On June 16, the British government released a report titled "Targeted Trojan Email Attacks" that warned of directed attacks against government offices and businesses in the United Kingdom. According to the report, the attacks might infiltrate specific targets with spyware meant for "covert gathering and transmitting of commercially or economically valuable information" such as usernames, passwords, and sensitive documents.
American companies are at risk from this type of spyware as well. "It happens all the time," Symantec's Huger says. Unscrupulous companies seek a business advantage, and crooked individuals look for information they can sell.
If there's money to be made, malware-based spying will continue, Huger says. "It's very simple--it's the unfortunate truth."
Files Held for Ransom
Money was definitely at the heart of a novel new attack that infected victims' computers with a virus that searched for and then encrypted various text files. Once the encryption was complete, the virus deleted itself and left a ransom note, demanding that $200 be sent to an account with E-Gold, a Paypal-like Internet currency service whose payments are backed by gold deposits.
Dan Hubbard, senior director of security and technology research at Websense, investigated this attack after one of his company's clients was targeted. Hubbard says that only one business reported being hit; and Joe Stewart, an Internet security analyst he knows at LURHQ, a provider of managed security services, wrote a program to decrypt the relatively simple encryption used.
But "coming up with a better encryption scheme is a very simple thing to do," Hubbard says. So another, nastier attack could be on the way.
Considering how much money is at stake to motivate criminals, expert after expert expects botnets and other malware attacks to continue to expand.
"This whole cybercrime wave is growing in numbers and sophistication," Hubbard says. "We're seeing technology evolve in ways we never have [before]."
Tomorrow: Internet Gangs Go Global