By Mark Ward

Technology Correspondent, BBC News website



All attacks are now about stealing money, say experts

So say security experts looking back on 12 months in which hi-tech gangs took control of the net's underground.

The economy supporting these groups has matured so much that now everything from virus-writing kits to spam-spewing zombies are available for rent or hire.

This has helped to fuel, say security professionals, rapid growth in the methods criminals use to catch out PC users and steal saleable data.

Money game

"2007 was a fairly interesting year," said Joe Telafici, vice president of operations for McAfee's Avert Labs, "cyber crime continued to fuel most of the security attacks we saw."

It was a year, he said, which saw the effective extinction of young hackers who wrote viruses and other malicious programs for fun.

Now, he said, Windows malware was all about money.

Some attacks, such as phishing runs, were clearly about stealing cash from victims either from a credit card or bank account.

But, he said, many others that looked more innocuous were done with money in mind. For instance, he said, trojans placed in banner ads that try to hijack a home PC were all about getting hold of resources that can be rented out for a fee to spammers or other net-based criminals.

"There's a real eco-system built around this," he said.

Paul Henry, vice president of technology evangelism at Secure Computing said the tool of choice for many hi-tech criminals was the botnet - a collection of hijacked home PCs.

"Botnets are now a well-organised tool," he said. "They are at a point now where they are creating smaller botnets from larger ones."

This was being done, he said, because like all businessmen criminals were keen to make the most of their assets.

Many malicious hackers have moved away from e-mail attacks

Successive spam campaigns added to the numbers of machines in the Storm botnet and, though estimates vary, many believe it was made up of more than 1 million machines.

A ready market for the buying and selling of time on a botnet and the tools needed to put it to good use had sprung up, said Mr Henry.

"Commercial exploitation has brought the real value of these tools to the vast majority," he said.

One of the most widely known tools was the MPack kit which was created by a Russian hacker gang. Anyone buying it got included in the price a year of technical support that updated them with the latest vulnerabilities so it could be used time and again for attacks.

But, said Mr Telafici, this had created problems for some makers of malicious software.

"One kit developer recently threw in the towel because they could no longer get the margins they used to," he said.

"Instead they opened up the source and gave it away. There were just too many players in that space, it's too crowded."

Novel threats

This busy market was driving innovation, said Simon Heron, managing director of Network Box.

Windows remains the biggest target for hi-tech criminals

Some of those that used to send huge numbers of phishing e-mails were now indulging in "spear phishing" which brought together lots of bits of data to make the messages they send look much more convincing.

Mr Heron said he had seen campaigns targeted at a few hundred people such as the senior managers in a large firm.

"It's just fascinating seeing that this is happening," he said.

The move away from the old attack vector of e-mail meant troubled times for users, he said.

"The bad guys are becoming more sophisticated and that means its becoming more difficult to stay safe," he said.

Summing up Paul Henry from Secure Computing said 2007 was the year that hi-tech crime became firmly established and entrenched.

"I see no end to this," he said, "until we effectively reduce the value of personal information to the point where for the hackers it is useless."