Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same.

US Economy loses billions in Cybercrime every year

According to the recent report released by a Congressional research and investigation agency, cybercrime has emerged as a threat to America’s economic and security interests. According to it, computer crime, identity theft and phishing cost the US economy $117.5 billion a year.

These projected losses are based on direct and indirect costs that may include actual money stolen, estimated cost of intellectual property stolen, and the recovery cost of repairing or replacing damaged networks and equipment. A lot of cybercrime goes undetected, making it a twofold issue. Some crime is undetected by organisations and some businesses are making trade-offs between whether they want to report and disclose or not report and disclose crimes.

As per the experts, when bad things take place in a company, they like to control the situation, which many feel they can’t do if they have government investigators crawling all over their premises and often businesses just want to clean up a problem internally and move on with their business. Bringing in the government lengthens the investigative period and the lack of communication from the FBI becomes prevalent which makes them hesitant at giving up control.

Further, there’s a feeling in companies that they have better employees than governments to handle incidents of cybercrime. There’s more expertise in the private sector, where it’s easier for a corporation to have an instant response team of professionals that deal with these issues. They can go in, figure out what happened, clean it up, fix it and keep the business running quicker and more effectively than calling in criminal investigators to look into the problem.

According to the report, certain personnel policies at federal law enforcement agencies may be hurting the fight against cybercrime. Staff rotation policies at key law enforcement agencies may hamper the agencies’ abilities to retain analytical and technical capabilities supporting law enforcement. Besides, from the business’s point of view, once a security issue has been resolved internally, reporting it to a government agency becomes problematic. They think that if they have already dealt with the problem, cleaned it up and business is running, and then if it is reported to the government they will have to take those systems offline and have another investigation going on that will interfere with their business.

Some companies are also willing to treat cybercrime losses as a simple cost of doing business rather than some catastrophic event that requires outside intervention. Some banks, for example, can experience phishing losses as high as $1 million a month which is just a rounding error for the type of money that they are dealing with.

According to the security analysts, Cybercrime has reached the point where it is damaging consumer confidence in electronic commerce. Consumer confidence in the Internet as a vehicle for buying products online, paying bills online, even communicating with other people is at risk due to growing crime in cyberspace. When it comes to cyber, we have two worlds to secure the public and the private sector. In order to provide leadership to the private sector, the Department of Homeland Security must demonstrate control of its networks. Unfortunately, previous GAO engagements and investigations into the Department have shown that ‘information security’ has become an oxymoron

All businesses, small and large, need to be encouraged to take a close look at their cyber security practices. Though 100 percent security may be unattainable, there are many policies and procedures that businesses can implement to safeguard their data in a better way.

IM attacks up nearly 80 percent, and P2P is worse

According to a new study from vendor Akonix, malevolent code attacks over instant messaging networks went up by almost 80 percent over the last year. In July, the company, which develops IM hygiene and compliance appliances and services uncovered 20 malicious code attacks over IM taking the total number of threats for 2007 to 226. The attacks on P2P networks, such as Kazaa and eDonkey, increased 357 percent in July 2007 over July 2006, with 32 attacks.

That report comes on the heels of a report by peer-to-peer network monitoring vendor Tiversa, which found contractors and US government employees are sharing hundreds of secret documents on P2P networks. In many cases, those users were overriding the default security settings on their peer-to-peer software to do so. The IM attacks were tracked by the Akonix IM Security Center, in collaboration with its customers and other security and messaging vendors. The code used in the attacks was either brand new malware or a variant of earlier code detected by the IM Security Center.

The new worms included Exploit-YIMCAM, Hupigon- SJ, InsideChatSpy, SpyPal, StealthChatMon, Svich and YahooSpyMon. Akonix officials believe that the attacks are moving beyond the nuisance stage and becoming more malicious.

Akonix started seeing multistage attacks at the beginning at the end of last year. In those attacks IM would deliver a URL and when a person clicked on it code was loaded that would pull down other code. IM Security Center also is seeing two stage attacks with the second stage being the downloading of a Trojan that waits for users to log into specific banking sites to activate a key-logging program.

In addition, there are multi-vector attacks where a malicious URL may be delivered by IM but propagated using e-mail or come in via e-mail and go out over IM. And attacks, focused on consumer services AOL, MSN and Yahoo, are beginning to span networks.

Spam goes back to the future

Bulk e-mail using attachments in the Portable Document Format (PDF) has begun to decline just a month after it first appeared, and spammers are moving on to Excel files.

The seemingly short-lived adoption by spammers of PDF attachments began in mid-June, and peaked earlier last month. However, use of the format has started to decline, while an increasing amount of spam e-mail has appeared with Excel attachments. Enterprise security firm BitDefender noted the decrease in PDF spam on July 24 and predicted that the format will cease being a significant vector in the future.

Similarly, the security firm McAfee found that Excel documents had started replacing PDF attachments in spam. Though the attachments don’t currently attempt to compromise systems, the company warned that future attachments could include Office exploits, similar to the files used to deliver targeted Trojan horses.A worrying thing is that people may get complacent about Excel spam if it continues. Macro-based exploits are currently making a comeback. We can imagine what might happen if both the spam presentation and an exploit are combined. A person might open the spreadsheet and think that it was a pump and dump spam, in the meantime a payload would have been dropped.

PDF spam replaced the image spam commonly used in pump-and-dump stock schemes. Image spam has declined to about 10 percent of all spam, according to McAfee.