2006: The Year Spam Raised Its Game and Threats Got Personal.

MessageLabs Annual Trend Report Highlights the Evolution of the Threat Landscape with Added Complexity Predicted To Continue In 2007

NEW YORK New York, state, United States
New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of -- MessageLabs, a leading provider of integrated messaging and web security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the to businesses worldwide, today announced the results of its 2006 Annual MessageLabs Intelligence Report which examines trends seen over the last twelve months and looks forward to 2007. The report highlights the relentless escalation of spam activity throughout the year, with annual average spam levels reaching 86.2 percent, driven by an increase in sophistication so·phis·ti·cate
v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates

v.tr.
1. To cause to become less natural, especially to make less naive and more worldly.

2. of botnets and new targeted techniques. The adoption of new levels of ingenuity has changed the focus of the threat landscape significantly, with spam overtaking viruses as the dominant menace over the last twelve months, a trend which is predicted to continue through 2007.

Corporate and industrial espionage industrial espionage

Acquisition of trade secrets from business competitors. Industrial spying is a reaction to the efforts of many businesses to keep secret their designs, formulas, manufacturing processes, research, and future plans. attacks are also on the rise through targeted trojans intended to steal intellectual property and confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job"
steer, tip, wind, hint, lead . MessageLabs now intercepts two attacks per day, compared to a much lower rate of one per week at the same point in 2005. The targeted approach is prevalent in phishing attacks too, an increasingly dominant force in all malicious emails intercepted by MessageLabs, with levels rising from 10.6 percent in January to 68.8 percent in December.

A key component in the success of these highly targeted attacks is the distribution of spyware and adware which has grown into a multibillion dollar industry and fueled an increase in the number of botnets being created. Botnets have the ability to retrieve information such as cracked usernames, passwords, credit card numbers and other personal data stored in the web-browser's auto-fill database. MessageLabs analysts saw an increased number of bad guys renting one to two thousand bots bots

maggots of flies which infest animals, especially horses and sheep. The term bot is also loosely used to include the invasive maggots such as those of Cuterebra and Wohlfahrtia spp.

horse bots
see gasterophilus. for just $50-$60 a week, with the option of trading payment for stolen credit card numbers. A trend we are likely to see continue in 2007.

"2006 was the year that spammers took the security industry by storm and showcased their new tactics and techniques for mass disruption. Now accounting for almost nine out of ten emails, spam has categorically shed its title of being a nuisance and is a perilous threat which all companies need to be protected against," said Mark Sunner, Chief Technology Officer. "The next year will certainly bring more targeted and sophisticated attacks as the bad guys continue to sharpen their tools. Companies need to take a layered and proactive security approach by fighting against cyber-criminals from 'in the cloud' at the internet level."

MessageLabs security experts predict that 2007 will be the year of true convergence The angle at which one meridian is inclined to another on the surface of the Earth. See also convergence. , between spam, viruses and spyware and also across business communication protocols, a trend that started to appear in 2006. Instant Messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or (IM) threats will become more aggressive as more IM ecosystems open their networks to each other in 2007, like Yahoo! and MSN (1) (MicroSoft Network) A family of Internet-based services from Microsoft, which includes a search engine, e-mail (Hotmail), instant messaging (Windows Live Messaging) and a general-purpose portal with news, information and shopping (MSN Directory). did in 2006. Attacks against social networking sites A Web site that provides a virtual community for people interested in a particular subject or just to "hang out" together. Members create their own online "profile" with biographical data, pictures, likes, dislikes and any other information they choose to post. such as MySpace and professional sites like LinkedIn and Plaxo are expected to continue due to useful and accessible contact information and user interests, making it easier to launch targeted attacks.

Top Trends in 2006:

Spam: In 2006 the annual average spam rate was 86.2 percent, with botnets responsible for 80 percent of all spam in circulation. MessageLabs Skeptic[TM] technology identified that 63.4 percent of spam came from new and unknown sources. Geek spam, using technology buzzwords Below is a list of common buzzwords which form part of the business jargon of Corporate work environments. General Conversation

Alignment ^[]
At the end of the day ^[0]
Break through the clutter^[1]

hidden in the body of the spam to dupe traditional anti-spam tools, was a new development.

Viruses: With the exception of the Nyxem.E virus (otherwise known as MyWife.D, Blackworm or Kama Sutra Kamasutram, generally known to the Western world as Kama Sutra, is an ancient Indian text widely considered to be the standard work on love in Sanskrit literature. This is authored by Mallanaga Vatsyayana. A portion of the work deals with human sexual behavior. ) in January 2006, no major virus outbreaks took place this year. MessageLabs intercepted more than four million copies of the virus during the first week of the outbreak. The annual average virus rate in 2006 was 1 in 67.9, a significant drop from 1 in 36.2 in 2005.

Phishing: Phishing attacks grew this year with the 2006 average phishing rate reaching one in every 274.2 emails. Phishing attacks accounted for 24.8 percent of all malicious emails intercepted by MessageLabs in 2006, rising from 10.6 percent in January to 68.6 percent by the end of the year. This is an increase from only 13.1 percent in 2005, marking a huge shift in cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. criminal activity.

