The way botnets attack our computers is set to change in 2011, with the malicious programmes hiding within files.
Whilst botnets traditionally come in the form of downloads which sneak onto users' machines by exploiting vulnerabilities, Symantec has claimed next year will see them integrated into files passed over file sharing sites or social networks, making them harder to detect.
The company's MessageLabs Intelligence 2010 security report claimed there were between 3.5 and 5.4 million botnets creeping around the globe last year, with Rustock, Grum and Cutwail taking the top spots as the largest threats.
Rustock sent out more than 44 billion spam emails per day, more than double compared to last year, and controlled over one million machines. The figure of 95 per cent of spam emails coming from botnets was thanks to Rostock, the report claimed.
"With successful and resilient botnet operations established in prior years, the cyber criminals experimented with many tactics to keep spam campaigns active and fresh this year," said Paul Wood, MessageLabs Intelligence senior analyst.
"From leveraging newsworthy events like the FIFA World Cup to taking advantage of the widespread popularity of URL shortening services and social networks, the spammers deployed a variety of tricks to bypass spam filters and lure potential victims."
Businesses must be just as wary as consumers with the threats we face, claimed the company, as targeted attacks on companies of all sizes were becoming more prevalent.
"With the rise of targeted attacks comes variations in the execution and attack complexity," Wood said.
"Typically, between 200 and 300 organisations are targeted each month but the industry sector varies and high seniority job roles are most frequently targeted yet often by way of a general or assistant's mailbox."
"While five years ago large and well-known organisations were often targeted, today the scope of targeted organisations has expanded and now no organisation is safe from attack," he added.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
