McAfee: Cyber-crime will continue to pay

The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks.

According to McAfee's semi-annual Sage journal, a roundup of the company's ongoing security research, everything from spam to spyware will become more dangerous over the course of 2007 as hackers look for new ways to exploit end users' machines in their quest for fast cash.

As was the case in 2006, the drive for profits among hackers and malware code writers will dominate development of the threat landscape over the next 12 months, McAfee experts said.

Gangs of thieves around the globe are connecting online in greater volumes than ever before, helping their attacks to arrive on enterprise doorsteps faster and in greater volumes -- and with increasing sophistication.

"The overall trend remains more attacks geared toward making money that make use of malware or support people making malware," said Dave Marcus, security research manager with Avert Labs. "What is surprising is the service and support that's going on around the malware industry; there are more sites selling custom Trojans with support contracts and attacks coded to target banks of the buyer's choice and more malware suppliers offering patches and variants to their users."

Marcus said it is impossible to tell if there are a number of tightly-organized hacker groups worldwide as only a few intentionally identify their own work by leaving clues or outright signatures bearing their names. What is more likely, said the researcher, is that loosely-knit groups of malware writers and fraudsters are forming on underground messaging systems and then disbanding after carrying out waves of attacks.

"It's still a very distributed network, most of these people never meet face-to-face, they use secret chat rooms and bulletin boards and other very distributed systems of communication that make it difficult to say how many people are involved and even harder to take them out," Marcus said. "In a lot of ways, the criminals are doing a better job of communicating than the security industry itself; we tend to operate in our own groups, whereas these people are sharing code and algorithms and doing so on an increasingly frequent basis."

Among the specific trends outlined in the report are expectations for the continued growth of botnets with the cooperation among hackers adding to the problem via group efforts to develop and refine threat code in the same manner that open-source contributors work in a community. The vast majority of botnets will continue to target flaws in Microsoft products and propagate themselves through buffer overflows, according to the report.

McAfee expects that 2007 will also be the year when attackers truly begin aiming their work at smart phones, the more PC-like handheld devices finding their way into the hands of an increasing number of enterprise users.

Among the mobile device threats that the security company expects to arrive first are phishing attacks, spyware, and other programs aimed at stealing data for the purpose of committing identity fraud. Mobile spam also has the potential to "explode" as authors of Trojan attacks begin to target smart phones, McAfee said.