Internet criminals are increasingly operating like successful businesses, Cisco said in its 2009 mid-year security report. The assessment found that those who are intent on pursuing illegal on-line activities are borrowing some of the best strategies from legitimate companies and forming partnerships and alliances with one another to help make their pursuits more lucrative. In outlining some of the most common technical and business strategies that criminals use to breach corporate networks, compromise Web sites and steal personal information and money, Cisco offers recommendations for protecting against some of the newer types of attacks that have surfaced recently; recommendations that incorporate people, processes and technology as an overall holistic risk management solution. The organization also advises heightened vigilance against some ‘old school' approaches that are just as sophisticated and prevalent as the newer threats. “Securing the Internet has long been a moving target, as criminals develop increasingly sophisticated ways to breach corporate networks and obtain valuable personal data,” said Patrick Peterson, Cisco fellow and chief security researcher. “What is striking in our latest findings is how - in addition to using their technical skills to cast a wide net and avoid detection - these criminals are also demonstrating some strong business acumen,” he added. “ Last Tuesday, Cisco security executives utilized a live interactive IPTV broadcast to evaluate the report's findings and to discuss best practices to effectively counteract increased criminal sophistication. Among the threats included in the talk were those presented by worms, with the rise in social networking meaning that it is now easier for worm attacks to be launched. The proliferation of online communities has made it much more likely for users to click links and download content they believe are sent by people they know and trust, spreading worm attacks throughout the Net. An example of the havoc that can be wrought from such an attack was demonstrated by the Conficker worm, which began infecting computer systems late last year. The combination of advanced malware techniques exploited a Windows operating system vulnerability and continues to spread, with several million computer systems being under its control as of June 2009. The tendency of criminals to co-operate in order to enhance the effectiveness of their illegal activities was also highlighted during the discussion. Botnets, networks of compromised computers, serve as efficient means of launching attacks and increasingly, botnet owners are renting out these networks to fellow criminals, effectively using these compromised resources to deliver spam and malware via the software-as-a-service (SaaS) model. Peterson acknowledges the increasing propensity for on-line criminals to work together. “They are collaborating with each other, preying on individuals' greatest fears and interests, and increasingly making use of legitimate Internet tools, like search engines and the software-as-a-service model, he said. “Some also continue to succeed using well-documented methods that in recent years have been downplayed as threats, given the preponderance of new tactics,” he added. During the session there was also discussion about on-line criminals launching attacks off the back of major news stories; something that was highlighted by the illegal activities reported in April after the outbreak of H1N1 influenza, or ‘swine flu.' Following this event, cyber criminals quickly blanketed the Web with spam that advertised preventive drugs and links to fake pharmacies. In fact, spam continues to be one of the most established ways to reach millions of computers with legitimate sales pitches or links to malicious Web sites. A staggering 180 billion spam messages are sent each day, representing about 90 percent of the world's e-mail traffic. Spam messaging remains a major vehicle for spreading worms and malware, as well as for clogging Internet traffic. Of the newer threats to merge, text message scams were seized upon as being a significant development. Since the start of this year, at least two or three new campaigns have surfaced every week targeting handheld mobile devices. Cisco describes the rapidly growing mobile device audience as a “new frontier for fraud irresistible to criminals.” With some 4.1 billion mobile phone subscriptions worldwide, a criminal may cast an extraordinarily wide net and still walk away with a nice profit, even if the attack yields only a small fraction of victims. To guard against the evolving on-line threats to personal users, small businesses, larger corporations and even governmental institutions, Peterson stresses the importance of keeping up-to-date on the nature of Internet attacks. “With criminals being so quick to identify weaknesses both in online networks and in consumers' psyches, businesses need to adopt ever more advanced ways to fight cybercrime and remain vigilant across all attack vectors,” he said. __
