Analysts also say the security threats IT managers wrestled with in 2004are morphing into bigger, more damaging, problems for the coming year.
This past year, IT workers have been under the gun more than ever,fending off more aggressive malware, along with more sophisticatedhackers who are professionals in it for the money, rather than teenagerslooking to show off to their underground hacker friends. IT also has hadto deal with armies of 'zombie' machines spewing out millions of piecesof spam and viruses.
And 2005 promises even more money-driven, professional and menacingschemes, according to industry analysts.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i ''In 2005... what we think has been bad so far, could be a whole lotworse,'' says Richard Fleming, chief technology officer and co-founder ofDigital Defense, Inc., a security services firm based in Dallas.
2004: New Online Gangs
This past year proved to be a tough one for IT security administratorswith the birth of phishing and heightened spamming attacks. Driving muchof these fraudulent teams and their scheming was one simple factor: cash.
Many analysts agree that the most damaging theme in security for 2004 wasthe deadly combination of social engineering, spam, phishing and viruseswith automated attacks.
Spammers teamed up with phishers this past year and together they createdconvincing, sophisticated schemes to steal not only email addresses butalso identities, Social Security numbers and personal financialinformation. To help them do this, virus writers and spammers builtarmies of zombie machines. First virus authors infected thousands, if notmillions, of computers with viruses and Trojans that opened backdoors,allowing remote control of the machines. Once they built up enough ofthese zombie machines, they then could use them to send out millions ofpieces of spam and more viruses.
''This was a defining year for this combination of the two classes ofthreats,'' says Gerhard Eschelbeck, chief technology officer and vicepresident of engineering at Qualys, Inc., a vulnerability managementservices provider based in Redwood Shores, Calif. ''It makes for a verypotent kind of attack.''
In the past, the majority of spam hitting inboxes and clogging mailservers contained advertisements for things like mortgages, Viagra andporn. Now, these emails also are carrying viruses, which sometimes infectcomputers without users even clicking on attachments. These viruses tendto go unnoticed by a user, but track a their Internet use, keystrokes andlogin passwords.
''Viruses and spam together can be an interesting problem,'' saysFleming. ''Not only are there now more emails with viruses attached, butnow hackers are able to exploit systems using malicious technology.''
When phishing schemes first hit the IT scene in 2003, the fake Web siteswere easier to detect, and the phishers relied mostly on the user toclick on a link or enter their personal information. Now, the game ismore sophisticated. The fake Web sites look authentic, making it easierfor a user to mistake it for a true site.
Another prevalent security theme of the past year was the rapid rate thatviruses and worms spread. Not only did malware work much faster, theseworms also infected new machines, such as mobile phones and InstantMessenger software. These technologies hadn't yet experienced much in theline of virus attacks, and analysts worry that security managers are notprepared for it.
''Mobility drives security exposure,'' says Andre Yee, president andchief executive officer of NFR Security, the Rockville, Md.-basedprovider of intrusion prevention systems. ''Security managers arescrambling to catch up with this threat.''
Analysts agree that the majority of these threats -- whether tohandhelds, IM or ordinary desktops -- are increasing in maliciousness.And it's largely because virus authors now are being egged on not just bytheir hacker friends, but by money.
''The whole threat environment is changing,'' says Timothy Keanini, chieftechnology officer of nCircle, a San Francisco, Calif.-basedenterpriseclass vulnerability management firm. ''We are seeing more andmore organized threats. The code, tactics and frameworks look like someof the best software designers' work, but it's actually the bad guys. Itis all more efficient and has much more reuse.''
The prospect of financial gain for hackers results in a scary situationfor users, says Steve Sundermeier, vice president of products andservices of Central Command, Inc., an anti-virus company based in Medina,Ohio. Viruses and worms proliferate at greater speeds than ever beforeand are much harder to detect.
''The dreaded result used to be a hard drive crash, but now people'slivelihood is at stake,'' Sundermeier says.
Continue on to see what analysts are predicting for next year's top security threats...
2005: The Coming Threat
If it's true that money is the root of all evil, 2005's forecast isdevilish.
''Organized crime will definitely be a factor in 2005,'' Sundermeiersays. ''If you know that you can turn a quick buck by gathering Gram andPa's email address and information, why not continue on the same path?''
Analysts concur that phishers will continue to team up with spammers andvirus writers next year, and their work will mature even more.
''There will be an evolution in the content and in the way that a messageis sent so it evades filters and fools recipients,'' says Andrew Lochart,director of product marketing at Postini, an email security andmanagement solutions company out of Redwood City, Calif. ''This can be alucrative business. It is a temptation for certain people to keep ontrying.''
The coming year will not see the end of this type of organized crime.
''Over the next four or five years, organized crime is going to becomemore rampant on the Internet,'' Fleming says. ''It is already huge, andvirus writers will continue to be paid.''
With big cash prizes behind every virus, analysts warn that anti-virusprograms may reach their limits, and that the window between when asystem's vulnerability is exposed and when a virus is implemented willreduce dramatically. The zero-day exploit is coming into play.
Analysts warn all IT managers and users alike that the only way to combatthese money-driven threats in 2005 is with increased awareness andproactive approaches.
What analysts are calling for is increased awareness and proactiveresponses.
And part of this proactive response, analysts say, is a change in themanner of prosecution for these crimes. There are great barriers torelated legislation and law enforcement, since the offenders are spreadfrom state to state, and around the globe.
''Courts are getting smarter in how to legislate Internet crimes,''Fleming says. ''Because now it is a global problem so who's law applies?[The courts] are slowing trying to take into account the cultural, legaland fundamental differences.''
The only way to effectively fight the threats of 2005 is to be aware andaggressive, analysts say.
''You have to be expecting you will be attacked,'' Fleming says. ''Youmust learn to be Internet-wise.''