Data Theft Attacks Still Driving Underground

By Matthew Hines  |  Posted 2009-06-30 Print this article Print

It's all about the information baby.

The central theme in the world of cyber-crime has been data theft for years, and despite the evolution of more complex models including cyber-espionage and cyber-terrorism, malware attacks of all kinds remain focused on stealing electronic information, regardless of what endgame they're pursuing, according to a new research report.

In the first iteration of their new Focus Report trends analysis, researchers with Trend Micro highlight the fact that data theft remains squarely at the center of the continued cyber-crime onslaught. The report specifically points to the continued evolution of info-thieving malware programs as evidence that data will continue to stand as the primary target of attackers in the coming months and years.

The experts contend in fact that things are likely only going to get worse based on the rapid evolution of malware threats and delivery models.

Among the many data thieving programs out there, Trojans continue to lead the way. Trend charts the obfuscated attacks as the fastest growing segment of info-stealing campaigns worldwide, reporting that 93 percent of data-oriented threats were Trojans during Q1 2009, up from 87 percent throughout all of 2008. To lend some further perspective to those numbers, Trojans accounted for only 52 percent of data-thieving attacks in calendar 2007.

Another growing theme across the cyber-crime landscape is the increasing globalization and political bent of many malware campaigns, Trend reports. With breaches in government networks finally being outed in the public eye, it's clear that the term cyber-terrorism has moved beyond the hype cycle in which it existed for so long and into the real world, and how.

From a doubling of malware-driven events reported in U.S. government environments to politically motivated DoSing as seen in Estonia in 2007, cyber-crime is being utilized by different international factions now more than ever, the company said.

"Virtually anyone with a computer and Internet access can wreak havoc. In the U.S., hacker attacks have been documented on county or state government sites," said Trend Advanced Threat Researcher Paul Ferguson. "Smaller organizations have a limited IT budget and few IT staff so they hire a third party to build a web site. Over time, the site fails to be maintained or upgraded, exposing vulnerabilities that hacktivists then leverage to express political views."

Cyber espionage also continues to become more popular. Trend charts the related losses among business tied to data theft malware in the multiple billions worldwide, with trade secrets and other information that helps rivals gain a market advantage over each other at the middle of the activity.

At the same time, even the Trend experts admit that it's hard to even measure the entire scope of the problem, based on its distributed nature, driven by Internet infrastructure.

"Cybercriminals are using malware for financial gain and for geopolitical purposes," said Ferguson. "We have even seen data-stealing malware attacks against U.S. defense contractors - believed to be Chinese - launched to steal confidential trade secrets.

However, it's hard to connect the dots back to the people really pulling the strings because of the anonymous nature of the Internet."

For people like writers and reporters, even bloggers, it's nice to see that information is finally getting its due as the most valuable commodity on the planet, as it's rare that we've historically been valued over people who make widgets or carry guns or whatever.

Unfortunately it hasn't led to us getting paid more or something, though if we were, the computers we hammer away on would definitely be used even more frequently to steal the ideas and cash that we've got.

C'est la vie, no?

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel