At the recent Infosecurity Press Conference in London, Mark Sunner, CTO of MessageLabs, presented the results of the MessageLabs Intelligence Annual Report that provides us with an insight on how cyber criminals worked during the past year.
The results are, as you may have expected, not good. Junk mail is on the rise and conquering your network with 70% of all e-mail going through the corporate network being spam. If you look at the data going back 2 years, there is no sign or relief coming, malicious users are boud to continue their “work”.
When it comes to viruses some changes have occurred since 90% of all emerging viruses are now connected with spam. With all the spam clogging your network, you should know that on average one of 36 e-mails also contains a virus.
When it comes to operating systems, Windows is still the most targeted and there has been no increase in malware for the UNIX/Linux and Mac OS platforms.
Phishing is evolving. Criminals used to prefer sending out massive amount of messages that have a general target, for example eBay or Amazon users. Today we see an increase in Spear Phishing that targets a smaller amount of users with specific e-mails that appear to be originating from the organization and are therefore more prone to succeed. Between 80 and 100 phishing websites are detected each day.
Botnets are the air supply for spammers and even though they are still here, we are seeing them in smaller sizes. The average size of a botnet today is 20.000 computers and this is probably due to the fact that cyber thieves want to stay under the radar. A few large botnets have been shut down at the end of 2005 and this certainly left its mark.
Criminals operate from many countries worldwide. 2005 has seen a rise of attacks coming from China. This is probably due to their economic growth and a less regulated IT environment.
What can we expect this year?
We’re going to see more low-level targeted Trojan attacks. Spammer operations will continue shifting towards Eastern European countries where laws are lacking or nonexistent.
With more automated tools available there are going to be more bad guys entering the field. There are also going to be more targeted attacks that are small in size and have a better chance of staying under the radar.
Upcoming hot targets include IM and VoIP and the increase of the mobile workforce bring forward many new problems.