Internet attackers now target home users

Monday, September 25th, 2006

The threat has shifted, says report by Symantec

Gillian Shaw

Home users are now the top target for Internet attackers, who are launching increasingly sophisticated attacks.

That’s the sobering warning from Symantec’s latest Internet security threat report, released today.

And those attacks can be triggered simply when someone visits a website, according to Symantec.

The attackers capitalize on successful computer break-ins by stealing confidential data such as banking passwords and also by using the captured machines — known as bots — to launch full- scale attacks against financial institutions and other lucrative targets.

From January to June 2006, the period of the report, home users attracted 86 per cent of targeted attacks, followed by financial institutions at 14 per cent.

In Canada, Symantec said Desjardins tops financial institutions for the number of phishing attacks against it, followed by RBC taking No. 2 spot, the Bank of Montreal at No. 3 and Toronto Dominion and CIBC at Nos. 4 and 5 respectively.

“The motivation is the same, but what is really starting to change is the way these guys are going after this information,” said Dean Turner, Symantec’s Calgary-based executive editor of the report. “In the past they were focused on networks and infrastructure vulnerabilities.

“They have shifted their focus to home users. Home users are the weakest link in the security chain.”

The cyber-fraud artists are finding a bonanza in exploiting software weaknesses, with Symantec recording 2,249 new vulnerabilities in the first six months of this year, up 18 per cent over the previous six months and the highest number ever recorded for a six-month period.

Vulnerabilities are glitches in software that can leave the computer open to unauthorized entry and tampering from outside, providing openings for such malicious software as Trojan horses and keystroke loggers to infiltrate computer systems.

In the first six months of 2006, 80 per cent of the vulnerabilities identified were considered easily exploitable, meaning Internet attackers would have little trouble in capitalizing on them to launch their attacks.

While Mozilla Web browsers had the most vulnerabilities at 47, compared with Windows Internet Explorer at 38, Microsoft’s IE had an average window of exposure of nine days, meaning it took that long between the time the vulnerability was identified and a fix issued for it. By comparison, Mozilla’s window of exposure was only one day.

Also, Turner said that with IE accounting for 83 per cent of the browser market, is it the most attacked browser software by far.

“What we are talking about is a move to more targeted attacks,” said Turner. “We are seeing much more sophisticated malicious code.”

Turner said there has been a shift to polymorphic viruses, viruses that change every time they replicate and infect a new machine in a way that makes it difficult for antivirus programs to track them.

China is the world leader in terms of the number of bot computers within its borders — 20 per cent of the 4.6 million bot computers active around the world at any one time are in that country. The bot computers are controlled by command and control servers, often in other countries.

© The Vancouver Sun 2006


Comments are closed.