Geographic Trends: Israel had the highest average spam rate overall for 2006 with 73.2 percent, a position held jointly by the US and Canada in 2005. Australia (48.1 percent), Hong Kong Hong Kong (hŏng kŏng), Mandarin Xianggang, special administrative region of China, formerly a British crown colony (2005 est. pop. 6,899,000), land area 422 sq mi (1,092 sq km), adjacent to Guangdong prov. (71.7 percent) and Singapore (50.7 percent) all saw the greatest increases in spam rates year on year. MessageLabs analysts point to increasingly aggressive attacks in these regions to account for the dramatic increases over the last twelve months. Virus levels in all countries declined in 2006 compared to 2005.

Vertical/Industry Trends: Business Support Services support services Psychology Non-health care-related ancillary services–eg, transportation, financial aid, support groups, homemaker services, respite services, and other services has been bombarded with virus and spam attacks in 2006, the annual virus rate reaching 9.26 percent and average spam rate of 60.9 percent. Due to the nature of this sectors business, it is particularly vulnerable to attacks as companies, such as staffing agencies which make up this sector, receive unsolicited emails and attachments from people with whom they have no prior associations. Education, pharmaceutical and manufacturing sectors also saw high spam rates for the year, at over 60 percent.

Predictions for 2007:

* Threats are expected to converge further over the course of 2007 - as email security becomes tighter, the criminals will send more malicious emails with URL URL
in full Uniform Resource Locator

Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. links that can slip under the security radar and wreak wreak
tr.v. wreaked, wreak·ing, wreaks
1. To inflict (vengeance or punishment) upon a person.

2. To express or gratify (anger, malevolence, or resentment); vent.

3. havoc on businesses. MessageLabs developed Link Following technology to follow links in emails protecting users from malicious websites through multiple layers of security.

* Virus rates will continue to fall, as they have become unnecessary in the creation of botnets. MessageLabs predicts that the virus rate will fall to about 1 in 300 emails by the end of 2007.

* Ransomware, malicious software that will encrypt key files and documents using a secret key known only to the extortionist, will become increasingly threatening as the technology used by cyber criminals becomes more sophisticated and unbreakable.

* Spam will become more targeted throughout 2007. Just as geek spam targeted the IT sector, we will continue to see more sectors such as Finance and Legal targeted in a similar way.

* ICANN (Internet Corporation for Assigned Names and Numbers, www.icann.org) A non-profit, international association founded in 1998 and incorporated in the U.S. It is the successor to IANA (Internet Assigned Numbers Authority), which manages Internet addresses, domain names and the huge number will continue to be exploited through loopholes, and domain kiting Continuously cancelling and re-registering the same domain name. Domain kiting takes advantage of the five day grace period a registrant has after registering a domain name. Domain kiting is done to draw revenue from ads without paying for the domain registration. See domain tasting. will continue to be a problem. With domains lasting up to five days, cyber-criminals see this time as a window of opportunity and are able to do major damage.

* Botnets will be engineered to be resilient, allowing the criminals to maintain control of zombie computers more easily, much like SpamThru which we saw in 2006.

* Experts believe that the number of worms targeting Mac OS X will rise in the beginning of 2007. MessageLabs already detects an average of ten new worms per day overall.

* The availability of "off the shelf" kits for less tech-savvy spammers will grow in numbers in numbered parts; as, a book published in numbers.

See also: Number , and therefore increase the number of criminals that security experts will have to battle.

* Late in 2007 MessageLabs expects to see VoIP threats emerge as adoption of the technology increases and criminals target application vulnerabilities.

MessageLabs experts have examined the intelligence gathered over the course of 2006 in order to understand the trends and make predictions for next year so businesses can use the information to put the proper security in place and protect themselves. You can view the report in its entirety on the MessageLabs website at http://www.messagelabs.com/Threat_Watch

About MessageLabs

MessageLabs is a leading provider of integrated messaging and web security services, with over 15,000 clients ranging from small business to the Fortune 500 located in more than 80 countries. MessageLabs provides a range of managed security services to protect, control, encrypt and archive communications across Email, Web and Instant Messaging.

These services are delivered by MessageLabs globally distributed infrastructure and supported 24/7 by security experts. This provides a convenient and cost-effective solution for managing and reducing risk and providing certainty in the exchange of business information. For more information, please visit www.messagelabs.com.

COPYRIGHT 2006 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Date:	Dec 14, 2006
Words:	1354
Previous Article:	Zacks Industry Rank Analysis Highlights: Gulf Island Fabrication, McDermott International, Aspen Insurance Holdings Ltd. and PartnerRe Ltd.
Next Article:	Sonic Collaborates With Toshiba in Support of European HD DVD Launch.

Related Articles
Internet Security 2006 also spyware 2006.(Security News)
Spyware--the hidden threat to business security.(SOFTWARE INTELLIGENCE)
Avoiding the 'phishing' hook: new online scares and virus attacks undermine your business.(E-BUSINESS)
Security news and products; avanquest UK launches PC-Cillin from Trend-Micro.(SOFTWARE WORLD DIGEST)
Service providers hold key to blocking text message spam.(Security News and Products)
2006 annual threat round-up and 2007 forecast: a special report by Trend Micro- December 2006 David Sancho, threat specialist Jamz Yaneza, senior...
Security news and products; 2006: the year spam raised its game and threats got personal.(SOFTWARE WORLD DIGEST)
New Sophos security report.(Security News and Products)
Internet Security Systems report.(Security News and Products)
Spam levels to remain constant through 2006.(Security)