Phishing, spyware and other pests continue to plague Internet
Friday, December 31, 2004
NEW YORK -- Computer worms raced around the world, leaving behind tools that spread spam. Scammers sent e-mail to trick bank account holders into revealing passwords. Rogue programs known as "spyware" hijacked Web browsers and crippled computers.
These were among the top Internet threats of 2004 as the perpetrators grew smarter and more sophisticated, driven more than ever by economic gains. And while technology to combat such threats has improved, experts concede that's not enough to address what's bound to emerge in the coming year.
The past year saw more industry attention to security: Microsoft Corp. upgraded its flagship Windows XP operating system, closing many loopholes and turning on a built-in firewall to thwart attacks. America Online Inc. gave away free security tools, and computer makers began installing software to combat spyware.
Dozens of products and services were developed to attack "phishing" -- e-mail pretending to be from trusted names such as Citibank or Paypal, but directing recipients to rogue sites.
But developers of malicious code have gotten better at automating their tools, as well as sharing information about vulnerabilities and techniques to exploit them through underground message boards and chat rooms, said Mark Rasch, chief security counsel for Solutionary Inc.
No longer are bragging rights the primary motive.
"It used to be cool to bring down sites, almost (like) graffiti for the 21st century," said Arthur Coviello Jr., chief executive for RSA Security Inc. "Today's worms and viruses are far more detailed, and specific attacks are directed at individuals and businesses for the purpose of economic, ill-gotten gains."
Virus writers have found new ways to infiltrate computers and networks, bypassing the protections inspired by their earlier methods of attack.
For instance, with more network administrators blocking attachments to stop viruses from spreading via e-mail, hackers managed in June to covert popular Web sites into virus transmitters by taking advantage of known flaws with Microsoft products.
They've also used viruses like "Mydoom" to deposit programs that let them take over infected PCs -- and then use them to relay spam or launch attacks on Web sites like Microsoft's. Ninety percent of viruses in 2004 carried a "backdoor" mechanism, compared with less than half in 2003, said Alfred Huger of Symantec Corp.
And once they've commandeered such PCs, they form networks of "zombies." Spammers buy access to these networks so they can send e-mail that appears to come from legitimate home computers, making them harder to tag as junk.
"They are well organized on the black market," said John Levine, co-author of "The Internet for Dummies."
Much of the malicious code appears to originate in countries without adequate laws to prosecute, experts say.
Meanwhile, law enforcement agencies and service providers are only beginning to establish guidelines for jointly chasing suspects who can move about with stealth in a medium that knows no borders.
Security experts rank phishing and spyware as the greatest threats for 2005, given how clever their developers have gotten in the past year.
Unlike spam pitching relatively cheap products like Vioxx, phishing scams can quickly drain entire bank accounts of unsuspecting users.
The number of rogue sites used for such scams grew sevenfold in just four months -- to 1,518 in November, from 221 in July -- according to Websense Inc., which compiles such data for the industry-backed Anti-Phishing Working Group.
By fall, phishers began automating their scams, embedding scripts within e-mail to launch a legitimate site like Citibank's along with a fake pop-up window that captures account information. Many users would mistakenly believe the pop-up came from the bank, said Jim Murphy, director of product marketing at SurfControl plc.
Spyware infections, once limited to careless downloads of free software, proliferated in 2004 as security gaps in Microsoft's Windows operating systems and Internet Explorer browser were exposed and exploited. These holes were used to slip in programs which can change a browser's home page or pop up endless ads.
Some security experts recommend using a non-Microsoft browser like Mozilla Firefox to reduce spyware and other threats. But in 2005, flaws with those alternatives are likely to emerge as they become more popular and more heavily scrutinized.
The coming year could also mean more threats via cell phones, instant messaging software and Internet-based phone systems, as well as desktop search utilities being developed by Microsoft, Google Inc. and others.
Users will need to bear the responsibility for security as much as software developers and service providers, said Johannes Ullrich, chief technology officer with the SANS Internet Storm Center, a research organization.
"Think about traffic," he said. "You do need good cars. You need good drivers. You need good roads. If any one of those isn't there, you'll end up with accidents."