A new report issued by Websense Security Labs shows that hacker attacks have evolved from random endeavors designed to create havoc to increasingly well-organized assaults with financial and criminal motives.
The lab was set up in 2004 and has been releasing semiannual reports that recap the previous six months of hacker activity and project the likely arc of future security issues. The current report covers Web activity for the second half of 2005.
In particular, the nature of phishing has begun to change noticeably in the past year. The report's authors say phishing purveyors have begun to test and upgrade their exploits to improve their effectiveness. A new technique called "spear phishing" emerged as a more devious way to deliver targeted phishing attacks at increasingly savvy computer users. Browser and operating-system exploits also are being used more frequently for spyware, crimeware (malicious code being released with criminal intent) and keylogger installations.
Websense reports that some of these installations are so sophisticated that they've even been able to infiltrate fully patched systems. Cyber extortion, in which attackers demand money to fix problems they've created, also is on the rise. The lab was able to conclude that most phishing sites originate in the United States, China and South Korea, while most crimeware sites are in the United States, China and Brazil.
Cyber criminals also seem to be cooperating among each other by sharing information and increasing the stealth of their attacks. This new breed of hacker is seeking out vulnerabilities, designing and launching attacks before the vulnerabilities become widely known and patches can be provided.
Websense Security Labs has teamed up with the Anti-Phishing Working Group on Project: Crimeware, an initiative designed to track emerging incidents and develop strategies for combating them. The lab also continues to work with the Anti-Spyware Coalition to develop best practices for dealing with malicious technologies.