McAfee predicts cybercrime meltdown

Research from McAfee's Avert Labs predicts a nightmare future of more sophisticated cybercrime and the development of further technological means to carry out external attacks.

According to McAfee, gangs of thieves around the globe are connecting online in greater volumes than ever before, helping their attacks to hit faster, in greater volumes and with increasing sophistication.

McAfee's Sage journal is a round-up of the company's ongoing security research. It predicts that everything from spam to spyware will become more dangerous over the course of 2007. The report predicts that hackers will look for fresh ways to exploit for cash consumers' PC.

According to McAfee experts, the drive for profits among hackers and malware code writers will dominate development of the threat landscape over the next 12 months. This is a continuation of the situation in 2006.

"The overall trend remains more attacks geared toward making money that make use of malware or support people making malware," said Dave Marcus, security research manager with Avert Labs.

"What's surprising is the service and support that's going on around the malware industry; there are more sites selling custom Trojans with support contracts and attacks coded to target banks of the buyer's choice and more malware suppliers offering patches and variants to their users."

Marcus said it is impossible to tell if there are a number of tightly organised hacker groups worldwide as only a few intentionally identify their own work by leaving clues or outright signatures bearing their names.

What is more likely, said the researcher, is that loosely-knit groups of malware writers and fraudsters are forming on underground messaging systems and then disbanding after carrying out waves of attacks.

"It's still a very distributed network, most of these people never meet face-to-face, they use secret chatrooms and bulletin boards and other very distributed systems of communication that make it difficult to say how many people are involved and even harder to take them out," Marcus said.

"In a lot of ways, the criminals are doing a better job of communicating than the security industry itself; we tend to operate in our own groups, whereas these people are sharing code and algorithms and doing so on an increasingly frequent basis."

Among the specific trends outlined in the report are expectations for the continued growth of botnets with the cooperation among hackers adding to the problem via group efforts to develop and refine threat code in the same manner that open-source contributors work in a community. The vast majority of botnets will continue to target flaws in Microsoft products and propagate themselves through buffer overflows, according to the report.

More here

The Sage report continues on to outline continued growth of spam and spyware, two of the most publicised issues in the IT world today, and raises questions over the efficacy of security features added to Microsoft's newest Windows Vista operating system.

In a nod to another high-profile problem plaguing enterprise businesses, the research also delves into the issue of data leakage. Incidents like retailer TJX Companies' systems intrusion that allowed hackers to make off with over 45 million consumer records, many of which contained sensitive credit card data, will occur more frequently, Marcus said.

As the incidents pile up and lawmakers respond with new legislation aimed at punishing companies that cannot protect sensitive data, businesses will be actively seeking technologies that help address the problem, according to McAfee.

One of the issues caused by this trend will be IT executives who move to add new technologies without considering all the alternatives and before creating the policies necessary to be successful at defending their information, according to the researcher.

"This influx of new technologies might be overwhelming with lots of point products being marketed as the solution to this problem, but people need to step back and take a long look at how they manage data from a macro point of view if they want to improve protection," said Marcus.

"A lot of the solutions might come from technologies that are far from new," he said. "Host-based intrusion protection isn't new, but we see it being applied in new and interesting ways to address data exposure, and encryption has been around forever, but rarely has it been correctly understood or applied."

Submit to:Digg Slashdot Del.icio.us Reddit

• FREE email newsletters. Get news, reviews and features straight to your inbox
• For videos of the latest products, visit PC Advisor TV
• Sign up for RSS to get the latest news and reviews, direct to your desktop
• Get PC Advisor news, reviews and blogs on your website for free

Latest technology news:

• British Library to offer 65,000 free ebooks in Amazon deal
• More companies look to virtualisation says Citrix
• Antivirus programs fail to stop new malware
• NASA's Endeavour blasts off on last mission to space station
• Toyota in Prius global recall after braking software fault