By John P. Mello Jr. E-Commerce Times
11/11/05 5:00 AM PT
Online misbehavior morphed this year from less mischief to more crime. Pandemics, where a malware hacker tries to infect as many machines as possible with malevolent code, plummeted to five in 2005, compared to 32 in 2004. Although there are fewer pandemics, the actual number of viruses, worms and trojans released into the wild increased, year over year, 143 percent.
Less than half the consumers using the Internet feel safe shopping online, according to a survey expected to be released today by Symantec (Nasdaq: SYMC), a maker of anti-virus and security software.
The survey, based on a sample of 2,400 consumers, revealed that some 60 percent of those respondents felt less than safe shopping online.
"Only six percent of the people said they thought they were very safe and another 35 percent thought it was safe," Symantec Security Response Senior Director Vincent Weafer [cq] told the E-Commerce Times. "So in general you're finding a combination of people who are using online activities but they're also wary of some of the threats and risks out there."
Missing Message
Although 98 percent of respondents disclosed that they were doing "something" to protect their privacy online, only 63 percent check a shopping site's security policy and 49 percent set their browser's security settings to block cookies and other kinds of tracking software.
"The message is still not quite out there," Weafer said. "While people are getting generally concerned, they're not quite sure what actionable items they can do when they are at risk."
It's easy to understand why consumer concern is increasing in light of some other findings in the survey:
83 percent of respondents said they'd received e-mail from strangers;
82 percent revealed they'd received solicitations from companies they'd never done business with;
52 percent had received a fraudulent e-mail from someone asking they to buy something;
51 percent had been contacted through e-mail by someone pretending to be a real institution and requesting personal information; and
50 percent had been infected with a computer virus.
Fewer Pandemics
Those findings support the opinions of the security community that online misbehavior morphed this year from less mischief to more crime.
Pandemics, where a malware hacker tries to infect as many machines as possible with malevolent code, plummeted to five in 2005, compared to 32 in 2004, according to Weafer.
Although there are fewer pandemics, he noted, the actual number of viruses, worms and trojans released into the wild increased, year over year, 143 percent.
More Insidious Approaches
He maintained that an increasing amount of that malware is being aimed at pilfering personal information -- key loggers, password savers and remote access trojans.
"We've gone from half of all malicious code to 74 percent being all about stealing personal information and exporting it from your machine," he said.
Graham Cluley, senior technology consultant for Sophos in Aingdon, UK, noted his company's labs have noticed a marked departure from past paths for malware writers.
"They're no longer writing e-mail worms, they're writing trojan horses," he observed. "We're seeing a real shift away from really loud viruses to more insidious types of infection."
Hacking for Dollars
Sam Curry, Product Management Vice President for Etrust Security Managment in Islandia, N.Y., characterized 2005 as "the year of hacking for dollars."
"These aren't 14-year-old kids hacking in the basement writing viruses," he told the E-Commerce Times. "They're now doing this for a job. There's real money involved in this and venture capital and business plans and a whole lot more.
"There are companies now manufacturing this bad-behaving software," he declared. "That's the story this year about the state of security."
Bad Boy Sony
A prime example of that cited by Curry is the Sony (NYSE: SNE) Corporation which has incorporated a rootkit -- a particularly insidious form of malware -- into some music CDs it recently released.
"It's a amazing that Sony claims that there's nothing wrong with what they're doing," he said.
"But I don't think that Sony is going to be an exception," he continued. "I think a lot of companies will follow the same model.
"What we're going to see," he said, "either things will take a turn for the better and companies like Sony will be stopped from doing this or they'll take a turn for the worse and other companies will start doing it, too. Then you'll have seven, eight, nine, 10 rootkits fighting over your computer."
Sony Stirs Controversy With Hidden DRM Software November 10, 2005
"There simply isn't a compelling business or technology case for CD copy protection. It doesn't prevent music getting on P2P networks. It only takes one copy to get on the networks for it to have potentially global reach, and that only requires one CD burn and rip," said Mark Mulligan, senior analyst with Jupiter Media.
Related Stories
StillSecure CTO Outlines Biggest Network Security Vulnerabilities November 08, 2005
TechNewsWorld recently caught up with StillSecure CTO Mitchell Ashley to discuss security trends of note, why some points of the network are especially vulnerable, and how companies can protect their networks from the enemy.
Online Retailers Expecting Double-Digit Increase November 03, 2005
"There has always been a significant portion of people who won't shop online because they're afraid to put personal information into a retail order form," Kurt Peters, editor of Internet Retailer explained. "But the desire for convenience -- the ease of shopping online -- is stronger than the concerns on the part of some consumers."
Report: VoIP Sets Stage for Security Appliance Surge September 08, 2005
Irwin Lazar, senior analyst at The Burton Group, told TechNewsWorld that he has not witnessed market conditions that resemble what In-Stat is describing. In-Stat's report that 75 percent of companies that have implemented VoIP plan to replace their security appliances within the next year is optimistic, he said.
Advice From a Black Belt Online Shopper August 15, 2005
The fact that major retailers are struggling with handling user load without degradations in the user's experience during a relatively low volume period makes me worry about them during the upcoming holiday experience. Retail sites need to constantly measure and test for capacity.
Related News Alerts
More by John P. Mello Jr.
McAfee Gives Enterprise Macs a Bodyguard November 02, 2009
When it comes to Mac use in an enterprise environment, running third-party security software isn't just a matter of using an abundance of caution. It may also be a matter of complying with governance mandates and regulations. McAfee's new Endpoint Protection for the Mac targets enterprise systems handling large amounts of sensitive data.
Adobe Elements Buffs Up for Mac October 26, 2009
For the almost-but-not-quite pro photog, Adobe Photoshop Elements offers a collection of tools that go beyond most free offerings but don't dish out the wallet-busting feature overload of full Photoshop. In the past, some Mac users have been annoyed with Adobe for having versions of Elements ready for Windows months before they were out on Mac. With version 8, both platforms get their chance at the same time.
GoToMyPC Gets Ready to Go to Your Mac October 19, 2009
GoToMyPC has been a popular remote access product in Citrix's portfolio, and previous versions have allowed any Net-connected computer to remotely control a PC. A new version, soon to come out of beta and into full release, can access Macs as well. With the growth of both telecommuting and Macs in the enterprise, Citrix felt the time was right.
Headline Feeds
Talkback: 
