Two new reports offer insight into how the digital underground is using its vast array of botnets. If the last two months are any indication, the standard weapon of these zombie armies is a phishing rod.
The first indication of that comes from IBM's Global Business Security Index Report, a monthly roundup of potential security threats based on data the company collects from 2,700 security professionals and half a million monitored devices around the world. Based on the most recent data, the New York-based company said attempted phishing attacks in May were up 226% over the previous month. IBM's security analysts attributed this to the rapid proliferation of botnets -- armies of hijacked machines used to blast out massive amounts of the scam e-mails at the heart of most phishing attacks.
The second indication comes from Redwood City, Calif.-based security firm Postini. According to its records, the company said it protected customers against 16,667,444 phishing attempts in June -- a 71% increase per day compared to May. Postini said it was the second-highest number of attempted attacks since it started keeping a monthly score. March stands out as the month with the most attempts so far this year, the firm said.
"IT systems have become so crucial to today's business operations, work productivity and customer service that even a small disruption can have serious impact on business operations," Cal Slemp, IBM Global Services' vice president of security and privacy, said in a statement. "Loss of data integrity or confidentiality can lose a customer base that took years to build. Security is now something that companies can no longer afford to be without."
While both companies have seen a dramatic spike in attempted phishing attacks in the last two months, their research differs when it comes to the level of other attacks.
Postini sees fewer virus e-mails
Postini saw a decrease in the number of virus-infected e-mail messages for June. The number of directory harvest attacks [DHAs] against corporate networks also decreased in June, compared with the month before. The company saw a 23% drop in the average number of DHA attacks per day against enterprise networks.
Postini said the top 10 viruses for June were:
- Mytob, 42,564,787 detections
- Netsky, 9,678,418 detections
- Mime, 5,204,341 detections
- Bankfraud, 4,166,861 detections
- Bagle, 2,984,403 detections
- Zafi, 1,397,793 detections
- Downloader-abl, 1,311,393 detections
- Mydoom, 1,049,130 detections
- Lovgate, 1,025,157 detections
- Klez, 218,789 detections
IBM sees more viruses
By comparison, IBM reported that more than 30% of e-mails in May contained some form of virus -- a 33% increase from the previous month. In many instances, the virus traveling by e-mail infiltrated a computer's hard drive and then forwarded itself to the user's entire address book.
"In May, one in 32.2 [3.12% of all e-mail] e-mails contained some form of virus or Trojan attack, a significant increase over the past month of 33%," IBM said in a statement. "To combat malware such as Sober, Mytob and other variants of these viruses, IBM advises organizations to keep antivirus signatures up to date and keep current with Windows patches."
IBM also found that application hacking accounted for 90% of system compromises in May.
"Two critical points in Web application security are the creation and management of sessions and filtering all data input," IBM said. "These types of compromises from a Web application can lead to exposure of banking information, private sensitive data like credit card information, and competitive intelligence information."
This article originally appeared on SearchSecurity.com.