While it started out in January 2007 as a traditional computer worm, Storm quickly emerged as a key element toward building one of the largest botnets active on the Internet today.
Botnets, networks of compromised computers used for spreading spam and malicious software or attacking large corporations, easily became one of the biggest security stories of year. By June, Storm was estimated by SecureWorks to have compromised 1.7 million computers. There also emerged the possibility that state-sponsored malicious-software writers had targeted Estonia with one of the first cyberwars, an attack that included the use of botnets.
Fortunately, the FBI was on top of the botnet problem, announcing in June a few initial arrests as the result of Operation Bot Roast. One of those arrests was alleged spammer kingpin Robert Alan Soloway, who was sentenced in November, when the FBI announced even more arrests as part of Operation Bot Roast II. Overall, the yearlong operation uncovered more than $20 million in economic losses.
Experts say the rush to adopt Web 2.0 has left many Web sites vulnerable to malicious software that could lead to botnet creation. Flaws in Web 2.0 development was a theme again at this year's annual Black Hat gathering in Las Vegas.
Indeed, criminals have resorted to using new strategies to infect computers; one method relies on first compromising legitimate Web sites, then leading users to servers hosting packaged malicious software. If a user, for instance, used Internet Explorer to view a compromised page, the malicious-software server would attempt to download specific exploits for that browser. Another recent example of using the Web to launch attacks included compromising popular MySpace.com pages.
The year also saw a sharp increase in the use by criminals of non-operating-system exploits. Common desktop applications such as Adobe Reader, Apple Quicktime, and Real Player have become the favorite targets of criminal hackers. At CanSecWest, an annual security conference in Vancouver, British Columbia, a zero-day flaw in Quicktime was used to hack into a MacBook, securing its discoverer a $10,000 prize.
Second to botnets making headlines in 2007 was identity theft, leading off with the 47 million accounts that were compromised from TJX Companies, which operates such discount retail chains as T.J. Maxx and Marshalls. Authorities have since linked at least one Ukrainian man to the theft, and in September, TJX said it would offer discounts to customers in 2008.
The year also included several high-profile security company acquisitions. Cisco acquired Ironport, an e-mail security company; Hewlett-Packard acquired SPI Dynamics, a security research company; RSA acquired Tablus, an enterprise data loss prevention company; Google acquired GreenBorder, a safe-browsing company, and Postini, an e-mail security company; McAfee acquired ScanAlert, a security certification company, and SafeBoot, an enterprise data loss prevention company; and Symantec acquired Vontu, an enterprise data loss prevention company.
In 2007, CNET News.com produced two in-depth looks at security. First was the series "Wardens of the Web," which profiled the behind-the-scenes security people at Google, Yahoo, and Microsoft. The second--"Securing Microsoft: A long road"--was an inside look at how Microsoft's response to security threats has evolved over the years.
Mass-mailed Trojan horse baits people with timely information about a deadly, real-life storm front in Europe.
New Microsoft operating system is a leap forward in security, but few people familiar with it say the advances justify an upgrade.
Test of 15 antivirus packages shows failures in four. Microsoft pledges improvements; McAfee says its updates weren't included.
Filing with the SEC reveals scope of the breach is far wider than previously believed.
After being indicted by a federal grand jury, Robert Alan Soloway pleads not guilty to 35 counts related to junk e-mail.
special report In CNET News.com's four-day series, we peek behind the curtain at online giants Yahoo, Google and Microsoft, and the elite corps charged with securing Web applications.
Facebook Platform creates channel for malicious third-party applications. Users also face identity theft, VeriSign says.
Researchers say developers often see only the code that works, and not how someone else may come along and exploit it.
Online job service says it wanted to launch its own investigation to verify the breach before notifying job seekers who had been affected.
Program developed by "ethical hacking" group takes advantage of cross-site scripting vulnerability to steal contacts, forward e-mail.
Cybercriminals are shrinking host names of malicious sites to lend them an air of legitimacy, according to security researchers.
special report Redmond's security practices have been transformed since threats like Slammer and Blaster first wormed their way onto the scene.
special report Forget widespread worms. Nowadays, limited-scale threats like targeted e-mail attacks are causing the most concern.
3 commentsJoin the conversation! Add your comment