Rise in Cyber Crime, Cyber Terrorism and Cyber Espionage Tied Heavily to Data-Stealing...

Rise in Cyber Crime, Cyber Terrorism and Cyber Espionage Tied Heavily to
Data-Stealing Malware

In its first Focus Report, Trend Micro examines the growth of data-stealing
malware, its characteristics and its roots in the underground cyber crime
economy.

CUPERTINO, Calif., June 29 /PRNewswire/ -- While the term "data-stealing
malware" is a relatively new one, its sole purpose for existence is a familiar
story: To steal proprietary information such as online banking credentials,
credit card numbers, social security numbers, passwords, and more from
compromised networks and PCs in order to fuel an underground cyber crime
economy driven by profit-seeking criminal networks that cross geopolitical
boundaries.

Trojans: The Rising Star in Data-Stealing
Trojans are the fastest growing category of data-stealing malware, according
to data from TrendLabs(SM), Trend Micro's global network of research, service,
and support centers committed to constant threat surveillance and attack
prevention. Trojan attacks pose a serious threat to computer security. True to
their name, they typically arrive disguised as something benign such as a
screen saver, game, or joke. Based on TrendLabs research:

    --  In 2007, 52 percent of data-stealing malware were Trojans; in 2008,
that
        number increased to 87 percent; as of Q1 2009, 93 percent of
        data-stealing malware were Trojans.


    --  Trojans and Trojan spyware are the predominant type of data-stealing
        malware in all regions monitored by TrendLabs, including Australia,
        Asia, Africa, South America, North America and Europe.




"As a threat category, data-stealing malware is experiencing tremendous growth
because it serves the needs of financially motivated criminals who leverage
the Internet for what it does best - provides valuable information," said Jamz
Yaneza, threat research manager for Trend Micro.

The Politics of Transnational Cyber Crime
Politics and cyber crime have finally intersected in news headlines;
understandably so: In the U.S. alone, the number of known breaches of
government computers with malware more than doubled between 2006 and 2008,
according to the Department of Homeland Security.(i)

And, says Trend Micro advanced threat researcher Paul Ferguson, it is even
possible that cyber terrorists may have already planted malware within the
U.S. electrical grid that would allow them to remotely disrupt service.

Cyber crime has gained significant international mobility. In 2007, Estonian
computer networks were crippled when serious distributed denial of service
(DDoS) attacks against government and civilian sites were reputedly linked
back to Russian operatives. At the time, Russia and Estonia were involved in a
dispute over the Estonians' removal of a Soviet war memorial. The French
Embassy's web site in Beijing was inaccessible for several days after a
full-scale cyber attack following President Nicolas Sarkozy's meeting with
Tibetan spiritual leader, the Dalai Lama. Experts now widely believe instead
that a Chinese hacking group staged the attack for nationalistic purposes.

"Virtually anyone with a computer and Internet access can wreak havoc. In the
U.S., hacker attacks have been documented on county or state government
sites," said Ferguson. "Smaller organizations have a limited IT budget and few
IT staff so they hire a third party to build a web site. Over time, the site
fails to be maintained or upgraded, exposing vulnerabilities that hacktivists
then leverage to express political views."

Cyber espionage is also grabbing headlines. Every year, corporations suffer
billions of dollars in intellectual property losses when trade secrets are
illegally copied and sold to competitors on the black market for profit, or
used for extortion. Business networks all over the world provide the perfect
medium for cybercriminals capable of breaching their defenses.

"Cybercriminals are using malware for financial gain and for geopolitical
purposes," said Ferguson. "We have even seen data-stealing malware attacks
against U.S. defense contractors - believed to be Chinese - launched to steal
confidential trade secrets. However, it's hard to connect the dots back to the
people really pulling the strings because of the anonymous nature of the
Internet."

Traditional Security is no Longer a Match for Cyber Criminals
For years, security protections have been focused on protecting the endpoints
- where most people access data. In today's multi-threat environment, a new
strategy is needed. The Trend Micro(TM) Smart Protection Network enables a
multilayered threat prevention approach that is built upon the concept of
proactively blocking data-stealing malware in the Internet cloud before they
can infiltrate a network.

A correlated approach is used to address the tendency for cybercriminals today
to launch multi-pronged, combined attacks composed of a number of different
Web threats. Using correlation technology and behavioral analysis, the Smart
Protection Network correlates combinations of threat activities to evaluate
their potential for danger. It analyzes email, embedded links, file
attachments, and hosted web files to identify new IPs, domains, URLs, and
files that can be instantly added to reputation databases to quickly block new
threats.

By examining the relationships between and across different components, the
Smart Protection Network provides a realistic view of potential threats to
deliver a holistic, comprehensive view of the threat landscape.

Data Protection Pack for "Insider" Threats
A company's greatest asset - their employees - can also be their greatest
security liability, especially by those who have access to data within a
corporate network. Trend Micro offers solutions not just for external threats,
but internal threats as well. The Data Protection Pack bundles together Trend
Micro(TM) LeakProof Standard, Trend Micro(TM) Email Encryption Gateway and
Trend Micro(TM) Message Archiver. The Data Protection Pack secures email and
prevents the loss of sensitive data in use, in motion and at rest; it is
available for Trend Micro(TM) NeatSuite Advanced and Client Server Messaging
customers.

For more information on the Trend Micro Smart Protection Network and the
product and solutions it powers, visit: http://www.smartprotectionnetwork.com

To read the full Data-Stealing Malware Focus Report, visit:
http://us.trendmicro.com/imperia/md/content/us/pdf/threats/securitylibrary/data_stealing_malware_focus_report_-_june_2009.pdf

Trend Micro continues to invest heavily in threat research and analysis. For a
complete library of past threat reports, visit:
http://us.trendmicro.com/us/threats/enterprise/security-library/white-paper-listing/index.html

About Trend Micro:
Trend Micro Incorporated, a global leader in Internet content security,
focuses on securing the exchange of digital information for businesses and
consumers. A pioneer and industry vanguard, Trend Micro is advancing
integrated threat management technology to protect operational continuity,
personal information, and property from malware, spam, data leaks and the
newest Web threats. Visit TrendWatch at www.trendmicro.com/go/trendwatch to
learn more about the latest threats. Trend Micro's flexible solutions,
available in multiple form factors, are supported 24/7 by threat intelligence
experts around the globe. Many of these solutions are powered by the Trend
Micro Smart Protection Network, a next generation cloud-client content
security infrastructure designed to protect customers from Web threats. A
transnational company, with headquarters in Tokyo, Trend Micro's trusted
security solutions are sold through its business partners worldwide. Please
visit www.trendmicro.com.

(i) Paul Haven, "Cyber-Spy vs. Cyber-Spy," TechNewsWorld.com, April 12, 2009,
http://www.technewsworld.com/story/viruses-malware/66782.html?wlc=1241718857



SOURCE  Trend Micro

Andrea Mueller, Senior Public Relations Specialist of Trend Micro,
+1-408-218-4754, andrea_mueller@trendmicro.com