Increased attack on home users

VANCOUVER (CP) - In the cyber underworld's never-ending quest for weak spots, home computers are coming under increased attack as businesses tighten their defences, according to the latest Symantec Internet security threat report.

"What really surprises is the way that attackers are moving," says Dean Turner, Calgary-based editor of the twice-yearly threat report. "They're moving in a totally new direction." In the past, he says, hackers focused mainly on vulnerabilities in computer networks and their components. But the advent of sophisticated firewalls and warning systems have made them harder targets.

"They're now starting to target home users quite heavily primarily because home users are the weakest link in the security chain," says Turner.

Symantec, which markets the widely used Norton suite of security products, tracks established and emerging threats through a global network of researchers, customers' computers and so-called honey pots - monitored computers set up to secretly capture malicious code.

The news in Symantec's 10th report, released Monday, isn't heartening.

The usual suspects are all there: Trojan-horse e-mails containing dangerous little viruses, dubious spam come-ons and phishing messages that purport to be from banks or credit-card companies and intrusive adware.

All have the potential to steal confidential personal and financial data from the vulnerable computer or turn it into a zombie unit drafted into vast "bot-nets" used to launch massive spam and denial-of-service assaults on the Internet.

Add to that the increasing presence of threats that can be triggered simply by clinking on a legitimate-looking web page, says Turner.

"This is really the wave of the future for these guys," he says.

In the past, hackers were satisfied with trying to compromise a computer's operating system but Turner says there's a real push towards targeting Web 2.0 technologies, the elements that make web pages interactive.

These are web applications that connect to web services such as MySpace.com and individual home users, perhaps through file sharing applications, using a web browser.

"That is the single largest point of exposure on a system, not only for a home user but for enterprise (business) users as well."

Web-application vulnerabilities made up 69 per cent of all vulnerabilities in the first half of this year, the report found.

Viewing a seemingly innocent web page opens a portal into the computer and a wrong mouse click - on a photo, say - can download malicious code.

"You may not even have to click on the photo," says Turner. "It may just be a question of viewing that particular image."

When it comes to protection, Turner recommends the usual precautions - up to date anti-virus and anti-spyware and spam filtering, along with a sturdy firewall.

Norton is developing software that will detect fraudulent URLs (web addresses) but Turner admits web vulnerabilities remain hard to counter.

"That's part of the problem," he says. "It comes down to home users being very, very careful about the sites that they visit."

The threat report also highlights the continued vulnerability of popular web browsers.

Microsoft's dominant Explorer remains the most targeted browser, with 47 per cent of attacks, but Mozilla and even Apple's Safari web browser haven't escaped hackers' evil attentions.

Mozilla and Mozilla Firefox had the most vulnerabilities in the last six-month period but Turner says Explorer has the largest window of exposure - the time between the announcement of a vulnerability and the appearance of a patch to close the loophole.

For Explorer, the window stays open an average nine days, compared with just one day for Mozilla.

Ominously, Turner says researchers are charting an increase in so-called zero-day threats - previously unknown malicious codes that come to attention only after systems are compromised.

Microsoft is promising its new Vista operating system will feature enhanced security. Turner says research points to problems in the "beta" version but stresses its robustness won't be known until the finished product launches early next year.

Still, he says, history shows the arrival of a new operating system generally signals a fresh wave of attacks as hackers test its defences.

Other concerns highlighted in the report include the growth of spam, the annoying pitches for drugs, penis enlargement and penny stocks that clog the world's e-mail inboxes.

Spam can be more than a nuisance when it also contains malicious code that downloads if the e-mail is opened.

Turner is also worried about the growing use of instant-messaging as a conduit for malicious code, often with hackers spoofing a legitimate IM user's identity.

"That's a problem because with instant messaging everybody on your instant-messaging buddy list is somebody you trust," says Turner.

In both cases, the onus is on the user to beware, he says.

Spam grows because people open those messages.

"It's working because people are clicking on it," says Turner. "They (spammers) want high click-through rates on these sorts of things."

Likewise, instant-message users must not automatically trust items sent by someone on their buddy list, especially messages that ask them to click on an unknown web address.