Cisco: Cybercriminals more savvy than ever in 2008

The annual Cisco security report shows increases in hacker tactics, Web threats, Internet cybercrime, email spam and virtualization vulnerabilities.

Internet criminals are always devising new tactics but this year they reached incredible new levels in sophistication and specialization, according to security researchers at San Jose-based Cisco Systems Inc.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

"We've seen a streak of capitalism to maximize their profits and an ability for them to work together in ways that are truly mind boggling," said Patrick Peterson, Cisco fellow and chief security researcher.In the Cisco Annual Security Report released Monday, researchers reported seeing a 90% growth in threats originating from legitimate domains this year, nearly double of what they saw in 2007. Other key findings from the report: Spam accounted for nearly 200 billion messages every day -- about 90% of email sent worldwide, and the overall number of disclosed vulnerabilities grew by 11.5%. Specifically, vulnerabilities in virtualization products shot up to 103, up from 35 last year.

Listen to the interview:
Information Security magazine's Marcia Savage interviews Patrick Peterson, Cisco fellow and chief security researcher about Cisco's Annual Threat Report. (8 min)

Download Mp3

Peterson cited CAPTCHA breaking for "reputation hijacking" as an example of criminals' increased savvy. CAPTCHA, or Completely Automated Turning Test to Tell Computers and Humans Apart, is used by free webmail services as a security measure when new accounts are created, but criminals are using automated and manual processes to circumvent the technology, Peterson said.

Businesses have popped up in India and China that employ people to manually type in the distorted text used in CAPTCHA tests, which are designed to ensure the response is not computer-generated, he said. Criminals then use the email accounts, which appear legitimate, for more effective spam delivery, targeted phishing attacks and to distribute links to malicious websites.

According to Cisco estimates, spam due to email reputation hijacking of the top three webmail providers -- Yahoo, Google and Microsoft -- accounted for less than 1 % of all spam worldwide but made up 7.6 % of all the providers' mail.

Related threat reports:
Flash, PDF are growing malware targets: Security vendor Finjan reports a growing army of cybercriminals are buying cheap toolkits to exploit the Web.

Cybercrime leaves cybercops in the virtual dust: McAfee report paints bleak picture of Internet law enforcement.

Spam declines, Web-based attacks rise, says MessageLabs: Spam was down 3.4% in 2008, but attacks on social networks and flaws in websites are rising, according to an annual report from Symantec's MessageLabs.

The report also shows that criminals exploited vulnerabilities in Web browsers, media players and browser plug-ins -- what Cisco calls the Web ecosystem -- to gain control of computers, networks and data.

Developers are rushing to provide functionality for rich media content on the Web, but the report shows that's not always done securely, Peterson said.

Web security should be a priority for enterprises next year, and they should also fine-tune their procedures for patching and updating software, he said. "Part of that criminal specialization is finding these vulnerabilities and weaknesses in our software and getting them published…much more quickly than we've seen one or two years ago," he said.

One type of attack actually declined this year, according to Cisco: Malware propagated via email attachments. The number of email attachment-based attacks decreased 50% over the past two years compared to 2005-2006.

Dig deeper on Security Industry Market Trends, Predictions and Forecasts

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close