According to Symantec, the number of cyber crimes last year has increased twofold and continues to grow, while the number of hacker attacks has increased by 71%. Within the last year nearly 3 million viruses were registered. Russia shot significantly ahead and made it to seventh place among top ten countries producing the most cyber threats.
The USA and China remain the mastodons of the harmful landscape of the cyber world. They are followed by Brazil, Germany, India and Great Britain. The report mentions that the development of broadband access combined with insufficiently developed legislation in the area of cybercrime make the developing countries an outpost for the activity of cyber criminals.
The report highlights two global epidemics of 2009: Downadup (same as Conficker/Kido) in the beginning of the year and Hydraq at the end of the year. Currently Downadup continues its activity on the world scale. During 2009 it infected 7 million computers. The difficulty in assessing the threat is in the absence of symptoms. Yet, the threat of botnets created on its basis remains extremely high.
There are increasingly more opportunities for organization of internet attacks. Corresponding tools are available on-line for moderate money, and the simplest ones are free. Famous Keyboard spy Zeus (ZBot) is only $700. Visits to online banking and payment system sites are tracked by ZeuS through keyboard espionage and then delivered to the criminals.
This software can create networks of remotely operated computers, botnets. According to Sym а ntec, in 2009 alone over 90 thousand copies were sold. Meanwhile, out of 107 billion of spam messages distributed on a daily basis, approximately 85% are provided by zombie computers connected into networks. Ten largest world botnets control over 5 million computers. The most infamous botnets are Cutwail, Rustock and Mega-D.
Affordable packets (like Zeus) can create unique harmful codes, which allow overcoming signature defense. In 2009 Symantec specialists found over 240 million specimens of the unique code, which is a 100% increase compared to 2008. Some think that in 2010 this growth tendency will continue.
Social engineering remains one of the main ways of obtaining confidential information and introduction of harmful programs. Users are enticed to come to the websites containing a harmful code. In 2009 a sharp increase in the number of attacks linked to viewing PDF files was registered. These attacks account for 49% on the entire volume of web attacks. Viewing of videos and documents is the main goal of hackers. Browsers sensitivity is becoming increasingly more popular.
Hackers’ activity is transferring to the area of corporate espionage. In addition to a well developed system of theft of personal financial data, hackers are focused on the increase of the so-called Advanced Persistent Threats. These are programs created for hidden supply of information for a long period of time. In 2009, 75 % of business structures were exposed to various cyber attacks.