Malware Attacks: Just Show Me the Money

Thursday, August 19, 2010 @ 09:08 AM gHale


Contrary to conventional thought, most malware attacks against federal agencies are financially motivated, seeking to trick users into buying fake security software or providing personal information.
While most experts feel espionage and terrorism are often the primary motivations for breaking into government networks, which could not be further from the truth. Of the incidents of malware detected on federal computers, 90 percent was simply there to capture information to steal money from users, according to data collected from the U.S. Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security.
“This statistic represents the dominance of financially motivated malware within the threat picture,” said Marita Fowler, section chief of the surface analysis group at US-CERT.
US-CERT is responsible for the collection, coordination and dissemination of information regarding risks to government networks. Officials said 51 percent of malware found on federal computers in the first six months of 2010 was rogue ware, which masquerades as a security product that tricks computer users into disclosing credit card information to pay to remove nonexistent threats.
US-CERT identified 23 percent of incidents as crime ware, which relies on techniques such as phishing and key logging to steal personal data from computer users, including login information and passwords, and access to their online bank accounts.
The most prolific crime ware kit found on federal computers is Zeus, which thieves used to steal more than $1 million from bank customers in the United Kingdom.
US-CERT categorized 16 percent of malware incidents as Trojans that facilitate unauthorized access of the user’s computer system. A hacker could use that access for financial gain or to manipulate and steal information. US-CERT categorized 3 percent of incidents as spam, and another 3 percent of incidents as Web threats, which is a general term for any risk that uses the Internet to facilitate cybercrime.
Only 4 percent of incidents were computer worms, which self-replicate across computers, consuming bandwidth and affecting performance.



Leave a Reply

You must be logged in to post a comment.