This report sets out to summarize the major security trends and developments for 2006, outlining the key issues that have developed over the course of the year and how they have affected the security market. The report also aims to provide some insights into the key threats and security issues that are expected to emerge in 2007.
One of the key themes in 2006 has been the notable increase in spam activity, largely due to the increased sophistication of robot networks, or “botnets”. This is also seemingly at odds with the traditional view of how spam and viruses have come to rely upon one another. The latest techniques mean that mass-mailed viruses used to create these botnets are a thing of the past. Consequently, spam volumes have increased by 70% over the last quarter of 2006, pushing up overall email volumes by a third. Spam is now at the highest they have been since February 2005.
The spam figure shows the rate of spam as it reaches the MessageLabs global infrastructure. The first stage of filtering begins when known spam from known bad sources is slowed-down using traffic management controls in place, allowing more bandwidth to be allocated to known good mail and mail from sources that we are unable to make an unequivocal judgement about. Of the mail that is not affected by these traffic management controls, 63.4% is then filtered by Skeptic™ anti-spam. This includes a proportion of mail that is intended for non-existent recipients at businesses, for example from a directory attack against a particular domain.
It is worth noting that with the traffic management controls in place, MessageLabs would otherwise have to filter in excess of 2.36 billion connections each day. 90% of these are immediately and unequivocally identified as spam from known bad sources and are then allocated minimal bandwidth, often causing these connections to slow down and expire.
Targeted trojans, expressly created for stealing confidential information have increased from around one per week at the end of 2005, to two per day by the end of 2006.
These attacks are set to rise further in the coming year as a natural continuation of the trend that we have observed so far in Phishing continues to become much more targeted as the criminals are able to harvest personal data through spyware and botnet technology, ensuring a greater degree of accuracy with their targeting. It is inevitable that phishing activity will reach a plateau, but the impact upon the financial industry will continue, and it is expected that we will see more sophisticated attacks against two-factor authentication appear in 2007.
Web threats from adware, and advertising pop-ups as well as more insidious forms of spyware have been increasing through 2006, targeting a weakness of traditional virus software which cannot address the link spam issues; emails conveying links to malware sites. Instant Messaging (IM) threats have been relatively low in comparison to email and web threats, but this is set to become more aggressive in 2007 as usage increases the ecosystem will become more attractive to cyber criminals.
Attacks against social networking sites like MySpace will continue, as well as professional sites like Linkedin and Plaxo. This will present hidden dangers for employees and IT departments looking to control policies internally.
|
