November 16, 2004 2:17 PM PST

Report: Crooks behind more Net attacks

Related Stories

Hot and bothered over spam

November 15, 2004

Police arrest phishing mob suspect

November 11, 2004

Alarm growing over bot software

April 30, 2004
Organized gangs are more likely than ever to be behind online attacks, according to a new VeriSign report.

The trend appears to be towards more sophisticated attacks by more organized groups, VeriSign said in its twice-yearly Internet Security Intelligence Briefing, released on Tuesday.

The criminal groups increasingly rely on massive numbers of compromised home PCs to launch their attacks, said Mark Griffiths, vice president for Mountain View, Calif.-based VeriSign.

"It's gone away from kids having fun to criminals trying to get some financial benefits from what they are doing," he said.

Attackers can make money by holding online businesses ransom over threatened denial-of-service onslaughts, through credit card fraud or from spam income.

The report's findings are based on the data generated by the Internet services company's handling of online registrations, domain look-ups, credit card transactions and corporate network security.

The analysis suggests that PCs belonging to broadband subscribers based in the United States are unwittingly being used as a launching point for attacks. The number of security incidents has increased some 150 percent over the third quarter a year ago, and computers located in the United States account for more than 90 percent of the probes and attacks, the report found.

"It is so hard to trace these people (the attackers) back," Griffiths said. "Those computers (in the United States) are ones that are sending the attack, which likely makes them bots."

Compromised PCs, known as bots within the security community, have software surreptitiously installed by an attacker that allows the attacker to remotely control the machine.

The collections of controlled machines, or bot nets, are typically used to prevent authorities from tracing the source of spam e-mail and online attacks.

The VeriSign report found that bulk e-mail, or spam, accounted for nearly 80 percent of all messages handled by its clients. However, bulk e-mail also tends to be smaller in size than legitimate messages, and accounted for only 21 percent of the total bandwidth used by e-mail traffic, the report found.

The company also found that e-commerce continues to expand, with the number of transactions up 25 percent from a year ago, and that the United States still accounted for the largest absolute number of fraudulent transactions.

However, countries such as the former Yugoslav republic of Macedonia, the African countries of Nigeria and Ghana, and Vietnam are homes of a higher percentage of fraud, VeriSign's analysis of data indicated. The company labels any credit card transaction from an IP address sourced in Macedonia as "risky," and more than 85 percent of such transactions from the other three countries are not be trusted, the company stated.

The United States' favored status among online criminals, however, underscores that the country has to do much more to protect its online citizens, Griffiths said.

"Those users are not as sophisticated as they should be and aren't defending their systems adequately," he said. "That means we need more end-user education." He added that Internet service providers need to take a role in making customers' PCs secure.

1 comment

Join the conversation!
Add your comment
formatting test - please ignore
<BLOCKQUOTE>The liberty of a democracy is not safe if the people tolerate the growth of private power to a point where it becomes stronger than their democratic state itself. That, in its essence, is fascism -- ownership of government by an individual, by a group or by any controlling power.
-- FDR

Formatted Hyperlink
<A HREF="">The Corporation</A>

Unformatted Hyperlink
<a class="jive-link-external" href="" target="_newWindow"></a>

Smilies :-) ;-)



Posted by nealda (105 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.