Four Tips for IT Managers: Crimeware Increasing Its Profile Within the
(2010-11-08) - Contributed by Dennis McCafferty
Whether via social networks, Google or your e-mail in-box, cyber-rogues will
seek a way into your network to disrupt business, steal company data and
otherwise make life miserable for IT managers. A new report from CA
Technologies reveals the latest trends for these intrusions—and how to stop
There are more than 400 new families of Internet threats—led by rogue
security software, downloaders and backdoors. Trojan intrusions are the most
common of these incidents, accounting for nearly three-quarters of the total
threat infections reported worldwide.
The Trojan's current MO? "Crimeware-as-a-service," which is the underlying
purpose of nearly all of these attacks.
These are some of the more troubling findings revealed in a recent report from
CA Technologies, titled "State of the Internet 2010: A Report on the Ever-
Changing Threat Landscape." Crimeware is nothing new. But what has
changed are the service models that practitioners are adopting, says Don
DeBolt, director of Threat Research and Internet Security for CA Technologies.
"This new method of malware distribution makes it more challenging to identify
and remediate," DeBolt says. "Fortunately, security professionals and
developers are diligent about staying one step ahead of these cyber-criminals."
Here's what tech managers need to know about a number of disruptive
1. Crooks like the cloud. Crimeware-as-a-service is essentially a way of
turning your enterprise assets into an ATM for cyber-criminals. They can
harvest valuable information through a malware infection and then generate
multiple revenue streams. And cloud computing is the new, favored delivery
2. Status Update: "We've Been Hit!" Social media such as Facebook and
Twitter are popular among the abusers too, CA Technologies reports, as a
black market is evolving to push social-networking bots. Underground
marketers promote new social networking applications and services that
include account checkers, wall posters, wall likers, wall commenters, fan
inviters and friend adders. Enterprise managers can't stop employees from
using social networks, as they've proven to have a high level of value as a
business tool. But they can take proactive steps to ensure internal users
aren't falling into a dangerous trap (see the tips below).
3. Phony security software likes Google. The search engine giant is the
preferred target for distribution of rogue software through Blackhat SEO,
which takes users to infected Website domains, according to the report.
Rogue security software displays bogus alerts following installation and will
coerce users to pay for the fake product or service. Then, there's what's
called "rogue security software cloning," in which the software employs a
template that constructs its product name based on the infected system's
Windows operating system version, making itself look all the more legit.
4. Where's that spam coming from anyway? Report researchers tracked the
usage of unique IP addresses to find out which regions originate the most junk
e-mail. The results: The European Union ranked as the top source of spam, at
31 percent; Asia Pacific and Japan ranked second (28 percent); India, third
(21 percent); and the United States, fourth (18 percent).
CA Technologies offers these tips to tech managers to ensure employees are
taking the proper steps to avoid a crippling attack:
Tip 1. Verify authenticity before opening URLs or attachments. Prevent default
browsers from automatically opening PDF docs.
Tip 2. Encrypt online communication and confidential data. Check for and
install security updates regularly.
Tip 3. Don't open e-mail from unknown parties. Be equally cautious when
Tip 4. While social network tools are critical to many organizations now, be
wary of clicking links or suspicious profiles. Be aware when installing extras
such as third-party applications; they may lead to malware infection, or
attackers could use them to steal your identity.