'Cyber hackers focus on stealing info for financial gain'

Bangalore, Mar 16: Taking advantage of the ample environment for vulnerability, cyber hackers, who had once designed programmes to destroy data, are now increasingly focusing on silently stealing information for profit without damaging data or alerting the user, according to a study.

Releasing the Internet Security Threat Report compiled by Symantec Corporation, a leading security solutions provider, here today, its Managing Director (Sales) Vishal Dhupar said cyber crime represented the greatest threat to consumers' digital lifestyle and online business. Symantec, which had conducted a comprehensive study between July one and December 31 into the threat worldwide, had tracked notable rise in cyber crime activities, mainly by deploying malicious codes.

The report had shed light on the growing trend of attackers using bot networks, targetted attacks on web applications and web browsers and modular malicious code posing more diverse and sophisticated threats, besides an increase in the theft of confidential, financial and personal information for financial gain, he said.

Mr Dhupar opined that with the rise in client size and increase in malicious codes with stealth capabilities, the existing perimeter designs were not enough to curb internet threats.

Cyber crime related threats were gaining momentum through use of crimeware, software tools built for carrying out online scams and stealing information from consumers and businesses as attackers were moving away from large, multiple purpose attacks against traditional security devices such as firewalls and routes, he added.

Attackers were now focusing on regional targets, desktops and web applications that might allow an attacker to steal corporate, personal, financial or confidential information that could also be used for additional criminal activities, he noted.

Mr Dhupar said apart from using malicious codes, programmes that provide attackers with unauthorised control over a computer, known as bots, also contribute to the rise in cyber crime threats. The number of bot-infested computers were 11 per cent lower than the last period with an average of 9,163 infected systems identified each day during the current reporting period, he added. Symantec estimated that this measurement was only capturing a portion of global activity and that the actual numbers were likely to be much higher, Mr Dhupar noted.

He said the report highlighted increase in modular malicious code, which initially possessed limited functionality, but was designed to update itself with new and more damaging capabilities.

Modular malicious threats often expose confidential information that could then be used for identify theft, credit card fraud or other financial crimes, Mr Dhupar added.

During the second half of 2005, modular malicious code accounted for 88 per cent of the top 50 malicious code samples reported to Symantec, up from 77 per cent in the previous period, he said.

The report revealed that China registered the largest increase of bot-infected computers, with 37 per cent growth, 24 percentage points above the average increase. The increase was related to China's rapid growth in broadband internet connections. China also witnessed the largest overall increase in originating attacks by 153 per cent over the last period, marking a 72 percentage points above the average rise.

On the increase in Phishing threats, attempts to deceive users into revealing confidential information, the report said it continued to rise during the second half of 2005 when over 7.92 million daily phishing attempts were made as against 5.70 million during the previous period. The situation might worsen in future, with an increased number of phishing messages and malicious code being distributed through instant messaging services, he opined.

UNI