The growth of internet security threats

Timon Singh

The online threat landscape is an ever-changing, ever-evolving beast and as such security companies are constantly developing new measures to counteract the 'internet security threats' that are out there - such as bots, trojans and psishing schemes.

One recent 'bot threat' that has alarmed security experts are bots that are using major hubs or applications as their control centres. Recently, a botnet was found to be using the social media network Twitter as its command and control structure, using status messages to send new commands to other users to download and run, enabling the stealing of information.

Another one was recently found to have infiltrated Google Groups. It is a disturbing feature of these botnets that some, including the recent Zbot - or Zeus Bot - can replicate themselves when they are downloaded to other people's computers, creating an 'army of botnets'.

Not just that, but they have been found to evolve and hide themselves on user's computers, and using covert methods such as creating additional fields into online Internet banking websites, asking users to answer questions that the authentic website would not ask, in order to gain information.

This has become an increasingly common approach for computer criminals around the globe who hope to make get rich from computer users, with a large number of bots coming out of Eastern Europe and China.

Army of threats

Despite the growth of bots, the other online threats are still present and even more advanced. Worms, trojans and viruses are now travelling more freely as the internet becomes even more mobile as smart phones and portable devices become more common.

However some progress has been made; during 2002-2005, Microsoft Windows worms like Blaster, Nachi, Sasser and Zotob infected a large number of systems on the Internet. However, since then then, there has not been any new large-scale worms targeting Windows services. Instead, any attacks come from vulnerabilities found in anti-virus, backup or other application software. Most notable was the worm exploiting the Symantec anti-virus buffer overflow flaw last year.

It is this vulnerability in 'client-side' browsers that have seen the increase in bots, where software in offices and companies are all found to be similarly exposed and exploitation in mass. An example of this has been companies that don't have firewalls on their internet browsers, allowing employees to 'surf' freely creating major security risks.

It is because of security holes like this that companies are advised to update their protection methods frequently, whilst governments are increasingly taking action against online attackers.

Relevant articles:

Microsoft's biggest security update|Users responsible for 'cyber hygine'|Tor targeted by China