 68.6 percent by the end of the year. This is an increase from only 13.1 percent in 2005, marking a huge shift in cyber criminal activity. - Geographic Trends: Israel had the highest average spam rate overall for 2006 with 73.2 percent, a position held jointly by the US and Canada in 2005. Australia (48.1 percent), Hong Kong (71.7 percent) and Singapore (50.7 percent) all saw the greatest increases in spam rates year on year. MessageLabs analysts point to increasingly aggressive attacks in these regions to account for the dramatic increases over the last twelve months. Virus levels in all countries declined in 2006 compared to 2005. - Vertical/Industry Trends: Business Support Services has been bombarded with virus and spam attacks in 2006, the annual virus rate reaching 9.26 percent and average spam rate of 60.9 percent. Due to the nature of this sectors business, it is particularly vulnerable to attacks as companies, such as staffing agencies which make up this sector, receive unsolicited emails and attachments from people with whom they have no prior associations. Education, pharmaceutical and manufacturing sectors also saw high spam rates for the year, at over 60 percent. Predictions for 2007: - Threats are expected to converge further over the course of 2007 – as email security becomes tighter, the criminals will send more malicious emails with URL links that can slip under the security radar and wreak havoc on businesses. MessageLabs developed Link Following technology to follow links in emails protecting users from malicious websites through multiple layers of security. - Virus rates will continue to fall, as they have become unnecessary in the creation of botnets. MessageLabs predicts that the virus rate will fall to about 1 in 300 emails by the end of 2007. - Ransomware, malicious software that will encrypt key files and documents using a secret key known only to the extortionist, will become increasingly threatening as the technology used by cyber criminals becomes more sophisticated and unbreakable. - Spam will become more targeted throughout 2007. Just as geek spam targeted the IT sector, we will continue to see more sectors such as Finance and Legal targeted in a similar way. - ICANN will continue to be exploited through loopholes, and domain kiting will continue to be a problem. With domains lasting up to five days, cyber-criminals see this time as a window of opportunity and are able to do major damage. - Botnets will be engineered to be resilient, allowing the criminals to maintain control of zombie computers more easily, much like SpamThru which we saw in 2006. - Experts believe that the number of worms targeting Mac OS X will rise in the beginning of 2007. MessageLabs already detects an average of ten new worms per day overall. - The availability of "off the shelf" kits for less tech-savvy spammers will grow in numbers, and therefore increase the number of criminals that security experts will have to battle. - Late in 2007 MessageLabs expects to see VoIP threats emerge as adoption of the technology increases and criminals target application vulnerabilities. write your comments about the article :: © 2006 Computing News :: home page |