The problem of malicious software or malware appears to be getting exponentially worse. So far this year, IBM Internet Security Systems (ISS) X-Force research and development team has identified more than 210,000 new malware samples. That’s more than the team found during all of 2006.
According to the team’s report, Trojans (seemingly legitimate files that are actually malware) comprise the largest category so far in 2007, accounting for 28 percent of all malware. In 2006, Downloaders was the most common category. A downloader is a low-profile piece of malware that installs itself so that it can download and install a more sophisticated malware agent later.
"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force for IBM Internet Security Systems. "This directly correlates to the rise in popularity of Trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."
The report also says that underground, for-profit exploiters have adopted new marketing techniques. Among these is the option to “lease” an exploitive approach, cutting attackers’ initial investment.
The IBM team reports that Spain has taken South Korea's place as the highest source of phishing e-mails, accounting for 17.9 percent of the worldwide volume. Phishing involves bogus emails that try to lure recipients into revealing personal information such as passwords, bank account numbers and passwords.
Source: IBM
Related stories:
Security gurus see even harsher browser attacks for '07
Another year, another round of sneaky online attacks. IBM security experts anticipate 2007 will see more sophisticated profit-motivated cyber attacks, including more focus on Web browsers as well as advances in image-based spam.
More targeted cyber attacks likely in 2006
The latest security report from IBM foresees cybercrime evolving from pervasive global outbreaks to smaller, stealthier attacks targeted at specific organizations for extortion purposes. IBM Global Business Security Index Report summarizes trends in security for last year and maps out what’s on the way in 2006.
Report finds online attacks shift toward profit
IBM reported that virus-laden emails and criminal driven security attacks increased by 50 percent in the first half of 2005 - underscored by a significant rise in 'customized' attacks on the government, financial services, manufacturing and healthcare industries.
IBM Introduces New Weapons in the Fight against Spam
IBM today introduced new anti-spam technology to help companies reduce the cost and security risks associated with spam and make existing spam filtering solutions more effective.
Dealing with spam is costing businesses a significant amount of time, money and system resources. In addition to loss of workforce productivity, spam has become a vehicle for identity theft and propagating viruses and worms that can be devastating to company reputations and IT systems.
Viruses and Worms Targeting Mobile Devices, Satellite Communications Anticipated in 2005
IBM announced the results from its 2004 Global Business Security Index Report and provided an early look at potential security threats in 2005. Based on early indicators, a new and troubling trend this year may be the aggressive spread of viruses and worms to handheld devices, cell phones, wireless networks, and embedded computers, which include car and satellite communication systems.
End tyranny of software updates
Q. Is there any way to know what is being updated when Microsoft updates come through? Being a learned - rather than born - skeptic, I'm suspicious each time an automatic update appears indicating that something is happening that will make it easier for somebody else to run my life or take more of my money or freedoms away.
Microsoft's FCS Only Partially Delivers the Goods
Review: eWEEK Labs found that Microsoft's new Forefront Client Security package meets only the baseline requirements for an enterprise security solution.
Commtouch: Malware Writers' Tactics Evolving
The security vendor says server-side polymorphic malware exploded across e-mail during the first quarter of 2007, with attackers exploiting the vulnerabilities of traditional anti-virus tools.