The cyber security forecast for 2008 looks a tad gloomy. The $105 billion cyber crime market is set to grow this year as spammers increase attacks. The cyber criminals' toolboxes will continue to expand as we enter 2008 and more file attachments and approaches are adopted.
MessageLabs, a leading security vendor, claims that while there will be a significant increase in the Internet economy this year, it will also fuel growth in cyber crime with increased accessibility of "e-crime tools."
MessageLabs' Intelligence report predicts that video file formats will be the next on the cyber-criminals' list of scams, and spammers will follow the example of malware writers with PowerPoint attachments.
Rohas Nagpal, president, Asian School of Cyber Laws and a security expert, says, "The most important factor contributing to the rise in cyber crimes is the phenomenal growth of the Chinese and Russian cyber-mafia. This mafia is making millions through selling cyber crime tools and carrying out cyber scams."
Even users having the latest security software are vulnerable because the cyber-mafia use zero-day exploits. This means that they are exploiting vulnerabilities that have not yet been fixed by the software manufacturers.
With more computer users than ever guarding their systems with anti-virus, firewall and other security software, Internet criminals have started to direct their efforts on tricking users into opening backdoors into the systems.
This means convincing users to view malicious video or audio content on a website that takes advantage of security holes in the user's web browser or media player. These flaws, in turn, give criminals the access they need to install software to control the user's machine remotely.
The virus writers are expected to find innovative ways to stitch malicious videos and images into trusted, high-traffic social networking sites like MySpace, Facebook and YouTube.
In several incidents, intruders slipped poisoned images into online banner advertisement networks used by a number of major web sites, including Photobucket or Flickr.
The scare from money mules, the latest phishing scam to hit India and expected to grow, is real too.
Money mules are basically individuals hired by organised criminals to perform international wire fraud and other illicit operations. It's their job to help move money around under the title of "account manager", "client manager", and other creative titles. Mules don't often realise they are part of an international fraud ring.
"It's bigger than you think, moving millions of dollars annually to overseas accounts in Russia and other global locations," warn security advisors. It often takes months before a law enforcement officer or security expert finds out about a suspected money mule front.
Operations are often done through e-mail and the phone, making it easy for cyber-front operators to keep their distance and move on when desired.
The year 2007 was undoubtedly the period of targeted attacks with levels rising from 10 a day in May to levels in excess of 1,100 within 16 hours in September.
With the rewards obviously outweighing the research required to develop such targeted and personal attacks, MessageLabs experts anticipate more attempts with increased sophistication during early 2008.
