Attacks on computer systems are down, but more skillfully planned, according to a report to be released today by IBM.
The year-end 2005 Global Business Security Index measures instances of security attacks in broad terms, ranging from reconnaissance work by hackers to identify security flaws to breaking into networks and stealing private information. IBM’s Global Services division, based in Boulder, developed the index.
IBM reports a shift in cybercrime from massive outbreaks to smaller, stealthier attacks targeted at specific organizations for extortion purposes.
“In 2005, we saw almost a complete dropoff with mass outbreaks,” said David Mackey, head of the team compiling the report. “What has sprung up is an underground economy for credit card information or extortion.”
Trends in 2006 are likely to include an increased use of “botnets,” a collection of hijacked computers, to undertake malicious online activity. Attacks on large corporations from insiders also pose greater risks.
Mackey said software that can attack cellphones and PDAs, specifically phones using Bluetooth technology, are at risk in 2006, as attackers develop more sophisticated software.
Other findings for 2005 include:
One in every 36 e-mails in 2005 contained a virus or Trojan horse (which attacks other computers). That figure is down from 2004, when one in every 16 e-mails contained malicious software.
Phishing threats are on the rise, with one in every 304 e-mails being a hoax, compared to one in every 943 in 2004.
Staff writer Kimberly S. Johnson can be reached at 303-820-1088 or kjohnson@denverpost.com.
