|
McAfee warns of changing online threat patterns
9 January, 2005
by Mark Cox
Online security threats are evolving, and even though security
software has evolved with them, levels of danger remain high.
That's the overall thrust of a looking-ahead assessment from
McAfee®AVERT, the company's Anti-virus and Vulnerability
Emergency Response Team, for both the enterprise and consumer
markets.
McAfee AVERT anticipates that notwithstanding the recent
unveiling by Microsoft of an anti-spyware download which will
become part of the Windows operating system, Adware and unwanted
content, transmitted both through email and the Web, will
continue to increase in 2005, with these programs becoming
increasingly complex. This complexity will likely combine
with spam and phishing schemes, something that is already
being seen, as for example, spam encoded with exploit capabilities
to install spyware.
"Spyware is an absolute major issue for everyone we
deal with," said Jack Sebbag, general manager of McAfee
Canada. "It doesn't just slow down your computer, but
can also steal information."
On average, at least 13 adware components can be found on
every machine. Consumers are more affected by spyware/adware
threats and less by email- borne threats because most consumers
use Internet Service Providers that proactively scan and clean
email viruses before being delivered to the consumer.
Virus attacks certainly haven't gone away. McAfee AVERT has
assessed 46 threats as a medium risk or higher, compared to
2003's total of 20 threats reaching that same risk level.
Much of this came in the first quarter of 2004, and was due
to the Netsky and Bagle war.
"The concern is the much larger number of medium alert
viruses, more than in the two previous years combined, Sebbag
said. "Most companies could deal with a lot of these,
like the Bagles and MyDooms, but it just takes one infection
to occur to bring computers down."
Sebbag also noted that the lack of a recent destructive attack
shouldn't lull users into thinking that today's security software
has the problem under control.
"It's really important companies don't go to sleep,"
Sebbag said. "Anti-virus is as good as it will get for
getting signature files out fast, but it's still a reactive
technology. Organizations need to invest in proactive technologies
like intrusion prevention."
The danger of exploits, which target vulnerabilities in the
operating system, continues to be strong, McAfee says. These
programs are evolving rapidly, and could at some point, succeed
mass mailers, the dominant threat of the past six years. McAfee
AVERT reports that threats using vulnerable systems in 2004
totaled more than 380, exceeding totals in 2003 by approximately
50 per cent, and they expect this trend will grow, especially
as hackers are becoming quicker at producing exploits in attempts
to launch a major zero day attack.
"The danger of zero day attacks, where the vulnerability
hasn't even been announced by Microsoft, is there," Sebbag
said. "Guys are taking this code apart."
Users of PDAs and cell phones need to be aware that the growing
numbers of these devices will also become irresistable for
attackers, Sebbag said
Phishing scams designed to bilk users into giving confidential
data over the Internet are also growing, in part because awareness
is still not high, Sebbag said
"Phishing is still not understood by a lot of people,"
Sebbag said. "Consumers at home who are new to Internet
banking are vulnerable." Several banks have been popular
targets of these schemes, and while at first large American
banks were the victims, now smaller ones and some Canadian
banks are beginning to be affected, he noted.
"The banks are going to put huge investments into publicity
in this area, to educate people that banks will not ask people
for this kind of information over the Internet," he said.
|
