Cyber Criminals: Savvy, Professional, and Organized
Malware goes mainstream.
Think service contracts, personalization, and upgrades. It’s all there. Suppliers of malware have become quite sophisticated in their offerings. Their motivation? Think one simple word: profits.
Malware suppliers have adopted many of the same business practices used by leading software providers. But they are going one step further. By embracing their competitors, malware suppliers are becoming more like a consortium in their ability to strategically deliver customized offerings, to tap into synergies, and, significantly, to share market intelligence.
Large enterprises may continue to be the most visible of the victims of cyber crime, but they are no longer its main focus. Small to medium-sized firms provide much more viable targets. But how do malware suppliers find the right targets?
One thing is for sure: they are not reinventing the wheel.
Malware suppliers are borrowing market research concepts and turning them into tools that can gather relevant information about potential targets. Armed with treasures such as browser version, operating system software, IP address, and level of security patch, malware writers have a ready end-user profile at hand.
The Internet Security Systems X-Force team at IBM, headed by Gunter Ollman has been actively researching the methods used by cyber criminals. In a recent Info World article, Ollman states that the most sophisticated of these cyber criminals are trading information such as IP addresses to ensure that their latest work is not discovered.
Though they may not have face-to-face meetings or send e-mail correspondence, these cyber criminals have other means of communicating with each other. Whether through chat rooms or bulletin boards, they collaborate in ways that help extend the reach of their malicious code.
There is strength in numbers.
As recently reported in Info World, McAfee’s latest research report shows that criminals are connecting in greater volume than ever before. Dave Marcus, a security research manager at McAfee’s Avert Labs believes that the criminals are doing a better job at communicating than the security industry itself.
Countries like Russia and China, which do not participate in worldwide groups that fight malware use, have become hotbeds for cyber criminals. With no shortage of outlets for the distribution of their malicious code, their activity is expected to flourish in 2007.
VoIP systems are expected to see an increased volume of threats, as are mobile devices like smart-phones. Threats in the form of phishing attacks, spyware, and mobile spam will become more commonplace.
What’s an end-user to do? Natalie Lambert, of Forrester Research, recommends using a multi-layer approach to safeguard yourself. Having a single security measure, such as an anti-virus program, is no longer enough and can’t protect against specific, targeted attacks, the type that are becoming de rigueur for sophisticated malware suppliers.