The new breed of cybercriminals who develop sophisticated targeted attacks against specific businesses will continue to be a serious threat in 2006, MessageLabs warned this week.
In its 2005 Global Security Report, MessageLabs reported that it saw a significant increase in the number of targeted attacks on both organisations of all types in the last year.
These included attacks where Trojan horse programs were sent to a certain company's employees with the aim of using spyware to steal information. This danger was highlighted in March of this year, when an alleged attempt to use spyware to steal £220m from Japanese bank Sumitomo Mitsui was thwarted.
MessageLabs said it is currently intercepting several targeted email attacks each week, and expects that data thieves may step up their activities next year.
"Analysis of MessageLabs Intelligence data suggests that the sophisticated targeted email attacks are a relatively new phenomenon and have only been directed against businesses and organisations on a regular basis for the past year and a half. MessageLabs is now intercepting several incidences a week and expects this trend to continue and grow," said the company.
These targeted attacks can be difficult for security products to detect, so organisations should educate their staff about the dangers and encourage them not to run applications in unsolicited emails.
The report also found that spam appears to have levelled off, at just over two thirds of all email traffic. Phishing emails — which try to trick a user into visiting a malicious site disguised as a genuine one — accounted for one in every 300 emails. MessageLabs reported that it is already easy to download "off the shelf" phishing packages that even include the IP addresses of open proxies that can be used to send email anonymously.
MessageLabs also suggested that 3G phones could become a tempting target for virus writers if they become more popular. Some experts have dismissed the idea that mobile malware is a credible threat, but on Monday McAfee Avert Labs said that mobile security threats are expected to triple next year as smartphones and other mobile devices become more prevalent.
McAfee said that an estimated 226 malicious software programs created for mobile devices have been detected so far, which is predicted will increase to 726 by the end of 2006.