Security firm Sophos has seen a dramatic rise in the number of viruses, worms and Trojan horses this year as more organised criminals turn to cybercrime.
The firm reported last week that it had detected 7,944 new pieces of such malware in the first six months of this year — almost 60 percent more than the same time last year.
The biggest growth was in Trojan horses — programs that can damage a user's files, steal information, or even create a backdoor that can be used to compromise that PC.
Trojans cannot self-propagate in the same way as viruses, so they have typically been less prevalent. According to Sophos, their increased popularity shows the extent to which the creation of malware is increasingly becoming the preserve of professional criminals.
"There's been a shift towards Trojans to make money," said Graham Cluley, senior technology consultant at Sophos.
The IT security landscape has changed over recent months, with credit card fraud gangs, virus writing gangs, spammers and malicious hackers becoming more closely entwined, added Cluley.
One factor may be the anti-spam legislation that has been passed in many countries. Although these laws have been condemned as toothless in some quarters, Cluley claimed the legislation has helped to educate users to avoid unsolicited mail. As such, spammers have been forced to widen their activities.
2005 has seen several high-profile instances of businesses being hit by cybercrime. Back in March, it emerged that police had foiled an attempt to steal £220m from Sumitomo Mitsui Bank using keystroke loggers.
The top 10 viruses detected by Sophos so far this year all took advantage of flaws in Microsoft products, as virus writers target what Sophos calls "the great unwashed public".
But attacks directed at specific organisations could also take advantage of problems in other software, warned Cluley.
"We're also seeing vulnerabilities in Linux, Unix and Mac software too. No-one's perfect," he said.
Today's cybercrime gangs
Who are these mysterious organised criminals who have taken to writing viruses and launching cyberattacks? Cluley cited three gangs who he said epitomised the threat.
Superzonda
Superzonda have been known to be a threat for at least the last two years.
The BBC reported in July 2003 that Superzonda operated 24 hours a day, seven days a week, all over the world. Cluley said of them: "Until recently they were sending 50 million spams a day, but recent anti-spam legislation has reined them in."
The BBC also reported that Superzonda used British Airways without its knowledge to host a Web site advertising Russian mail order brides.
HangUp
HangUp, based in Russia, is suspected of writing viruses that steal financial information.
Reports claim that they plant software bugs to steal passwords, and rent out huge networks to send out viruses and spam. HangUp allegedly has 4,000 members operating worldwide, including Americans, Brazilians, Britons, Russians, and Spaniards.
ShadowCrew:
ShadowCrew were a massive underground network of criminals who bought and sold credit-card details, social security numbers and identification documents. They sold credit-card numbers, email accounts, passports, driver's licenses and student IDs, and were estimated to have caused over $4m (£2m) in losses for card issuers and banks.
However, the US Secret Service broke up the gang in 2004. Cluley said it was "great" that they had been smashed, but warned that "they are now fractured" so it could be hard to keep track of individual offenders.
Talkback
FROM CYBERCRIMES TO CYBER TERRORISM
The present trend of using malware for committing organised crimes is a paradigm shift of the tradition crime to cyber crime and is on the penultimate stage of being originating and labeled as cyber terrorism. The laws all over the world are looking in an impotent manner and the technological terrorism is teasing them with lot of misappropriated wealth in its coffers.
The problem of cyber terrorism is multilateral having varied facets and dimensions. Its solution requires rigorous application of energy and resources. It must be noted that law is always seven steps behind the technology. This is so because we have a tendency to make laws when the problem reaches at its zenith. We do not appreciate the need of the hour till the problem takes a precarious dimension. At that stage it is always very difficult, if not impossible, to deal with that problem. This is more so in case of offences and violations involving information technology. One of the argument, which is always advanced to justify this stand of non-enactment is that “the measures suggested are not adequate to deal with the problem”. It must be appreciated that “something is better then nothing”. The ultimate solution to any problem is not to enact a plethora of statutes but their rigorous and dedicated enforcement. The courts may apply the existing laws in a progressive, updating and purposive manner. It must be appreciated that it is not the “enactment” of a law but the desire, will and efforts to accept and enforce it in its true letter and spirit, which can confer the most strongest, secure and safest protection for any purpose. The enforcement of these rights requires a “qualitative effort” and not a “quantitative effort”. Thus, till a law dealing expressly with cyber terrorism is enacted, we must not feel shy and hesitant to use the existing provisions in a “purposive and updating manner”.
The growing use of malware for committing the organised technological crimes is the last step to launch a well calculated and organised global cyber terrorism. The sooner we realise it and curb it the better it will be for the netizens at large.
Doesn't help when senior managers surf non-work related sites (ones that contravene company policy - if you know what I mean) and get hit by trojan-exploit viruses, then claim their innocent!