Stealth internet attacks on the rise
By Rene Millman,
The number of stealth attacks on internet users has grown steadily over the last six months and is set to continue, according to a new report.
The research carried out by IBM Internet Security Systems' X-Force research team identified and analysed more than 210,000 new malware samples, already exceeding the total number of malware samples observed over the entirety of 2006.
The research team also uncovered a thriving industry in managed exploit providers. These criminals buy exploit code from the underground, encrypting it to prevent others pirating the code before selling it on to spam distributors.
The criminals now lease the exploit to other gangs to test exploitation techniques while buyers make a smaller initial investment, mirroring the legitimate business model of managed service providers. The leasing of exploits is said to make the option more attractive to criminal gangs.
Trojans make up most malware discovered on the internet this year, accounting to 28 per cent of all malware. This compared to 2006 when downloader malware was the most common category.
"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force for IBM Internet Security Systems. "This directly correlates to the rise in popularity of trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."
Obfuscated malware also appears to be on the increase this year. This type of malware makes it difficult for signature-based intrusion detection and prevention products to detect attacks. In 2006, 50 per cent of websites hosting exploit material obfuscated their payload. This year that figure reached 80 per cent.
However, a slight decrease in the overall number of vulnerabilities was reported when the first half of this year was compared to the first half of last year. A total of 3,273 vulnerabilities were identified in the first half of this year, marking a decrease of 3.3 per cent compared to the first half of 2006.
According to the researchers, the increasing profitability of malware has meant that vulnerabilities are now remaining undisclosed as criminals use them to make money.
The full report can be found here.
advertisement
Latest Security Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 mobile features of 2009
- Top 10 security predictions for 2009
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- Top 10 business phones of 2008
- 15 tech charities that need your help
- PCI's Bob Russo: Data loss hurts brand more than a fine
Latest Security Reviews
Fujitsu Siemens FibreCAT SX80 iSCSI
Rating: 
advertisement
Latest News Videos in Security
Video: Mobile security threats and Mac complacency
PlayPart two: Eugene Kaspersky, chief executive and founder of Kaspersky Lab, talks about the increasing security threats mobile users are facing.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?