TMCnet News
The worm returns(Country Monitor)Unfortunately for the corporate community, politics and computers do mix When neo-fascists celebrate the 87th anniversary of the founding of Nazi party on January 5th next year, a nasty computer worm containing right-wing propaganda will be cheering them on. According to software company VeriSign, the worm, called Sober, was the most prolific Internet virus in 2005 and has produced more than 30 strains infecting computers around the world. The latest variant, which will travel in the form of an email attachment, is expected to send millions of spam messages to its victims in the New Year. Hactivism Staff at iDefense, a division of VeriSign that monitors computer threats, discovered the next phase of Sobers attack by reverse-engineering and breaking encrypted code in a variant that hit the Internet in mid-November 2005. But while the identification of the threat gives IT departments plenty of notice to shore up their defences, the payload of malicious code to be downloaded is unknown. In previous episodes, Sober has unleashed emails purporting to be from the FBI, the CIA, the UK National High-tech Crime Unit and the German Bundeskriminalamt. In that tradition, the next attack is timed to coincide with a major German political convention. This discovery emphasises the ever-present and often underestimated threat of hactivismcombining malicious code with political causes, said Joe Payne, vice-president of iDefense. The days of the gentleman hacker are long gone. Old-school hackers had a look, but dont touch approachthey would break in, snoop around, perhaps send a cheeky message to the system administrator. Their incursions were even seen as helping to develop better security. But these days, crashing a corporate network is considered a worthy goal. Whats more, just about anyone with time and a motive can manage it, thanks to so-called click-and-hack programmes. Wannabe hackers can choose from tens of thousands of hacker-oriented websites for guidance. The events of 9/11 raised fears that terrorists might bring the Internet to its knees. While that hasnt happened, security professionals say the intrusion detection logs of large multinationals indicate precise data-gathering operations in which outsiders are looking at network structures and points of weak security. Security options have proliferated since then, of course. Today, systems managers can choose from measures ranging from content filtering to spyware protection and myriad physical access technologies. But in November the Sans Institute, a non-profit Internet security organisation, warned that hackers have changed their focus accordingly. During the past five years, hackers have mostly targeted operating systems such as Windows, or email applications. But as security has tightened, attention has turned to desktop softwareincluding, ironically, anti-virus software, as well as database programs and media players such as RealPlayer and iTunes. In particular, the Sans Institute experts are worried about security gaps they have identified in commonly-used backup software made by market-leading companies like Computer Associates, Symantec and Veritas. Four years ago the Sans Institute, together with the National Infrastructure Protection Center (NIPC) at the FBI, released a document summarising the Ten Most Critical Internet Security Vulnerabilities. The annual rundown was subsequently expanded to a Top 20 list, designed to help organisations prioritise their security efforts so they could plug the most urgent gaps first. This year, for the first time, the document included cross-platform applications and networking products. The tip of the iceberg Even so, the message doesnt quite seem to be hitting home. Some 40% of the worlds large companies had their IT infrastructure compromised by computer viruses and worms during the first six months of 2004, according to a study by Symantec. Looking at the broader picture of cyber-crime, which includes the use of the Internet as a tool for corporate espionage, industry observers estimate that just 10-15% of incidents are reported because it makes for bad press. A major knock-on effect of this coyness is complacency. Studies show that a typical company spends barely 5% of its IT budget on security. Depending on the nature of the business, the appropriate figure should be up to three times as much, according to those in the know. EIU Industry Briefing |