2008 was a good year for cybercrime
Cybercrime has become more sophisticated in 2008; security firms now say there are about 20,000 new malicious programs created every day, and Symantec reached a grim milestone: its antivirus software now protects against more than one million viruses
The year 2007 saw the rise of the professional hi-tech criminal, but in 2008 they got down to work. “The underground economy is flourishing,” said Dan Hubbard, chief technology officer at security company Websense. “They are not just more organized,” said Hubbard, “they are co-operating more and showing more business savvy in how they monetize what they do.”
The BBC’s Mark Ward reports that statistics gathered by firms combating the rising tide of computer crime reveal just how busy professional cyber thieves have been over the last twelve months. Security firm Sophos said it was now seeing more than 20,000 new malicious programs every day. 2008 was also the year in which Symantec announced a grim milestone: its anti-virus software now protected against more than one million viruses. The vast majority of these malicious programs are aimed at Windows PCs. Viruses made their debut more than twenty years ago but the overwhelming majority of that million plus total have been created in the last two to three years.
Criminal gangs generate so many viruses for two main reasons:
- Many variants of essentially the same malicious program can cause problems for anti-virus software which can only reliably defend against threats of which it is aware.
- In the past security firms have tended to focus on the big outbreaks. By staging a series of small outbreaks the criminals hope to go unnoticed while their family of viruses racks up victims.
Ward writes that another statistic from Sophos reveals how the tactics of the online criminal groups are changing. Before 2008 the preferred method of attack was a booby-trapped attachment circulating by e-mail. Provocative, pornographic, and personal subject lines were used to trick people into opening the attachment. Anyone doing so risked having hi-tech criminals hijack their home computer and turn them to their own nefarious ends. In 2008, said Graham Cluley from Sophos, the main attack vector started to shift. Increasingly, he said, attackers have tried to subvert Web pages by injecting malicious code into them that will compromise the computer of anyone that visits.
By the close of 2008, said Cluley, Sophos was discovering a newly infected Web page roughly every four seconds. The type of page being booby-trapped had also changed, he said. Prior to 2008 gambling, pornographic and pirated software sites were much more likely to be unwitting hosts for the malicious code used to hijack visitors’ machines. In 2008 the criminals turned their attention to mainstream sites that had
