Can something as commonplace as a Google search be hazardous to computer and network health?
Well, yes.
In November, links to fraudulent websites that delivered large payloads of malicious software, or "malware," including spyware, worms and trojans, polluted Google results pages.
Using botnets, which are networks of compromised computers remotely controlled by "bot herders," hackers were able to manipulate Google's rankings and place links to malicious websites near the top of search results pages. Someone searching for a firmware upgrade for their router might be greeted with several authentic-looking links to sites that would attempt to infect their system.
While the Google search example is just one of many high-profile Internet threats, it demonstrates the continuing evolution of cybercrime from mischief to big business, say security experts. And Canadian businesses are still taking a reactive approach to security rather than a preventative approach, finds a survey by security software firm Symantec Corp., 2007 Pulse of IT Security in Canada.
While once hackers sought status within their subculture by spreading worms or viruses that created disruptions, more and more of them are using malware to steal money or information. To make matters worse, cybercriminals are now marketing their wares by selling or leasing make-your-own malware kits that have the potential to balloon the number of threats on the Internet.
For example, a malware toolkit purportedly developed by a Russian group can be purchased online just like commercial software. Called MPack, the software can be used to exploit any number of vulnerabilities in Web browsers or to infect computers with keylogging software, which records a user's keystrokes. And, it comes with regular product updates and technical support. Bot herders, too, are profiting by leasing their botnets to other cybercriminals.
These tools allow those with even limited technical abilities to launch large-scale cyberattacks and partake in Internet-based crimes.
"In 2007, cybercriminals showed that they are [becoming]increasingly sophisticated and organized, having begun to adopt methods that are similar to traditional software development and business practices," says Dean Turner, director of Symantec's Global Intelligence Network.
According to Mr. Turner, who is also executive editor of Symantec's Internet Security Threat Report (ISTR), Symantec has seen an increase over the past two years in the commercialization of cybercrime.
The latest ISTR states 61 per cent of all disclosed vulnerabilities were Web application vulnerabilities, meaning cybercriminals no longer even need to actively target their victims. Instead, their victims come to them via compromised websites and applications.
This trend is bolstered, in part, by the rapid adoption of Web 2.0 technologies, say experts. Social networking sites and blogs are providing cybercriminals with access to large concentrations of computer users who implicitly trust the sites they are using.
"Malware writers consistently seek the easiest entry point into a network," says Mike Haro, senior security analyst at security firm Sophos. "The emergence of Web 2.0 has amplified the level of exposure by redefining how individuals interact with the Internet."
Although 2008 will see threats from more sophisticated and "intelligent" malware, Mr. Haro suggests that too many businesses still neglect baseline security measures.
This not only undermines IT security efforts, but also makes users with unprotected computers unwitting aids in the propagation of malware.
Experts repeat the old mantra: Users should install the latest computer updates and patches, keep security software up to date, and educate users on safe computing.
*****
Beware: malware
31
Percentage of respondents from the Symantec survey who reported viruses as daily occurrences
47
Percentage of respondents who estimate the cost to resolve a virus outbreak at less than $5,000
68
Percentage of respondents who spend less than 10 per cent of total IT budget on security
92
Percentage of perceived lost productivity as a consequence of malware
Source: Symantec 2007 Pulse of IT Security in Canada survey