Cybercriminals move into data harvesting and hitting popular websites

News by Dan Raywood

Levels of data harvesting are rising as the global economic climate continues in a downturn.

Levels of data harvesting are rising as the global economic climate continues in a downturn.


According to ScanSafe's Annual Global Threat Report, there has been a 582 per cent growth in malware between like quarters in 2007 and 2008, and a 300 per cent volume ratio increase from January 2008 through to December 2008. Exploits and iframes were up 1,731 per cent in 2008, while data-theft Trojans increased 1,559 per cent.


It also found that the web is now a massive front for data harvesting, with cybercriminals now focusing on the ongoing targeting and harvesting of sensitive data. ScanSafe claimed that as most of the malware delivered through the web provides remote customisation and configurability, attackers are able to target specific data and to remotely manage how that data is obtained.


Mary Landesman, senior security researcher at ScanSafe, said: “Today's malware is all about stealing and harvesting data. Online crime has become a lucrative business and both commercial and personal data fetch a significant sum on black markets.


“You can conjecture all day long about the pitfalls of where the data goes, it can be used for military or hostile purposes, it really is unlimited. All I can say is that we look at the web traffic to see where it is happening.”


ScanSafe reported that in April 2008 it counted an excess of 780,000 malicious web pages from only five vertical interest sectors as a result of a single SQL injection attack. As a result of the continuing mass compromise of legitimate websites observed throughout 2008, the standard ‘safe surfing' advice of avoiding unknown or non-trusted websites no longer applies.


Landesman said: “Today, it is the trusted sites that should be viewed as posing the greatest risk to web surfers. People should focus on what sites were compromised, anything can be hit and 2008 showed that clearly and constantly.


“All types of exploits and vulnerabilities have been exploited, but it has never been to this degree before because the attackers did not have the tools until the end of 2007, then they had automated tools. As they became cheaper and allowed more compromises of websites the attackers have industrialised the process. In the past they had to find a site, find vulnerability and manually compromise it.


“There is a high correlation of increased online crime with the decline in the global economy.  It could be that the increasing levels of job loss and uncertainty are fuelling the surge in criminal activity. It is also likely that cybercrime is proving to be a viable business opportunity in a climate where legitimate opportunities are becoming increasingly more limited.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews