Report: Malware Makers Are Organized, Sophisticated

Malware makers – the criminals responsible for viruses and worms – have become increasingly organized and sophisticated, according to a Microsoft security report that was released today. Gamers, the gullible, USB drive users, and people who don’t patch their PCs are their biggest targets.

Cybercriminals are organized like corporations, and follow regular software release cycles, said Jeff Williams, principal group program manager for the Microsoft Malware Protection Center: “They are working for monetary gain.”

The report, entitled, Microsoft Security Intelligence Report Volume 7, is based upon data collected worldwide from January through June 2009. The data was obtained through Microsoft’s security products, Hotmail, and Windows Update, Williams said. “It shows differences from region to region, and provides a comprehensive view of the threat landscape.”

Globally, Microsoft found that the number of trojan downloaders has fallen markedly over the past year; although, they did remain the most common threat. That gain was offset by a rise in instances of worms, password stealers and monitoring tools, according to the report.

Malware has been increasingly targeting online gamers, and there has been a major uptake in fraudulent security software, Williams said. Criminals create trojan software that purports to protect users from malware, but does nothing more than steal personal information and obtain credit card information through false premise.

Criminals have also begun the practice of bundling malware, and making “pay for play” arrangements with one another, Williams said. Another trend Williams noted is the misuse of autoplay in Windows, and using removable media like USB jump drives as an attack vector to get inside of protected enterprise environments.

Microsoft recommends that customers should use trusted anti virus software, a Web browser with anti-phishing technology, and keep their operating systems up-to-date. Security software, combined with increased industry and government cooperation, has helped Microsoft better protect customers over the past year, Williams said.

However, Microsoft is playing a game of multidimensional chess against an opponent that is profit-driven. Improvements in security have induced cyber criminals to exploit more complex software vulnerabilities, and those vulnerabilities have become the new chosen mechanisms for propagating worms of worms, Williams acknowledged.

“They left a note in a worm telling us that they would take more direct action in the future. Criminals are becoming more aggressive,” Williams said. Simply put, when one door closes, they find another.

With Windows becoming more secure, third party applications are being targeted with rising frequency, Williams noted. To combat that threat, Microsoft has delivered free security tools to developers, along with documentation on the steps that it takes internally to create secure software.

Thankfully, other major software companies including HP and IBM have bought security firms, and are making efforts to secure their software. A lot of the industry still lags, but steady progress is being made.

A security expert once told me that hackers were the highwaymen of our century. Highwaymen were thieves that preyed upon travelers during the Elizabethan era. They became obsolete when society created toll roads–closing off their route of escape–and increased police patrols. The crime was not worth the time.

Software is exceedingly more complex than road building, and modern operating systems are some of the most advanced things man has ever created. It’s not really possible to make software that is entirely secure. Even still, I have confidence that enough progress will be made to raise the risks and reduce the gains of cybercrime.

Subscribe to the Security Watch Newsletter

Comments