Cybersecurity has become a pressing issue as the number of new viruses, worms, and Trojans that emerged in 2005 increased by nearly 50% compared to 2004.
According to statistics from Sophos, a UK-based security firm, there were 16,000 security attacks in the first 11 months of 2005, an increase of 5,276 compared to the same period in 2004. In November 2005 alone, the devastation caused by the Sober.z worm resulted in a record 1,940 attacks. If this trend continues, the total number of attacks over the next 12 months is projected to exceed 23,000.
Among the top three viruses, Zafi.d – a worm that spreads via mass email – ranked first with a rate of 16.7%, followed by Netsky.p at 15.7%, and the recently emerged Sober.z worm at 6%. This worm is expected to top the list of attacks soon if effective preventive measures are not implemented.
“Trojans are indeed a significant threat. The number of new Trojans has surpassed that of viruses and worms targeting Windows operating systems at a ratio of 2:1. In the first 11 months of 2005, 62% of attacks were caused by Trojans, while worms targeting Windows accounted for only 35% of the attacks,” noted Graham Cluley, a technology consultant at Sophos.
The increase in attacks via Trojans has been attributed to criminal groups targeting these as a means of making money. Cybercriminals are looking to exploit a small group of vulnerable victims, thereby amplifying their attack opportunities and bypassing security barriers.
Meanwhile, the way the Sober.z worm has attacked recently has been quite unusual; it does not target millions of computers just to cause annoyance but focuses on a sufficient number of machines to sell the stolen information to spammers.
In fact, cyberattacks aimed at illegally making money are not new, and with the emergence of numerous new Trojans, this trend is increasingly solidified. Statistics and analyses of cybersecurity in 2005 revealed the first identification of the “most common” characteristics of security attacks. Accordingly, 42% of attacks allowed others to access an infected machine, and 40% of intrusions caused the infected machine to automatically download codes from a deceptive website.
Additionally, 34% of attacks aimed at stealing information, while 16% were conducted through keyloggers – programs that capture what you do on your computer, such as keyboard input, mouse actions, opening applications, or visiting websites. By exploiting the features of keyloggers, hackers install them on your machine to obtain passwords or information about the computer to facilitate infiltration. One in ten attacks exploited a known security vulnerability, while one in six attacks attempted to disable antivirus software.
The report also highlighted new developments in the battle against spam. The current trend sees spammers targeting the stock market by sending a vast amount of spam that distorts stock information. They buy large quantities of stocks in small lots and then send out numerous emails to hype and inflate the stock volume.
As of November 2005, spam related to this sector accounted for 13.5% of total spam, a significant increase from just 0.8% at the beginning of 2005. “Spammers do not need to deliver any goods, nor do they even need to create a dedicated website. What they do to make money is effectively persuade many people to invest in stocks, and then they will sell their shares to profit from the difference. Even if the stock prices do not rise as expected, they do not incur significant losses. The unfortunate reality is that many of these types of spam can bypass anti-spam products because they do not contain links to any websites,” Cluley remarked.
Ba Lam
