Malware danger and profitability rising

Symantec, FBI reports show general increases in money-driven threats.

Two major new reports on computer security issues have shown a steady rise in just about every aspect of security risk, with increased danger from each vector in some way linked to financial motives.

According to Symantec's report on the threat landscape in the second half or last year, released last week, viruses, worms and trojans, exploitation of vulnerabilities, spam and phishing, spyware and data theft were all up on previous figures.

The report shows a decrease in volume of network worms, with a matching increase in the numbers of trojans seen, and also reckons that while half of the top ten malcode families are viruses and worms and half are trojans, the trojans have the edge in terms of potential to infect.

The US was again the major source of malware and spam, and although China has the lead in terms of machines infected with bots, most are controlled from the US, and the States is also home to most spam-sending bots. More detailed figures on these and many other issues can be found in the full report, which can be found here.

The FBI's report, which covers the whole of 2006 and was put together in association with the National White Collar Crime Association, focuses on fraud and other online crime. While the number of reports received was down slightly on the previous year, the total amount of money stolen online rose from $183 million to over $198 million, with an average loss of $724 per person or organisation defrauded.

The majority of fraudsters were thought to be located within the US, auction sites were the most commonly targeted, and the main vector for fraud was email, with almost three-quarters of fraud attempts arriving via spam or phishing mails rather than directly from malicious websites. More details and the full report can be found here.

22 March 2007

Tags: del.icio.us digg this