Camouflage attacks now standard for cyber-criminals


12 Feb 2008

An organised criminal network is behind a staggering rise in the sophistication of attacks on computers worldwide, according to a new security report from IBM’s X-Force security team.

Cyber-criminals are attacking computer users’ web browsers and are now stealing the identities and controlling the computers of consumers at a rate never before seen on the internet. IBM X-Force said this criminal effort will result in thousands of additional attacks in 2008.

The IBM report found that a complex and sophisticated criminal economy has developed to capitalise on web vulnerabilities, with underground brokers delivering tools to help cyber-criminals camouflage their attacks on browsers.

In 2006, only a small percentage of attackers employed camouflaging techniques but this number soared to 80pc during the first half of 2007 and reached nearly 100pc by the end of the year.

Using these techniques, cyber-criminals can infiltrate a user’s system and steal their IDs and passwords or obtain personal information like national identity numbers, PPS or social security numbers and credit card information. When attackers invade an enterprise machine, they could steal sensitive company information or use the compromised machine to gain access to other corporate assets behind the firewall.

There will be a proliferation of these kinds of attacks in 2008, according to IBM.

“Never before have such aggressive measures been sustained by internet attackers towards infection, propagation and security evasion,” said Kris Lamb, operations manager, X-Force research and development for IBM internet security systems.

“While computer security professionals can claim some victories, attackers are adapting their approaches and continuing to have an impact on users’ experiences. The Storm Worm provides a microcosm of the kinds of threats users faced in 2007. All in all, the exploits used to spread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by downloads by way of web browser exploitation.”

The Storm Worm, the most pervasive internet attack last year, continues to infect computers around the world through a culmination of the threats the X-Force tracks, including malicious software (malware), spam and phishing. Last year, delivery of malware was at an all-time high, with a 30pc rise in the number of malcode samples identified. The Storm Worm comprised around 13pc of the entire malcode set collected in 2007.

The report did uncover some good news for the internet security industry. Last year, for the first time ever, the size of spam emails decreased sharply to pre-2005 levels. IBM’s X-Force team believes the decrease is linked to the drop off of image-based spam, thanks in large part to anti-spam technologies becoming more efficient.

The X-Force report from IBM also found that the number of critical computer security vulnerabilities disclosed increased by 28pc, while the overall number of vulnerabilities reported for the year went down for the first time in 10 years. However, of all the vulnerabilities disclosed in 2007 only 50pc can be corrected through vendor patches and nearly 90pc of 2007 disclosed vulnerabilities are remotely exploitable.

By Niall Byrne