Digital MarketingStrategiesSecurity Threats Outpace Net Usage Growth

Security Threats Outpace Net Usage Growth

More than 6 percent of e-commerce transactions were potentially fraudulent.

Internet security breaches and fraud attempts have outpaced the “impressive” growth of Internet usage with the U.S. being the biggest target by attackers, according to statistics released by Verisign.

Verisign, which markets digital commerce and communication products and services to enterprise clients, reported that the number of security events per device it managed increased by nearly 99 percent between May and August of 2003.

According to the company’s Internet Security Intelligence Briefing report for October 2003, the 51 percent year-over-year growth in Internet usage has been outpaced security and fraud threats, which are increasing both in number and complexity. “From a geographical perspective, the United States continued to be the leading source, accounting for nearly 81 percent of security events,” Verisign said.

Top Regions for Security
Events Generated, Q2 ’03
United States 80.92%
Australia 6.37%
Canada 2.93%
Netherlands 2.13%
China 1.74%
South Korea 1.08%
Germany 0.41%
Brazil 0.40%
United Kingdom 0.38%
France 0.28%
Source: Verisign

The Mountain View, Calif.-based firm painted a glowing picture of Web usage, reporting that DNS [define] resolutions grew by more than 50 percent between August 2002 and August 2003. Verisign said DNS resolutions for email jumped a whopping 245 percent in the same period.

Verisign claims it processes more than 10 billion DNS queries per day, more than three times the daily volume three years ago.

But, along with the heady growth of usage comes a major security threat. Data from Verisign’s fraud prevention systems indicate that 6.2 percent of e-commerce transactions were potentially fraudulent, and over 52 percent of fraud attempts against Verisign merchants now originate from outside of the U.S.

Top Source Regions for Fraud Attempts,
April-August 2003
United States 47.79%
United Kingdom 5.25%
Nigeria 4.81%
Canada 4.66%
Israel 4.46%
Indonesia 2.07%
Germany 1.94%
Ireland 1.85%
Ghana 1.84%
Denmark 1.08%
Other 24.24%
Source: Verisign

“There is increasing evidence of overlap between perpetrators of Internet fraud and security attacks,” the company reported, noting that the data showed extremely high correlation (47 percent) between sources of fraud and sources of security attacks. “Attackers who gain control of Internet host machines are using these compromised hosts for both security attacks and fraudulent e-commerce transactions,” according to the report.

Based on the evidence, Verisign warned that attacks in the future would be “more blended, more complex, more portent and more coordinated.”

“The SoBig virus provides a great example of the sophistication of these threats,” the company noted, referring to the destructive mass-mailing virus that carpet-bombed the Internet in September 2003 and reduced network traffic to a crawl.

“The worm had its own domain name resolution mechanism, and it was programmed to bypass the local DNS resolvers as well as any local cache, conceivably to make it spread more easily and therefore more potent. It was programmed to lookup for a DNS name of a recipient’s email address directly from A or B DNS root Servers,” Verisign reported.

The company, which operates the A-root server, observed a 25 times increase in email related DNS lookups (MX record lookups) per-second in its A-root cluster, noting that the traffic did not abate until September 10, when the virus was programmed to self-destruct.

“We believe this is the first time DNS root servers were used to speed up the rate infection, as a study of other well-known mass-mailing viruses such as Bugbear and Klez did not reveal similar increases in MX record lookups during their infectious periods,” Verisign added.

The company said its network security team found a definite correlation between fraud attacks and network security attacks, a scenario which indicates that people who are attacking enterprise network perimeters are also likely to be committing online fraud.

“Hackers tend to attack a system to gain sensitive information such as credit cards or account logins which they can sell to other hackers, or they attack a system to gain privileged access (root access) to the machine which can also be traded with other hackers, or used to launch follow on attacks,” the company warned.

In addition, intruders tend to use compromised hosts or proxies to hide their tracks. Once a hacker gains access to a machine, they tend to install a specific software called ‘rootkit’ which gives them the privileged access to the system. “The rootkit ensures the anonymity of the hacker by automatically deleting the important logs on the system that can be used to trace the hacker’s activities,” Verisign added.

After a privileged access is obtained and ‘rootkit’ installed, Verisign reported that hackers then use the compromised machine to attack other machines without being traced.

Related Articles

How financial services CMOs should approach regulation

Digital Transformation How financial services CMOs should approach regulation

3w Al Roberts
How are traditional banks competing for customers in a digitally disrupted industry?

Finance How are traditional banks competing for customers in a digitally disrupted industry?

1m Al Roberts
5 cross-platform automation tools to improve your team's efficiency

Collaboration 5 cross-platform automation tools to improve your team's efficiency

1m Tereza Litsa
How challenger banks are revolutionizing the banking customer experience

Finance How challenger banks are revolutionizing the banking customer experience

3m Al Roberts
8 ways AI can enhance your marketing strategy today

AI 8 ways AI can enhance your marketing strategy today

3m Marcela De Vivo
Why banks are becoming customer-centric organizations

Analyzing Customer Data Why banks are becoming customer-centric organizations

2m Al Roberts
Five tools to automate lead nurturing in sales

Ecommerce & Sales Five tools to automate lead nurturing in sales

2m Tereza Litsa
How CMOs are using apprenticeships to bridge the digital skills gap

Marketing How CMOs are using apprenticeships to bridge the digital skills gap

2m Christian Doherty