IT security and control firm, Sophos, has published its Security Threat Report 2008 examining the threat landscape over the previous 12 months, and predicting emerging cyber-crime trends for 2008.
The report reveals that in 2007 organised criminal gangs for the first time arrived at Apple's doorstep with the intention of stealing money.
With proof that hackers are extending their efforts beyond Windows, Sophos is warning computer users of all operating systems not to be complacent about security.
Sophos experts note that malware for Macs has been seen before, but until recently organised criminal gangs have not felt the need to target Mac users when there are so many more poorly protected Windows PCs available.
However, late 2007 saw Mac malware not just being written by researchers demonstrating vulnerabilities or showing off to their peers, but by financially-motivated hackers who have recognised there is a viable and profitable market in infecting Macs alongside Windows PCs.
For example, many versions of the malicious OSX/RSPlug Trojan horse, first seen in November 2007, were planted on Web sites designed to infect surfing Apple Mac computers for the purposes of phishing and identity theft.
"Now is a good time for Mac users to prove their computer decision was, in fact, a smart one. If they fail to send a clear message to hackers that it is not financially rewarding to target Macs by, for example, not clicking on unsolicited Web links or downloading unknown code from the Web, there's a chance that more cyber-criminals will decide it's worth their while to develop more malware for Macs during 2008," says Brett Myroff, CEO of master Sophos distributor, NetXactics.
Sophos experts are now discovering 6 000 infected Web pages every day - one every 14 seconds; 83% of these Web pages actually belong to innocent companies and individuals, unaware that their sites have been hacked.
Cyber-criminals can target any computer user by spamming out e-mails containing links to the poisoned Web pages, directing unsuspecting victims to the malicious code. The Web site can determine if the visiting computer is a Mac or a PC, and delivers malware custom-written for the surfer's operating system.
WiFi presents more avenues for cyber-criminals
As computer users wise up to traditional malware attacks, such as e-mail-borne worms, Sophos's Security Threat Report 2008 also reveals the wider use of new mobile technologies and WiFi-enabled devices, like Apple's iPhone and iPod Touch, may be opening up new vectors of attack for hackers.
Flaws have been found in the mobile e-mail program and Safari browser installed on such devices - but while uptake remains limited, cyber-criminals seeking large returns are unlikely to exploit these avenues on a major scale in the near future. However, as personal WiFi devices grow in popularity, the risks will no doubt increase. Sophos experts also note that the low-cost ultra-mobile PCs, such as the popular Linux-based ASUS EEE laptop, are likely to gain the attention of the cyber underworld as sales continue to grow.
"The ultra-mobile ASUS EEE laptop, like many others, comes pre-installed with Unix, making it automatically immune to the vast majority of spyware and malware attacks," says Myroff. "However, it's still possible to lose money through phishing and identity theft on any device with an Internet connection."
State-sponsored cyber snooping and crime claims predicted to rise
During 2007, it became more common for countries to openly accuse each other of engaging in cyber-crime, despite the fact that it can be extraordinarily difficult to prove where an attack originated and if it is government-sponsored or purely a lone hacker acting independently.
2008 is likely to bring more accusations, but so far there has been no actual evidence of state sponsored cyber-spying, according to Sophos. "There is no doubt, however, of the importance of securing critical computers inside government organisations from hackers, no matter whether they are motivated by politics, espionage or simply money," Myroff says.
Web threats continued to be the preferred vector for malware attack in 2007
The top 10 list of malware found on the Web in 2007 reads as follows:
1. Mal/Iframe 53.3%
2. Mal/ObfJS 9.8%
3. Troj/Decdec 6.6%
4. Troj/Psyme 6.2%
5. Troj/Fujif 5.8%
6. JS/EncIFra 3.9%
7. Troj/Ifradv 2.4%
8. Mal/Packer 1.2%
9. Troj/Unif 1%
10. VBS/Redlof 0.8%
Others 9%
In 2006, China was responsible for hosting just over 30% of all Web-based malware, and held second place after the US. However, in 2007 this position was reversed with China hosting more than half of all infected Web pages.
The top 10 list of malware-hosting countries in 2007 reads as follows:
1. China 51.4%
2. United States 23.4%
3. Russia 9.6%
4. Ukraine 3%
5. Germany 2.3%
6. Poland 0.9%
7. United Kingdom 0.7%
8. France 0.7%
9. Canada 0.7%
10. Netherlands 0.7%
Others 6.6%
For more information, including statistics on e-mail threats, detection techniques and spam-relaying countries, please download the Sophos Security Threat Report 2008 from www.sophos.com/securityreport2008.
A journalist-specific edition of the report is available from: www.sophos.com/secrep2008
Share
NetXactics is a South African-based company, focused on the provision of security solutions. It is the master distributor for UK-based Sophos Plc, one of the leaders in the provision of network access control and endpoint, e-mail and Web security and control solutions for the corporate environment. For more information, visit NetXactics at www.netxactics.co.za.
Editorial contacts