Attackers Choose Fortune Over Fame - InformationWeek
IoT
IoT
News
News
9/19/2005
05:36 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%
RELATED EVENTS
Faster, More Effective Response With Threat Intelligence & Orchestration Playboo
Aug 31, 2017
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the ...Read More>>

Attackers Choose Fortune Over Fame

Attackers are developing portfolios of techniques for making money with cybercrime.

Widespread attacks by hackers seeking notoriety are becoming less popular, as cybercriminals instead focus on targeted attacks for profit, Symantec Corp. reported Monday in its biannual Internet Security Threat Report.

Some attackers are earning fees each time a piece of malware is downloaded onto a computer. Others are demonstrating functionality before sale of malware. Hackers also are offering bot networks for hire, allowing attackers to extort money from E-commerce sites by threatening denial-of-service attacks.

Symantec found denial-of-service attacks alone have grown 680% since last year.

Credit-card and banking details and other confidential information are getting exposed more frequently, according to the report. Programs and code that uncover confidential information represented 75% of the 50 most prevalent pieces of malware in the last six months, a 37% increase over the previous six.

Meanwhile, vulnerabilities in programs were uncovered in record levels. Almost half of these vulnerabilities were classified as "high severity" by Symantec. Almost 60% were in Web applications. "Web applications are an underestimated risk," report editor Dean Turner says, noting that bugs that exploit these vulnerabilities are simple and easy for hackers to find.

Symantec also saw an increase in the number of targeted attacks. The most frequently targeted sector is small business, followed by accounting and education. Small businesses account for 38% of all attacks, despite a Small Business Technology Institute study that reported 80% of small businesses think they have sufficient security in place.

The Symantec report also dealt with future attacks. Symantec predicts that bots and bot networks (hijacked ad hoc networks of machines) will increase in number and sophistication. It predicts an increasing presence of modular malicious code, code that downloads additional functionality to a machine and can be repurposed remotely to do more malicious things. The company also sees emergent voice-over-IP and wireless security threats because many users of these technologies do not take security precautions. Said Turner, "As new technologies emerge, so do risks."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll