Cisco security survey:Cybercrime taking a page from business schools

Cybercriminals are getting more professional, adopting classic business structures in the development and deployment of malware that is increasingly designed to reap maximum profit, according to the annual Cisco security report.

Crackers sell their wares in online marketplaces where they can also hire quality-assurance testers to strengthen their malicious code, as well as botnets for quick distribution of their exploits, the report says.

Start-up kits for those looking to set up shop in cybercrime are also available. For example, the Zeus Trojan kit includes what is needed to infect machines and steal login data for $700, the Cisco security survey says. 

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Cybercriminals are getting more professional, adopting classic business structures in the development and deployment of malware that is increasingly designed to reap maximum profit, according to the annual Cisco security report.

Crackers sell their wares in online marketplaces where they can also hire quality-assurance testers to strengthen their malicious code, as well as botnets for quick distribution of their exploits, the report says.

Start-up kits for those looking to set up shop in cybercrime are also available. For example, the Zeus Trojan kit includes what is needed to infect machines and steal login data for $700, the Cisco security survey says. 

Worst moments in network security history

This year Cisco gave for the first time awards for notable achievements, and its top prize for illegal activity -- Most Audacious Criminal Operation -- went to Zeus, which infects victims' machines and gathers data such as passwords. The malware has infected an estimated 4 million machines, Cisco says, and poses a formidable botnet that could be used for a variety of attacks. Criminals sell toolkits for modifying Zeus so attackers can alter its code enough to duck antimalware filters, Cisco says.

The Most Notable Criminal Innovation is Koobface, a worm that lures users to a YouTube video that encourages Flash player updates. The updates they download are actually the worm that gathers sensitive information from infected machines.

Koobface highlights the use of social networking sites for spreading malicious activity. With social networking accounting for 2% of work Web traffic, businesses need to educate employees on how to use these sites safely, Cisco recommends.

The usefulness of social networking sites to scammers is the trust users place in them. Users get baited with intriguing postings that lead to sites that download malware, the report says.

The overall exploit and threat level including those against social media users increased 57%, according to Cisco. "It's easier and often more lucrative to fool social media users in order to launch an attack or exploit or steal personal information," the report says.

Shortened URLs -- a common tool used by Facebook participants -- that cut the number of characters needed to reach a site can mask that they link to sites that download malware. So someone clicking on a short URL found in a Twitter posting could wind up with an infected machine. Cisco recommends getting browser add-ons that reveal the actual URL when the cursor rolls over the shortened URL, giving users the chance to see whether it looks legitimate.

In other areas, targeted spam accounts for just 10% of all spam, but it is on the rise and can be nearly impossible to stop. Since it relies on victims being fooled into clicking on links to sites that download malware or opening malicious files, user education is key to fighting it, Cisco says.

Cisco estimates that there is no evaluation of the dangers presented by 80% of Internet sites, making effective URL filtering more difficult. Emerging tools that analyze and characterize Web content to determine its safety rather than a list of URLs to block are more effective, the report says.