According to IBM's January 2006 Global Business Security Index Report from IBM's Global Security Intelligence team, IBM is seeing a fundamental evolution in cybercrime from pervasive global outbreaks to smaller, stealthier attacks targeted at specific organizations for extortion purposes. High profile arrests of cybercriminals in the U.S. and around the world last year pointed to individuals linked to organized crime and motivated to make money.
The global IT threat landscape spent most of 2005 at the medium level, notes the report, with fewer global outbreaks of malware than in 2004. But with professional, profit-driven organized crime groups supplanting amateur hackers as perpetrators of cybercrime, attacks have become more targeted and more damaging.
According to the report:
- Phishing attacks continued to escalate in 2005, with phishing representing one in every 304 e-mails, compared to one in every 943 in 2004. Phishing attacks also became more sophisticated, with "spear phishing" attacks deploying targeted spam that appears as though it has originated from inside the organization, typically from the IT or HR department.
- Targeted e-mail attacks spread last year, with two to three attacks intercepted every week, up from a negligible amount in 2004. Typically, these attacks are directed at government departments, military organizations and other large organizations, particularly in the aerospace, energy, legal and human rights fields. The motive can be financial, competitive, political or social.
- Malware is becoming more ingenious, by integrating botnet capabilities into existing malware. One prominent example last year of this trend was Mytob, which added botnet and other enhancements to the Mydoom worm.
IBM's Global Business Security Index Report assesses, measures and analyzes potential network security threats based on information gathered by IBM's 3,000 worldwide information security professionals, thousands of monitored devices and security partners. IBM publishes the Global Business Security Index Report monthly.
|
