Portal Home | IS News Menu | Portal Menu | ISB Menu | Main Content
2006: Spam Raised Its Game and Threats Got Personal
03 Jan 04:56

Over the next few days we'll look at the analyses of events in 2006 presented by various companies in our industry, as well as some predictions. We begin with MessageLabs' Annual Trend Report.

MessageLabs has published its 2006 Annual MessageLabs Intelligence Report which examines trends seen over the last twelve months and looks forward to 2007. The report highlights the relentless escalation of spam activity throughout the year, with annual average spam levels reaching 86.2 per cent, driven by an increase in sophistication of botnets and new targeted techniques. The adoption of new levels of ingenuity has changed the focus of the threat landscape significantly, with spam overtaking viruses as the dominant menace over the last twelve months, a trend which is predicted to continue through 2007.

Corporate and industrial espionage attacks are also on the rise through targeted trojans intended to steal intellectual property and confidential information. In December MessageLabs intercepted two attacks per day, compared to a much lower rate of one per week at the same point in 2005. The targeted approach is prevalent in phishing attacks too, an increasingly dominant force in all malicious email, with levels rising from 10.6 per cent in January 2006 to 68.8 per cent in December 2006.

A key component in the success of these highly targeted attacks is the distribution of spyware and adware which has grown into a multibillion dollar industry and fuelled an increase in the number of botnets being created. Botnets have the ability to retrieve information such as cracked usernames, passwords, credit card numbers and other personal data stored in the web-browsers auto-fill database. MessageLabs analysts saw an increased number of bad guys renting one to two thousand bots for just USD50-60 a week, with the option of trading payment for stolen credit card numbers, a trend we are likely to see continue in 2007.

2006 was the year that spammers took the security industry by storm and showcased their new tactics and techniques for mass disruption. Now accounting for almost nine out of ten emails, spam has categorically shed its title of being a nuisance and is a perilous threat which all companies need to be protected against, said Mark Sunner, Chief Technology Officer. The next year will certainly bring more targeted and sophisticated attacks as the bad guys continue to sharpen their tools.

MessageLabs predict that 2007 will be the year of true convergence between spam, viruses and spyware, and also across business communication protocols, a trend that started to appear in 2006. Instant Messaging (IM) threats will become more aggressive as more IM ecosystems open their networks to each other in 2007, like Yahoo! and MSN did in 2006. Attacks against social networking sites such as MySpace and professional sites like LinkedIn and Plaxo are expected to continue due to useful and accessible contact information and user interests, making it easier to launch targeted attacks.

Top Trends in 2006
Spam: In 2006 the annual average spam rate was 86.2 per cent, with botnets responsible for 80 per cent of all spam in circulation. MessageLabs Skeptic technology identified that 63.4 per cent of spam came from new and unknown sources. Geek spam, using technology buzzwords hidden in the body of the spam to dupe traditional anti-spam tools, was a new development.

Viruses: With the exception of the Nyxem.E virus (otherwise known as MyWife.D, Blackworm or Kama Sutra) in January 2006, no major virus outbreaks took place this year. MessageLabs intercepted more than four million copies of the virus during the first week of the outbreak. The annual average virus rate in 2006 was 1 in 67.9, a significant drop from 1 in 36.2 in 2005.

Phishing: Phishing attacks grew this year with the 2006 average phishing rate reaching one in every 274.2 emails. Phishing attacks accounted for 24.8 per cent of all malicious emails intercepted in 2006, rising from 10.6 per cent in January to 68.6 per cent by the end of the year. This is an increase from only 13.1 per cent in 2005, marking a huge shift in cyber criminal activity.

Geographic Trends: Israel had the highest average spam rate overall for 2006 with 73.2 per cent, a position held jointly by the US and Canada in 2005. Australia (48.1 per cent), Hong Kong (71.7 per cent) and Singapore (50.7 per cent) saw the greatest increases in spam rates year on year. MessageLabs analysts point to increasingly aggressive attacks in these regions to account for the dramatic increases over the last twelve months. Virus levels in all countries declined in 2006 compared to 2005.

Vertical/Industry Trends: Business Support Services has been bombarded with virus and spam attacks in 2006, the annual virus rate reaching 9.26 per cent and average spam rate of 60.9 per cent. Due to the nature of this sector's business, it is particularly vulnerable to attacks as companies, such as staffing agencies, which make up this sector, receive unsolicited emails and attachments from people with whom they have no prior associations. Education, pharmaceutical and manufacturing sectors also saw high spam rates for the year, at over 60 per cent.

Predictions for 2007

  • Threats are expected to converge further over the course of 2007 as email security becomes tighter, the criminals will send more malicious emails with URL links that can slip under the security radar and wreak havoc on businesses.
  • Virus rates will continue to fall, as they have become unnecessary in the creation of botnets. MessageLabs predicts that the virus rate will fall to about 1 in 300 emails by the end of 2007.
  • Ransomware, malicious software that will encrypt key files and documents using a secret key known only to the extortionist, will become increasingly threatening as the technology used by cyber criminals becomes more sophisticated and unbreakable.
  • Spam will become more targeted throughout 2007. Just as geek spam targeted the IT sector, we will continue to see more sectors such as Finance and Legal targeted in a similar way.
  • ICANN will continue to be exploited through loopholes, and domain kiting will continue to be a problem. With domains lasting up to five days, cyber-criminals see this time as a window of opportunity and are able to do major damage.
  • Botnets will be engineered to be resilient, allowing the criminals to maintain control of zombie computers more easily, much like SpamThru which we saw in 2006.
  • Experts believe that the number of worms targeting Mac OS X will rise in the beginning of 2007. MessageLabs already detects an average of ten new worms per day overall.
  • The availability of off the shelf kits for less tech-savvy spammers will grow in numbers, and therefore increase the number of criminals that security experts will have to battle.
  • Late in 2007 MessageLabs expects to see VoIP threats emerge as adoption of the technology increases and criminals target application vulnerabilities.

[I agree with MessageLabs' predictions, which all make sense. I would like to add one: in 2007 we will see the first attempts to reverse the perverse business model of the Internet, which makes the victims of mail abuse, and not the perpetrators, pay. Lacking international agreements about how to police and regulate Internet activities, private initiatives will start to emerge, offering authentication and paid postage services to subscribers. As more and more mail users block email for which no postage has been paid, this business model will gradually gain ground and remedy this 'tragedy of the commons' to which email as we now know it, has fallen victim. This business is wide open, and any credible first mover will make millions. --Ed].

Related links: (Open in a new window.)
External link www.messagelabs.com/Threat_Watch
External link www.messagelabs.com/

View Printable View printable version (opens in new window)
Back Back