Report profiles a new world for cybercrime

The age of destructive nationwide viruses has faded and tailored attacks targeting individual data are on the rise, according to an annual Symantec Internet security report.

The Symantec Internet Security Threat Report outlining international trends about malicious hacking from 2009 had Brazil ranked third as the source of malicious attacks behind the United States, which is first, followed by China.

The report, released earlier this month, indicated that while accusations of Chinese and North Korean hacks against the government get media attention, only 25 percent of malicious attacks in 2009 targeted a government. Brazil is the source of 48 percent of those attacks against governments. The report showed developing countries like Brazil, India and even Vietnam skyrocketing in rankings for cybercrime activity like spam, phishing for data and malicious code as their computer infrastructure grows.

Attacks like the Hydraq Trojan, which emerged in January, were analyzed in the report with explanations of how large enterprises can be infiltrated by these slow, sustained leaks called advanced persistent threats, rather than more prominent smash-and-grab hacks.

Dean Turner, director of Symantec's Global Intelligence Network Security Response, advocated creating an international set of agreed upon best practices and information sharing to combat the international cybercrime that was virtually unaffected by recession.

A bill introduced earlier this month by Senate Foreign Relations Chairman John Kerry, D-Mass., aims to increase international cooperation in combatting cyber crime.

"There's Interpol to put out an alert for a particular person, but that doesn't really exist in the realm of cybersecurity," Turner said. "The last big worm was in 2004 and since then we've seen an evolution away from destroying and disrupting data. Because the data is so valuable, 98 percent of attacks now target confidential information."

How-to-hack applications for sale on the underground cybercrime circuits such as the Zeus toolkit are profiled as examples of ways to steal and exploit online. The means to attack data are growing too, including tainted applications in social networking sites and botnets that trigger drive space for attacks through the growing computer infrastructure of developing nations. Smart phones also are predicted to offer one more weak access point when Americans increasingly use them for the Internet.