January 1, 2007
In 2006, the new year started with a bang. Microsoft was busy releasing an out-of-band patch for the WMF vulnerability (MS06-001), the Sober.X worm was gearing up to begin downloading new malware, and the Nyxem worm with its insidious payload began spreading in email using a variety of provocative subject lines that earned it the nickname 'the Kama Sutra worm'.
A new breed of threat
After January's flurry of traditional malware activity subsided, the remainder of the year heralded in a whole new era of sneak attacks: targeted, stealth malware protected by rootkits and designed to give a completely different meaning to the word 'payload'. Because these attacks weren't targeted at disrupting computing, they weren't the widespread menaces of yesteryear. Instead, these modern-day attacks were quietly targeting the users themselves, exploiting zero-day vulnerabilities and unpatched systems to gain a foothold on unprotected computers. Once seated on the system, these trojans begin monitoring keystrokes and capturing screenshots to obtain as much information on the person as possible - then using that information for everything from credit card fraud to outright identity theft.
Millions of these victims' computers were added to botnets - networks of compromised systems under the secret control of criminals. A 2006 McAfee study into the problem of botnets presented evidence that as many as 12 million users were affected - that's a botnet population bigger than the population of Greece. In turn, these systems are used for a wide range of nefarious purposes - infecting others, sending spam, hosting illicit files, and serving as adware and spyware hosts.
A fool and his money...
Counterbalancing targeted attacks and botnets was a constant deluge of electronic scams. Heaped in with the already ubiquitous phishing, Nigerian 419, and lottery scams, 2006 witnessed a marked increase in pump and dump stock scams, money laundering job scams, and the ever popular foreign dating scam. Unlike traditional threats that monitor the computer and steal credit card numbers and identity details, these scams rely on the victim to willingly part with their hard-earned dollars. And judging by the increase in these types of scams, it seems many victims were unfortunately readily complying throughout 2006.
No one is immune
The year 2006 also dispelled the myth that Macs were somehow impervious to malware and exploit. In "The Mac OS X Threat Landscape: An Overview", Symantec's DeepSight report notes that "Apple has released over 100 security-related updates since the initial release of OS X. These security updates range from addressing a single vulnerability to more than 25 separate vulnerabilities." The authors also observe, "Exploiting these vulnerabilities on OS X is not notably more or less difficult than doing so on most other platforms." The Symantec threat management report provides an overview of some of the more significant vulnerabilities, zero day exploits, rootkits, and Mac-specific malware.
Those who switched to Firefox for better protection were also in for a rude awakening. In 2006, Mozilla patched 70 security vulnerabilities in the Firefox browser, 39 of which were rated critical severity, 11 high severity, 13 of moderate severity, and 7 rated low severity.
Of course, Internet Explorer users weren't off the hook either. In 2006, Microsoft released 78 security bulletins (which can contain multiple patches). Of these, 37 individual patches for Internet Explorer vulnerabilities were included, all of which were rated critical.
Actively engaging
In short, 2006 was a year that underscored the grave importance of users becoming actively engaged in their own security. While passive security measures such as antivirus software and spyware scanners are even more of a necessity today, these alone will not keep you safe online. Bolster the scanners by patching your system regularly (regardless of the operating system or browser you use), following basic computer security steps, and adding a healthy dose of skepticism to every email you read or unfamiliar website you visit.
Suggested Reading:
