Symantec: Profit-Driven Cyber-Crime Won't Stop
Modernizing Authentication — What It Takes to Transform Secure Access
Enterprise security systems will continue to be challenged by increasingly sophisticated threats launched by criminals seeking to steal sensitive information and material assets, according to top researchers at Symantec.
While less-organized hackers and spammers will hammer away at network defenses with large volumes of simplistic threats, the emerging generation of professional cybercriminals armed with cutting-edge malware code will only grow stronger and more evasive, said Vincent Weafer, senior director of development of Symantec's Security Response research division, in Cupertino, Calif.
Those criminals will increasingly blend multiple forms of threats to evade security programs and make their work harder to detect, mixing up cocktails of polymorphic viruses, rootkits, and zero-day exploits delivered via image spam and powered by far-ranging bot networks, the researcher said. Weafer contends that even as companies adjust their security systems to ward off such attacks, cyberthieves will react quickly and tailor their work to target specific organizations and users.
The evolution of malware threats into hybrid attacks will dominate the high-end of the hacker community in years to come, he said, as evidenced by the 23 percent increase in malware-laden image spam e-mails that Symantec has tracked over the last six months. Programs such as the Rustock Trojan horse virus, designed specifically to evade advanced heuristic security systems, will become the norm among the most talented attackers, Weafer contends.
Some of the best evidence of this trend can be found in today's rapidly morphing botnets, which are becoming significantly more difficult to shut down. Whereas the behavior of traditional bot systems could be detected relatively easily by security systems, and researchers could work with ISPs to find and shut down Web sites hosting the attacks, criminals have already taken their work to the next level, using legitimate sites that have been hacked to further cloak their efforts.