Internet security round-up

by Scott Bicheno on 9 April 2008, 21:01

Quick Link: HEXUS.net/qammz

Add to My Vault: x

We’re on our own

Over the last week, there has been a surge of reports illustrating aspects of the internet threat to the channel and to customers.

As reported earlier, the Conservative party has proposed a Fraud and Cyber-Crime Complaints Centre. The Labour government says it’s not necessary. Sigh. The Americans have had their Internet Crime Complaint Center up and running since 2001.

The ICCC’s crime report for 2007 (7.4MB PDF clickable in site) shows that the UK was punching above its weight in terms of internet crime last year. But what we need is a constantly updated database showing current trends. Annual reports are so . . . Gutenberg.

HSBC, Britain’s largest bank, on Monday finally admitted yesterday to losing a disk – four weeks ago – containing the personal details of people with life assurance, generally linked to a mortgage details. 370,000 customers are affected.

The Financial Services Authority (FSA) will investigate, and HSBC will be fined if company security procedures are found wanting. Last year the FSA fined insurer Norwich Union £1.26 million after criminals obtained details of customers’ details in policies worth £3.3 million.

In February last year, the Nationwide Building Society was fined £980,000 after an employee’s laptop containing confidential customer details was stolen from his home.

Illegal information supermarkets

Symantec’s Internet Security Threat Report of April 2008 (1 MB PDF), covering the last half of 2007, says British bank account details were the most advertised items on black-market forums used to trade stolen information. Business accounts are the most frequently targeted, but Symantec reported an increase in sophisticated and personalised attacks on consumers.

British bank account details were the most advertised items on black-market forums used to trade stolen information

The data is sold in instant-message groups or Web forums that exist for only a few days or hours. Criminals are turning from online banking to social networking sites, where users are less careful.

Symantec reported bulk-buying of personal details, packaged as bargain bundles. The company cites a block of 50 credit card numbers on sale for £20, and 500 credit card numbers for £100.

The report says that identity trading was on the increase, with even stolen eBay accounts now being put up for sale. Full identities were the third most common item advertised for sale. They made up nine percent of all advertised goods, up from six percent in the first half of 2007.

That was then, though. We said the British Banking Association’s new code was shutting the stable door after the whole herd had galloped over the horizon. It would be useful to know how the threats identified by Symantec have developed in the first quarter of 2008.

Malware explosion

Sophos, the internet security company based in Abingdon in Britain and Burlington in Massachusetts, announced that 25 percent of all the malware detected since it was founded in 1985 was created in the last six months.

Viruses continue to evolve in the face of increased resistance. A new version of the bootstrap-attacking Mebroot, the DOS-based malware first identified 15 years ago, was detected last month.

25 percent of all the malware detected since it was founded in 1985 was created in the last six months

F-Secure Asia-Pacific Vice President Jari Heinonen confirmed that about 25,000 malware samples are detected every day, the highest on record. ‘The total number of viruses and Trojans will pass the one million mark by the end of 2008 if this trend continues, he said.

‘About 85 to 90 percent of malware families have a fix created for them almost immediately,’ said Sophos’s Chief Technology Officer Paul Ducklin. ‘Malware writers aren't getting the same bang for buck as they used to because businesses and consumers have become much more diligent with security.’

While the security industry is on top of conventional spam and phishing attacks, Ducklin continued, more effort needs to be put into preventing and eliminating so-called drive-by-downloads. The attacks allow hackers to redirect traffic by malicious insertions into legitimate Websites.

Heinonen agrees. ‘Drive-by downloads are the preferred way of spreading malware,’ he said. ‘They happen automatically by visiting a Website, unless users have a fully patched operating system, browser and plug-ins.’

Fully patched, OK, but how long before security updates overwhelm private internet users?

Possibly the eventual solution to these problems is an overall switch to web based working, to concentrate defences in a few bastions. But there are many obstacles to overcome on that front, also.


HEXUS Forums :: 0 Comments

Login with Forum Account

Don't have an account? Register today!
Log in to be the first to comment!