'Phishing' and spyware continue to plague Internet

NEW YORK - Computer worms raced around the world, leaving behind tools that spread spam. Scammers sent e-mail to trick bank account holders into revealing passwords. Rogue programs known as "spyware" hijacked Web browsers and crippled computers.

These were among the top Internet threats of 2004 as the perpetrators grew smarter and more sophisticated, driven more than ever by economic gains. And while technology to combat such threats has improved, experts concede that's not enough to address what's bound to emerge in the coming year.

"The bottom line is, there is no silver bullet technology," said Gregg Mastoras, senior security analyst at security vendor Sophos Inc. "I just don't think users are educated enough when they are on machines and what they are doing with it."

The past year saw more industry attention to security: Microsoft Corp. upgraded its flagship Windows XP operating system, closing many loopholes and turning on a built-in firewall to thwart attacks. America Online Inc. gave away free security tools, and computer makers began installing software to combat spyware.

Dozens of products and services were developed to attack "phishing" - e-mail pretending to be from trusted names such as Citibank or Paypal, but directing recipients to rogue sites.

But developers of malicious code have gotten better at automating their tools, as well as sharing information about vulnerabilities and techniques to exploit them through underground message boards and chat rooms, said Mark Rasch, chief security counsel for Solutionary Inc.

No longer are bragging rights the primary motive.

"It used to be cool to bring down sites, almost (like) graffiti for the 21st century," said Arthur Coviello Jr., chief executive for RSA Security Inc. "Today's worms and viruses are far more detailed, and specific attacks are directed at individuals and businesses for the purpose of economic, ill-gotten gains."


Use the comment form below to begin a discussion about this content.

Sign in to comment