Criminals who use the Internet to fuel their illegal activities are becoming increasingly organised, with some adopting strategies from the corporate world to further their illicit gains.
The news comes with the release of the Cisco 2009 Midyear Security Report, which details the tactics used by modern internet criminals in the commission of a variety of attacks such as the breach of corporate computer network and web site security, and the theft of personal information and funds.
For example, online criminals exploit current events to help spread viruses. When the story of the outbreak of ‘swine flu’ began to emerge throughout the world in April 2009, criminals quickly distributed emails promising preventative drugs to encourage unwitting recipients to click on harmful links that could either spread viruses or attempt to ‘phish’ for personal information such as card payment details by purporting to be a legitimate pharmacy site.
The report also details a practice known as ‘spamdexing’ where Internet criminals load websites with key words that are commonly searched for in search engines so as to entice great volumes of search traffic – a technique borrowed from the marketing world where it is known as ‘search engine optimisation’. Such sites typically offer downloads which appear to be legitimate software but in fact disguise malware such as viruses or ‘Trojan horses’, capable of passing partial or full control of a user’s machine to a third party.
While some attackers are adopting modern corporate strategies, some malware creators are tracking security efforts and releasing new strains to circumvent detection and prevention. For example, despite its detection in November 2008, the Conficker worm, which began infecting computer systems late last year by exploiting a Windows operating system vulnerability, continues to spread, with several million computer systems infected as of June 2009.
However, the report also warns against complacency towards some ‘old school’ threats that can be just as complex and rife as newer threats. For example, while many internet users are now aware of the danger of clicking on a suspicious link or attachment in an unsolicited email, the growth in popularity of social networking has made it easier for such attacks to spread as users are more willing to access content that appears to be endorsed by people they know and trust. As such, computer security and computer forensic experts need to be looking in new places to uncover old threats.
Patrick Peterson, Cisco fellow and chief security researcher said:
“Securing the Internet has long been a moving target as criminals develop increasingly sophisticated ways to breach corporate networks and obtain valuable personal data. What is striking in our latest findings is how, in addition to using their technical skills to cast a wide net and avoid detection, these criminals are also demonstrating some strong business acumen.
“They are collaborating with each other, preying on individuals’ greatest fears and interests, and increasingly making use of legitimate Internet tools like search engines and the software-as-a-service model. Some also continue to succeed using well-documented methods that in recent years have been downplayed as threats given the preponderance of new tactics.
“With criminals being so quick to identify weaknesses both in online networks and in consumers’ psyches, businesses need to adopt ever more advanced ways to fight cybercrime and remain vigilant across all attack vectors.”