Symantec report finds ease-of-use and profitability as the driving factors of faster proliferation of cyber attacks and expanded pool of attackers

MANILA, Philippines – If you were among the number of Facebook users lured towards clicking on a link to view a supposed close-up video of victims running away from the recent tsunami in Japan, then chances are you have just been the victim of a cyber attack.

The unfortunate thing about advancements in technology is that a lot of bad things come with the benefits. Social Media, in particular, may have bridged the gap between time and space and has enabled us to keep in touch with friends/business partners in different countries, as well as keep us updated in real time about the latest issues affecting the globe, but it has also exposed us to the dangers of identity theft and other crimes that fuel the growth of the underground economy.

According to Raymond Goh, Symantec’s regional technical director for Systems Engineering and Customer Advisory Services, the recent tragedy in Japan alone has ignited, within a few hours, the setting up of websites to collect donations, and video links depicting what actually happened. “Not all of these sites are legitimate; most are links used by cyber criminals to redirect users to malicious websites,” he shares. “It’s scary how quickly a cyber attack is launched to take advantage of situations like these, just to make a quick buck.”

As Easy as Online Shopping

A Symantec report on attack toolkits and malicious websites revealed that attack kits are becoming more accessible and relatively easier to use.

“Attack toolkits are software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers,” informs Goh. He says: “In the past, cybercriminals operated alone or in small groups. They also happened to be skilled computer programmers. But today’s attack toolkits have grown in sophistication such that even beginners can launch a cyber attack easily. You don’t even need to be Internet savvy to launch an attack—the kits have user-friendly GUIs (Graphical User Interface) that it has actually become as easy as online shopping.”

According to the report, there has been an increased utilization of attack toolkits driven primarily by its accessibility—you can actually Google it—and increasingly user-friendly interface. “Today, 61 percent of the Internet’s threat activities utilize toolkits to launch attacks. It’s a growing trend, and as kits become more robust and user-friendly, this number is expected to rise,” shares Goh.

Fueling the underground Economy

Because attack kits are becoming easier to use, the once high barriers to entry world of cyber crime has enabled newbie and seasoned crooks alike to launch cyber attacks.

Profitability and demand has even driven up the cost of attack kits. In 2006 Web Attacker, a popular attack toolkit, retailed for $15 on the underground economy. Last year ZeuS 2.0, the attack kit allegedly used by a ring of cybercriminals who stole more than $70 million from online banking and trading accounts over an 18-month period, was advertised in shady web forums for up to $8,000. Secondary services have also emerged to direct unsuspecting users to malicious websites where, upon clicking of the link, their computers can be compromised.

According to Symantec’s report, more than 310,000 unique domains were found to be malicious. “On average, this resulted in the detection of more than 4.4 million malicious web pages a month,” informs Goh.

Mitigating Attacks

With the faster proliferation of attacks in cyberspace, the best thing organizers and end-users should ensure is that all software is up-to-date with vendor patches. “Attackers usually focus on vulnerabilities on big systems like Adobe and Microsoft because they have wider user bases, which means they stand to gain more,” Goh informs. “Keep updating your system to help evade attacks.”

Companies should also create policies to limit the use of browser software and plug-ins that are not required by the users of the organization. “This is especially practical for ActiveX controls, which may be installed without the user’s knowledge,” says Goh. Those clicking on or searching for adult entertainment websites are highly likely at risk—if not yet infected. Adds Go, “According to the report, the most commonly used search terms that resulted in malicious site visits were for adult entertainment websites, making up 44 percent of the search terms. Video streaming came a close second.”

Lastly, it wouldn’t hurt to have a strong security management system in place. “Symantec expects that a much larger pool of criminals entering cyberspace will increase the number of attacks. And our solutions are designed to help customers ensure that their information is secure and well-managed,” ends Goh.

Published in the March 27, 2011 issue of the Manila Bulletin’s Business Agenda Section.