Heather Goudey Computer Associates
While the lawless Wild West metaphor for the Internet has been used for some time, 2003 saw such disturbing growth in the number of malware and malicious content that was created with the specific aim of illegally producing profit at the user's expense, that this metaphor has never proved so illustrative.
The social engineering methods and tools used are becoming increasingly complex and sophisticated. These include an array of evil bots, backdoors, Trojans, worm/Trojan-hybrids, diallers, semantic attacks, spyware, so-called adware and 'pusherware', and a large cast of phishers, frauders, identity thieves, spoofers, spammers and cognitive hackers. However, what may be the most worrying about recent events is the increasing, although not conclusive, evidence indicating professional and organised development and distribution.
This paper researches the current exploding trend towards profit-driven, mercenary malware and how this change in the motivation of those producing malicious content is affecting the anti-virus industry and our users. It draws on field research to present supporting statistical evidence. The paper reflects on the evolution and rapid development of this type of content and similar devices used to perpetrate fraud and other forms of wide-scale computer crime, examining possible future scenarios for the Internet and anti-virus should this trend continue unabated, and gives some recommendations for dealing with these increasingly worrisome threats.
