by Hugh Dent
The report, entitled "Malicious software (malware): a security threat to the Internet economy," gives an impression of two worlds engaged in an uneven war of virus invasion and belated defence.
Cyber crime, to steal data, spy and attack government and business computer systems "is a potentially serious threat to the Internet economy," the study, published on Friday, warns.
Organisations involved in "fighting malware offer essentially a fragmented local response to a global threat," the Organisation for Economic Cooperation and Development says.
"Over the last 20 years, malware has evolved from occasional 'exploits' to a global multi-million-dollar criminal industry ... Cyber criminals are becoming wealthier and therefore have more financial power to create larger engines of destruction."
In the last five years there has been a upsurge in such criminal activity to attack systems and steal information, money and identities.
Using agents with names ranging from "zombies" and "worms" to "botnets," "Trojan horses" or "money mules," criminals can wreak havoc, usurping identities, recruiting and organising cohorts of computers for coordinated attacks, and even steal data for ransom.
"A botnet is a group of malware-infected computers also called 'zombies' or bots that can be used remotely to carry out attacks against other computer systems," the OECD said.
The report implied that some governments might also use similar techniques, saying: "It can also be assumed that nation states have the same capabilities."
The OECD warns that all forms of hacking have gone far beyond the adolescent disruption of the early days of the personal computer, to become a powerful and growing weapon in the hands of serious criminals.
It is highly profitable, at minimal cost to the criminals but a huge and unknown cost to honest users.
"There is no simple conclusion to the complex problems presented by malware," the report concludes.
"Malware has the potential to adversely affect any and all Internet users, from enterprises to governments to end users."
The rapid onward march of malware "makes international co-operation essential to addressing the problem," it said.
The first malicious virus, called "brain," emerged in 1986 and in 1988 a "worm" called "Morris" ate into more than 6,000 computers. The development of electronic mail in the 1990s generated worm epidemics under such names as "Melissa" or "MyDoom."
Some studies estimate that about 80 percent of web-based malware was hosted on "innocent but compromised" websites and one report found 53.9 percent of all malicious sites were hosted in China, followed by the United States with 27.2 percent.
"In June 2006, a Trojan horse attacked files in Microsoft Windows users' 'my documents.' The files were then encrypted so users could not access them withut paying a ranson," the OECD report noted.
"It is estimated that 59 million users in the US have spyware or other types of malware on their computers," the OECD report said.
0 comments:
Post a Comment