2005: Five failures of cyber security

Network security is a hot issue as the number of newly emerging viruses, worms and Trojans in 2005 increased by nearly 50% compared to 2004.

According to Sophos, the UK-based security firm, in the first 11 months of 2005, the number of security attacks amounted to 16,000, an increase of 5,276 compared to the same period of 2004. November 2005, with the devastation of Sober.z, the number of attacks reached a record of 1,940. If you continue with this momentum, the number of attacks in the next 12 months will not stop at 23,000.

Among the 3 viruses topping the rankings, Zafi.d - worm spread by mass mailing mechanism - topped with 16.7%, Netsky.p ranked second with 15.7%, third was deep The recently released Sober.z currently accounts for 6% - this is the depth that is expected to top the number of attacks in a short time if there is no effective preventive measure.

' Trojan is really a big threat. The number of new Trojans has exceeded the number of viruses and worms that attack Windows OS at a ratio of 2: 1. In the first 11 months of 2005, 62% of the attacks were caused by Trojans, while Windows-targeted worms only caused 35% of attacks ' - Graham Cluley, consultant of Sophos Technology determined.

The cause of increased attacks via Trojans is determined by criminal groups targeting Trojans as a money-making tool. Super-computer criminals seek to hit a small group of victims with security loopholes, from which they will replicate the opportunities to attack and overcome security barriers.

Meanwhile, the way the Sober.z worm attacked in the past has proved very unusual, not attacking millions of computers just to be annoying, but it targets a sufficient number of machines to sell. Stolen information for spammers.

In fact, security attacks aimed at illegal money are not new and with the emergence of countless new Trojans, this trend is increasingly being confirmed. The statistics of network security situation and analysis in 2005 showed for the first time the identification of the 'most common' characteristics of security attacks. Accordingly, 42% of security attacks allow others to access an infected machine, 40% of the intrusion makes the infected machine automatically download the code from a certain lead site.

Meanwhile, 34% of attacks are aimed at stealing information and 16% through Keyloggers - programs that collect what you manipulate with your computer, such as keyboards, mice, or open good applications Accessing Web sites . Taking advantage of this Keylogger feature, hackers will install it on your computer to get passwords or computer information for intrusion. One in ten attacks exploits a known security hole, while one in six attacks attempts to paralyze antivirus software.

The report also shows new developments on the anti-spam front. The new trend is that spammers targeting stocks through sending a lot of spam distorting information about stocks. They bought a lot of stock lots in very small quantities, then launched lots of letters to promote and inflate the number of stocks.

By November 2005, the number of spam in this field had reached 13.5% of the total spam, while this number in early 2005 was only 0.8%. ' Spammers don't need to deliver any goods, they don't even need to create their own Web site. What they do to make money is convincing so many people invest in stocks, and then they will sell their shares to enjoy the difference. And even if the stock price doesn't increase as expected, they won't lose any significant. The bad thing is that many of these spams can bypass anti-spam products because they do not indicate a link to any website, 'Cluley said.

Ba Lam