Cybercriminals favour silent attacks

Fears that cyber-criminals are becoming more sophisticated have been backed by a newly-released security report.

While virus and malware writers were once happy to create headlines and disrupt service, this is changing as they turn to creating crimeware, software specifically designed to carry out criminal activity.

According to Symantec’s ninth Internet Security Threat Report, cybercriminals are developing new and more sophisticated techniques to steal data for financial gain.

The report reveals that attackers are increasingly using bot-networks, modular malicious code and targeted attacks on web applications and web browsers to commit cyber attacks.

These methods of attack are designed to silently steal data for profit without alerting a user to its presence.

Richard Archdeacon, director of the innovation group at Symantec Corp, said: “Gone are the days when script-kiddies used to develop attacks which would cause maximum damage and attract as much attention as possible. The people behind today’s cybercrime are using silent and more targeted methods to steal data and other sensitive information undetected.

“The increased use of bot networks is coupled with the emergence of an online ‘mafia’ which sees a few ‘Mr Bigs’ controlling massive parts of the internet for financial gain.”

In addition to the use of botnets, phishing attacks continue to be a threat to computer users. During the last half of 2005 7.92 million daily phishing attempts were identified, an increase on the 5.70 million attempts per day in the previous period. Between July and December 2005 phishing attempts made up one in every 119 emails, an increase from one in every 125 messages in the first half of the year.

www.symantec.com