Websense warns on organised cybercrime

Websense has predicted that a more organised cybercrime economy will develop in 2007. The web security and web filtering software specialist reckons that organised criminals will team up with the hacker community, creating even more security headaches for CIOs, IT managers and end-users.

  • E-Mail
By  Stuart Wilson Published  December 14, 2006

Websense has predicted that a more organised cybercrime economy will develop in 2007. The web security and web filtering software specialist reckons that organised criminals will team up with the hacker community, creating even more security headaches for CIOs, IT managers and end-users. Websense reckons that the organised cybercrime economy will buy, sell and trade hot commodities such as ready-made cyber-attack toolkits and exploits using zero-day vulnerabilities. “Organised criminals are realising that the internet has been a largely untapped resource in terms of generating real profit — until now,” said Dan Hubbard, VP of security research at Websense. “With financial gain on the table, attack methods are improving, and they number of people involved is escalating.” “Tools and exploits to steal personal, business and financial information are the hottest commodities for cyber-criminals. Next year in particular, it’s highly important for organisations to have preventative measures in place to protect themselves from the next wave of increasingly covert and targeted attacks,” he added. Websense also claims that Web 2.0 security issues will escalate in 2007. Web 2.0 sites make up an estimated 80% of the top 20 most visited websites, such as MySpace and Wilkipedia. Web 2.0 sites including social networking are vulnerable to attack because of the constantly changing nature of the content, which is difficult to monitor and secure. The fact that these sites attract millions of visitors means that they are particularly attractive to criminals, spammers and adware companies. If not secured properly, these sites are vulnerable to new forms of phishing and other attacks. Security solutions themselves are also expected to come under attack in 2007. Websense believes that high-profile anti-phishing toolbars, which were released by several companies in 2006, will themselves become targets of exploit code designed to disable or avoid their prevention mechanisms. Websense is also warning about a potential increase in information stealing through the use of malicious code. Cyber-criminals will increasingly use encryption with malicious code to by pass preventative measures. Bots — also knows as web robots — will continue to evolve. Distributed command-and-control and the use of protocols other than Internet Relay Chat (IRC) or HTTP will be used to control bot networks. Websense also expects to see the increased use of encryption and custom packing of bots in 2007.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code