As federal officials warn that this economic recession raises the likelihood of cyber-crime, computer security experts are trying to quell fears that the so-called “Conficker” worm is poised for a massive April Fools’ Day attack tomorrow.
According to this story by Jennifer LeClaire of NewsFactor.com – part of the Calabassas, California-based NewsFactor Network – experts say that an April 1 “event” is unlikely.
Vincent Weafer, vice president of Symantec (News - Alert) Security Response, told the reporter that the cyber-criminals behind Conficker, or “Downadup,” as it’s known, probably didn’t mean for their malware to get as much attention as it has.
“Most malware these days is designed to be used for some type of criminal monetary gain, and conducting such criminal acts typically requires stealth measures to be successful,” Weafer reportedly said. “As such, this makes the odds that a major event will take place on April 1 even less likely, since there is so much attention being paid to that day.”
Conficker surfaced in October 2008 and it targets the Microsoft (News - Alert) Windows operating system – not Macs. The worm, which exploits vulnerabilities in the Windows Server, has been difficult for network operators and law enforcement to counter because it uses several advanced malware techniques.
Microsoft patched the Conficker-leveraged vulnerability, but the worm’s newest variant shuts down security services, blocks connections to security Web sites, downloads a Trojan, and connects to other infected computers through peer-to-peer technology.
The problem has become so annoying that even the U.S. Department of Homeland Security released a Conficker detection tool for government agencies and state and local governments to counter the worm.
Experts say that now, with a slower economy that’s spurred record unemployment rates, is a particularly vulnerable time for computer security.
We reported earlier this month that at least one expert - Ron Meyran, product marketing manager of security for integrated application solutions provider Radware Ltd. – believes that when people get laid off, the risk to businesses increases.
“There are more attackers while business profitability becomes critical,” Meyran told us. “The main trends in this recession I believe will be an increase of fraud and information theft attempts. As more people get laid off, they will have more time to spend on the Internet and will believe that they can get things for free – a fertile ground for scams and identity theft.”
This week, federal officials are supporting what Meyran said.
According to Reuters (News - Alert), the so-called “Internet Crime Complaint Center,” or “IC3” – a joint agency of the Federal Bureau of Investigation and the National White Collar Crime Center – finds in a new report that Web fraud reported to U.S. authorities increased by 33 percent last year.
The trend marks the first rise in three years, and is surging this year as the recession deepens, Reuters reports.
“Online scams originating from across the globe – mostly from the United States, Canada, Britain, Nigeria and China – are gathering steam this year with a nearly 50 percent increase in complaints reported to U.S. authorities in March alone,” the news service reports.
One official behind the report, John Kane, reportedly told journalists: “2009 is shaping up to be a very busy year in terms of cyber-crime.”
Specifically, of 275,284 complaints received in 2008 by IC3, about 72,940 were referred to U.S. law enforcement agencies for prosecution.
“It is our belief that these numbers, both the complaints filed and the dollars, represent just a small tip of the iceberg,” Kane, managing director of the National White Collar Crime Center in Richmond, Virginia, reportedly told the press.
Many of the areas of cyber-crime cover everyday Internet uses.
“Fraudulent sales on online auction sites like eBay (News - Alert) Inc and classified sites like craigslist.com contributed to a 32 percent rise in the hottest area of online fraud – non-delivery of promised merchandise,” Reuters said, citing the report.
According to Leclaire’s summary from Symantec, the most recent variant of Conficker – W32.Downadup.C – likely will use a new algorithm to determine what domains to contact. While it’s possible that infected with W32.Downadup.C will be updated with a newer version of the malware on April 1 by contacting domains on the new domain list, these systems could be updated on any date before or after April 1.
“Third, Symantec said, the public should not be alarmed,” Leclaire reports. “However, as always, computer users should exercise caution and implement security best practices into their daily computing routines.”
Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users.
Michael Dinan is a contributing editor for TMCnet, covering news in the IP communications, call center and customer relationship management industries. To read more of Michael's articles, please visit his columnist page.
Edited by Michael Dinan