News

Report: Cyberspace Becoming More Malicious

Online security company MessageLabs found that more than three-quarters of the e-mail messages it scanned in May were spam, an increase of 3.3 percent over the previous month, said Mark Sunner, MessageLabs' chief security analyst.

That number is not surprising given that one out of every 170 messages was found to contain some kind of malicious code, and 90 percent of that code is botware, which turns computers into spam-sending zombies, he added.

As the volume of unsolicited and often malicious e-mail steadily grows, a turf war is being fought behind the scenes by rival worms competing to build massive botnets.

Numerous variants of the Storm worm dominated the botnet underworld for 18 months until Microsoft's Malicious Software Removal Tool suppressed them earlier this year. But Storm has been replaced by another fast-changing Trojan -- Srizbi -- that now accounts for 40 percent of all spam, Sunner said.

"Srizbi is the new game in town," he said. "But Storm seems to be fighting back. We've intercepted two big waves."

Several new iterations of Storm have been found, but they do not appear to be producing spam yet, Sunner said. He predicted that it was only a matter of time before Storm botnets become established with the command and control networks needed to begin operating again.

For its intelligence report on online threats for May, MessageLabs scanned 2.5 billion Simple Mail Transfer Protocol connections and 1.5 billion Web requests each day.

The public sector ranked 15th in the amount of spam received, at 75.7 percent. The manufacturing sector was No. 1, with about 85 percent. But the public sector ranked third in the amount of malware in incoming traffic: one in every 107 messages, well above the overall average of one in every 170 messages.

"Government is a prominent target for malware" because of the amount of sensitive and valuable information available in electronic files and databases, Sunner said.

He said the increase in the overall level of malicious code in messages is disturbing. "In the year 2000, it was one in 2,500 and one in 1,500 in 2003," he said.

The increase in malware coincides with the growth of spam as a large-scale commercial enterprise linked to phishing and identity theft. That development, in turn, is tied to the adoption of broadband Internet connections in this country, which began taking off in 2003.

One of the newest wrinkles in spamming is to take advantage of free online document services.

"The spammers are starting to abuse some of the hosted document formats," such as Google Docs and Microsoft's SkyDrive free online storage, Sunner said. The spam e-mail simply has a link to an online document that contains the message. "E-mail filters don't follow links," he said, and they aren't likely to block messages from trusted names such as Google and Microsoft. The services also have the advantage of large amounts of bandwidth, so they are not likely to be swamped by blasts of spam.

Fortunately, as more security is moved into the fabric of the Internet, service providers will be better able to protect users from unwanted and malicious traffic, Sunner said. Unfortunately, it looks like there will be more of that traffic to protect us from.

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.