02 January, 2005

Everyone sought gold in security in 2004 -ZdNet
The average Internet attacker evolved from an online troublemaker to a calculating vandal, intent on profiting from compromising legions of PCs.
Security companies merged to better compete, and Microsoft derailed its Longhorn plans to push out a massive security update for its popular Windows desktop operating system. Meanwhile, industry and the government formed working groups to decide how to improve the security of the Internet and software without ringing up a large bill for companies and consumers.

The year also highlighted that the largest flaw in PC security remains the uneducated user. Phishing attacks, for example, jumped by 25 percent per month. A phishing scam typically uses mass e-mails to lure unwitting victims to fake Web sites, where they're asked to input information such as credit card numbers. While analysts debated the actual financial costs of the attacks to consumers, well-known businesses suffered from increased support costs and lost consumer confidence.

An attack that has become much more common uses links to attract people to malicious Web sites, which then attempt to compromise the victim's computer through one of the several flaws found in browser software this year. One attack used a compromised advertising service to send malicious banner ads to commercial Web sites, which caused some visitors to those sites (among them, news site The Register) to become infected.

No comments: