And analysts say the growth of online organized crime will make it even
worse for 2005.
Analysts also say the security threats IT managers wrestled with in 2004
are morphing into bigger, more damaging, problems for the coming year.
This past year, IT workers have been under the gun more than ever,
fending off more aggressive malware, along with more sophisticated
hackers who are professionals in it for the money, rather than teenagers
looking to show off to their underground hacker friends. IT also has had
to deal with armies of ‘zombie’ machines spewing out millions of pieces
of spam and viruses.
And 2005 promises even more money-driven, professional and menacing
schemes, according to industry analysts.
”In 2005… what we think has been bad so far, could be a whole lot
worse,” says Richard Fleming, chief technology officer and co-founder of
Digital Defense, Inc., a security services firm based in Dallas.
2004: New Online Gangs
This past year proved to be a tough one for IT security administrators
with the birth of phishing and heightened spamming attacks. Driving much
of these fraudulent teams and their scheming was one simple factor: cash.
Many analysts agree that the most damaging theme in security for 2004 was
the deadly combination of social engineering, spam, phishing and viruses
with automated attacks.
Spammers teamed up with phishers this past year and together they created
convincing, sophisticated schemes to steal not only email addresses but
also identities, Social Security numbers and personal financial
information. To help them do this, virus writers and spammers built
armies of zombie machines. First virus authors infected thousands, if not
millions, of computers with viruses and Trojans that opened backdoors,
allowing remote control of the machines. Once they built up enough of
these zombie machines, they then could use them to send out millions of
pieces of spam and more viruses.
”This was a defining year for this combination of the two classes of
threats,” says Gerhard Eschelbeck, chief technology officer and vice
president of engineering at Qualys, Inc., a vulnerability management
services provider based in Redwood Shores, Calif. ”It makes for a very
potent kind of attack.”
In the past, the majority of spam hitting inboxes and clogging mail
servers contained advertisements for things like mortgages, Viagra and
porn. Now, these emails also are carrying viruses, which sometimes infect
computers without users even clicking on attachments. These viruses tend
to go unnoticed by a user, but track a their Internet use, keystrokes and
login passwords.
”Viruses and spam together can be an interesting problem,” says
Fleming. ”Not only are there now more emails with viruses attached, but
now hackers are able to exploit systems using malicious technology.”
When phishing schemes first hit the IT scene in 2003, the fake Web sites
were easier to detect, and the phishers relied mostly on the user to
click on a link or enter their personal information. Now, the game is
more sophisticated. The fake Web sites look authentic, making it easier
for a user to mistake it for a true site.
Another prevalent security theme of the past year was the rapid rate that
viruses and worms spread. Not only did malware work much faster, these
worms also infected new machines, such as mobile phones and Instant
Messenger software. These technologies hadn’t yet experienced much in the
line of virus attacks, and analysts worry that security managers are not
prepared for it.
”Mobility drives security exposure,” says Andre Yee, president and
chief executive officer of NFR Security, the Rockville, Md.-based
provider of intrusion prevention systems. ”Security managers are
scrambling to catch up with this threat.”
Analysts agree that the majority of these threats — whether to
handhelds, IM or ordinary desktops — are increasing in maliciousness.
And it’s largely because virus authors now are being egged on not just by
their hacker friends, but by money.
”The whole threat environment is changing,” says Timothy Keanini, chief
technology officer of nCircle, a San Francisco, Calif.-based
enterpriseclass vulnerability management firm. ”We are seeing more and
more organized threats. The code, tactics and frameworks look like some
of the best software designers’ work, but it’s actually the bad guys. It
is all more efficient and has much more reuse.”
The prospect of financial gain for hackers results in a scary situation
for users, says Steve Sundermeier, vice president of products and
services of Central Command, Inc., an anti-virus company based in Medina,
Ohio. Viruses and worms proliferate at greater speeds than ever before
and are much harder to detect.
”The dreaded result used to be a hard drive crash, but now people’s
livelihood is at stake,” Sundermeier says.
Continue on to see what analysts are predicting for next year’s top security threats…
2005: The Coming Threat
If it’s true that money is the root of all evil, 2005’s forecast is
devilish.
”Organized crime will definitely be a factor in 2005,” Sundermeier
says. ”If you know that you can turn a quick buck by gathering Gram and
Pa’s email address and information, why not continue on the same path?”
Analysts concur that phishers will continue to team up with spammers and
virus writers next year, and their work will mature even more.
”There will be an evolution in the content and in the way that a message
is sent so it evades filters and fools recipients,” says Andrew Lochart,
director of product marketing at Postini, an email security and
management solutions company out of Redwood City, Calif. ”This can be a
lucrative business. It is a temptation for certain people to keep on
trying.”
The coming year will not see the end of this type of organized crime.
”Over the next four or five years, organized crime is going to become
more rampant on the Internet,” Fleming says. ”It is already huge, and
virus writers will continue to be paid.”
With big cash prizes behind every virus, analysts warn that anti-virus
programs may reach their limits, and that the window between when a
system’s vulnerability is exposed and when a virus is implemented will
reduce dramatically. The zero-day exploit is coming into play.
Analysts warn all IT managers and users alike that the only way to combat
these money-driven threats in 2005 is with increased awareness and
proactive approaches.
What analysts are calling for is increased awareness and proactive
responses.
And part of this proactive response, analysts say, is a change in the
manner of prosecution for these crimes. There are great barriers to
related legislation and law enforcement, since the offenders are spread
from state to state, and around the globe.
”Courts are getting smarter in how to legislate Internet crimes,”
Fleming says. ”Because now it is a global problem so who’s law applies?
[The courts] are slowing trying to take into account the cultural, legal
and fundamental differences.”
The only way to effectively fight the threats of 2005 is to be aware and
aggressive, analysts say.
”You have to be expecting you will be attacked,” Fleming says. ”You
must learn to be Internet-wise.”
Ethics and Artificial Intelligence: Driving Greater Equality
FEATURE | By James Maguire,
December 16, 2020
AI vs. Machine Learning vs. Deep Learning
FEATURE | By Cynthia Harvey,
December 11, 2020
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2021
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
