Security Threats Won't Let Up - InformationWeek
Software // Enterprise Applications
03:55 PM

Security Threats Won't Let Up

Attacks on business networks are expected to grow As use of spyware increases. The good news? As risk increases, companies are paying attention.

The number of tools available to combat spyware is growing, and they're getting more effective. They're offered by software vendors that specialize in standalone spyware-removal apps, such as offerings from PestPatrol Inc. and Webroot Software Inc., which have apps to scan and remove spyware. And antivirus vendors such as Symantec Corp. and Network Associates Inc. have begun adding spyware-detection and -removal software to their antivirus apps.

Spyware also is attracting the attention of politicians. Lawmakers are expected this year to introduce a new version of the Safeguard Against Privacy Invasions Act, a bill to prohibit spyware. Reps. Mary Bono, R-Calif., and Edolphus Towns, D-N.Y., have been working with privacy-rights groups and the IT industry to refine the bill. One of the primary goals of the act is to direct the Federal Trade Commission to prohibit the installation of spyware on computers used by financial institutions or the federal government, unless the user first agrees to the snooping.

Another trend that experts expect to see this year is more spammers making use of virus-writing tools and techniques. Spammers are using the tools of virus writers to anonymously send their ads. Vincent Weafer, senior director of development at Symantec, says spammers will continue to use viruses and Trojan horses to infect computers so they can then use those machines to anonymously send out waves of E-mail. "They're now turning to home-user and small-business systems," Weafer says. "They're hijacking tens of thousands of vulnerable systems and turning them into anonymous spam mailers."

chartMore than 65% of the spam messages intercepted by E-mail security firm MessageLabs, which filters spam and viruses for companies, are sent from PCs that have been hijacked by spammers and transformed into spam relays, the company reports. This trend came to light with the Sobig.F virus. At the peak, MessageLabs says one in every 17 E-mails it intercepted contained a copy of the Sobig.F virus. By Dec. 1, it had stopped more than 32 million E-mails infected with the virus.

Many security experts believe the writer or writers behind the Sobig.F virus were actually spammers or working with spammers, looking to use that virus to infect thousands of machines that could then be used to anonymously blast millions of spam messages. The technique keeps spammers' identities secret and can also sidestep black lists used by Spam filters. Sobig.F's success will likely lead to similar outbreaks.

Another relatively new and growing danger: peer-to-peer networks and instant messaging. Expect virus writers and snoops to start exploiting the popularity of peer-to-peer networks, such as Grokster, Kazaa, and Morpheus, and instant-messaging services offered by America Online and others.

Any company with employees using peer-to-peer file-sharing networks is inviting trouble. Consider the following experiment conducted by Bruce Hughes, director of malicious-code research at TruSecure Corp.'s ICSA Labs. He set up a crawler program on Kazaa and other peer-to-peer networks, scanning for popular file types using keywords such as sex and antivirus. Hughes says 45% of the files he downloaded contained malicious applications. "If you're downloading files from these networks, you're going to get infected with something," he warns.

Almost all the big attacks last year were aimed at Microsoft PC and server software. This year, new threats will appear aimed at emerging operating systems and devices, such as Linux, handheld devices, and smart cell phones. "We'll see a cell-phone virus. It's almost a certainty," says David Perry, global director of education for antivirus and content security firm Trend Micro Inc. "We'll also probably see a virus designed to spread over wireless LANs. We just don't know when; it could be this year or it could be five years."

Linux is more susceptible to attack because it offers increased functionality and more users are using a graphical interface such as Lindows, which makes Linux easier to run, says TruSecure's Hughes.

Still, most experts agree that Microsoft will remain the target of choice for worm and virus writers, at least for the short term, because of its market dominance.

2 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll