Skip to content

Nostalgic for the Days of My Doom

IT MAY SEEM ODD to reminisce about the “good old days” when the top computer-security news was whatever worm or virus was attached to an e-mail message with an obviously suspect subject line, such as “I love you.” But those days were, in fact, simpler. If you used safe computing practices and updated your antivirus software, you’d more than likely remain safe.

Those obvious attempts at infecting your network have given way to more subtle and more dangerous attacks, says Dean Turner, a senior manager of Symantec’s Security Response team and executive editor of the firm’s Internet Security Threat Report.

Under Symantec’s system, malicious code is ranked from one to five; the higher numbers—what Turner calls “bell-ringing alarm threats”—represent the threats that cause much immediate damage and are difficult to contain because they are widely distributed. “We’ve only seen six category-three worms in 2005,” Turner says, referring to the most recent statistics compiled in the report, “whereas in 2004 we saw 32.”

But the smaller attacks, which are on the rise, have actually become the greater threat because they are used to steal valuable data, such as credit-card or other sensitive customer information; and, Turner says, as these infections download crimeware like keystroke loggers and stealthily spread to other machines and networks, “they become category three and four threats after the fact.” On the other hand, Netsky, a widespread worm, came in like a lion at category four but was downgraded to level two within two months as antivirus companies quickly rolled out updates and companies corrected vulnerabilities that allowed it to succeed.

Smaller attacks are also increasingly easy to create and carry out; 88 percent of the top 50 pieces of malicious code Symantec saw last year were modular, meaning that unskilled attackers could cobble together a worm that uses tried-and-true techniques. For example, Turner says that some of the modules can disable security software; others reach out for and download pieces of crimeware.

Adding to the threat level is that attackers reside in far-flung parts of the world, where it’s not so easy to catch them. That’s always been true of the Internet, and as the global economy reaches new corners, cybercrime follows. For example, attacks originating in China rose 153 percent. China also had the second-biggest growth in botnets, the legions of zombie computers controlled en masse by a single person that are well-known sources of attacks and spam.