IfG.CC - The Institute for eGovernment

Counterpane Internet Security and MessageLabs, have published their 2005 Attack Trends & Analysis report - their joint security research findings. The report analyses key cyber attacks -- including trojans, spyware, e-mail viruses and targeted attacks -- across 15 industry sectors, discusses how these attacks affect organisations and outlines the extent of potential damages.

"Hackers are starting to deploy tactics that bypass stronger authentication schemes," observed Alex Shipp, senior anti-virus technologist, MessageLabs. "We have seen a Trojan program that did not have to trick victims out of revealing their password, but instead waited for the victim to check their bank balance and the Trojan then silently siphoned money out of the account. We expect this kind of activity to become more prevalent as banks move to stronger forms of authentication, as tactics typically change only when they need to."

"Cyber attacks will cause greater damage to corporations in the coming years," warned Bruce Schneier, founder and Chief Technology Officer of Counterpane. "We estimate that some malware with a modest infection rate could cost a small company $83,000 a year. The larger a company is, and the deeper an infection goes, the higher the costs -- $1 million or more. And these are just direct losses. Factor in intangibles, such as reputation and customer trust, and the damage is even more severe."

Key Findings:

• The Healthcare business sector must consider the potential loss of life, remediation costs and wasted employee resources when completing a risk assessment of its corporate enterprise.

• Hackers are engineering Trojan attacks and targeted scans to exploit weaknesses in the security posture of financial institutions. The FBI, the IMF, and the FTC all agree the Financial Sector has become a lucrative target for the financially motivated hacker.

• Close to 40 percent of the Financial Services and Banking industry sector suffered the most Trojan attacks. This sector again outranked its peer industries as the most exposed to probes and enumeration attempts, at nearly 30 percent of total targeted scan attacks worldwide.

• Pharmaceutical-Healthcare is the industry most frequently attacked by spyware, and the Utilities, Power & Energy sector experienced the most significant increase of spyware infestation compared to any other sector.

• Spyware will become the new threat vector for hacking into the corporate enterprise, and the Healthcare, Pharmaceuticals, Utilities, and Power & Energy verticals are the most vulnerable.

• Cyber-criminals will further exploit Instant Messaging environments as business adoption of IM increases; IM presents an increasingly attractive criminal gateway into the enterprise.

• Spear Phishing targets the weakest links in a business' supply chain. Compromises can result in a loss of revenue, damage to reputation, and the potential imposition of regulatory and legal penalties.

"Security attack trends have rapidly evolved," concluded Schneier. "In just twelve months, cyber-criminals have moved away from deploying large-scale generalized attacks, like Blaster and Slammer, towards carefully engineered attacks calculated for precise outcomes. This approach is epitomized by 2005's epidemic of identity theft and financial fraud. Today's attackers are smarter and stealthier. They're much more likely to install spyware; they're more interested in making money. These attackers will continue to exploit enterprise networks for their own purposes, and it is essential that organizations keep their security vigilant to counter these threats."

Quelle: Publictechnology, 15.03.2006