Old worms, new tricks
A seemingly endless barrage of variants of the Bagle and MyTob worms surfaced this year, but what really pummeled e-mail servers around the globe were two Sober offshoots.
The first hit in May, and the second clogged e-mail in-boxes and servers in November. Microsoft's Hotmail and MSN e-mail services had so much trouble dealing with the infected spam that messages sent to members faced an unspecified delay. Some antivirus companies predicted there will be another Sober onslaught on Jan. 5.
To the surprise of some experts, Sober's tricks to get recipients to open the malicious e-mail and attachment worked. In May, the e-mail promised a prize of free tickets to the 2006 World Cup in Germany, while in November, the bait was a Paris Hilton video or a purported FBI e-mail.
There weren't many headline-grabbing worm or virus outbreaks in 2005, but Zotob, which caused outages at CNN, The New York Times and ABC, got a lot of attention. Unlike Sober, which propagated via e-mail, Zotob spread via networks using a security flaw in Microsoft Windows.
Attackers continued to deviate from using e-mail and networks to spread worms, and instant messaging became an increasingly popular conduit. In addition, they went hunting for holes beyond operating system bugs, in media players, antivirus software and other applications. It also became more evident that miscreants today are in it for the money, not just for bragging rights.
"Zombies," or remotely controlled compromised PCs, became such a big problem in 2005 that the Federal Trade Commission called for industry action. A network of zombies, called a botnet, can send spam or take down a Web site by flooding it with data requests.
Meet the hackers
One bug hunter drew the ire of Cisco Systems. Michael Lynn demonstrated at the Black Hat security confab this summer that he could remotely hijack a Cisco router or switch, something that was previously thought impossible. Cisco sued Lynn, triggering an outpouring of support for the researcher from the security community.
Microsoft took an opposite approach, inviting hackers to its campus twice this year for a "Blue Hat" discussion on the security of its products.
Firefox, touted by for its security compared with Microsoft's Internet Explorer, came under increased scrutiny from bug hunters. Several serious holes have been found in the Mozilla Web browser since its official release in late 2004. But one expert has cautioned that safe browsers simply don't exist.
Cybercriminals kept challenging those who wanted to halt their activities. Security vendors scrambled to find ways to combat "rootkit" technology. A rootkit will bury an attacker's code deep on a PC, making it hard to detect and even harder to remove without breaking the operating system.
Late in the year, Sony BMG Music Entertainment was found to have distributed a rootkit-like technology on music CDs that included copy-protection software. Trojan horses quickly used the tool to hide, and the fiasco forced the label to pull the CDs from stores. Expect security software makers to advertise rootkit detection widely next year.
The mass-mailing virus is starting to spread worldwide, antivirus firms warn.
FTC plans to tell Internet service providers to take stronger action against spam infiltrators.
The mass-mailing varmint makes up in numbers what it lacks in heft, security watchers say.
In the name of education, the software giant invites security researchers to infiltrate Windows systems.
These days, attackers are motivated more by money than the desire to write disruptive worms like Sasser.
CERT security analyst Art Manion warns that all Web browsers now face similar threats--and some even share similar design features.
If providers don't pitch in against the threat, customers might defect--and the health of the Net itself could suffer.
Network worms are shutting down computers running Windows 2000, security experts warn.
But the security specialist also finds that Microsoft's browser is the only one widely exploited by hackers today.
Storm over the record label's antipiracy software raises questions about who owns the desktop and what exactly a rootkit is.
Mass-mailing worm is programmed to download new instructions in January, which could indicate a new outbreak.
Behind the headlines