NEW YORK: The year 2006 witnessed an unprecedented increase in internet-related attacks and spam, according to security experts. And most of the blame should go to the flaws and vulnerabilities in software that power the internet system, they say.
The year 2007 is going to be no exception, many of them feel as attacks on banks, shopping centers and financial institutions set to gain pace.
Postini, a San Carlos, California-based email security firm, which had carried out a study into the spam incidence in 2006, says spam had been a real threat on online traffic. It said nearly 90 per cent of all email sent in October was found to be unsolicited junk mail messages.
It also said the volume of such junk mail has gone up by 60 per cent in the last two months as spammers are now using such novel methods as embedding their messages in images to avoid filters that look out for keywords and phrases. The images take nearly three times more storage space and internet bandwidth than text-based e-mail.
Security experts say the volume of spam in fact determines the security of the internet. Most of the spam is generated by "bots" or the home computers that online criminals have surreptitiously compromised and used as links in networks.
According to Gadi Evron, a botnet expert and a consultant with Israeli security consulting firm Beyond Security, three million to four million bots are active on the internet. Apart from these, there are millions of other bots that are used to launch "distributed denial-of-service" attacks -- bombardment of useless data when the targets refuse to pay protection money.
Evron estimates that organized online criminals will have income as much as $2 billion a year. He says with botnets, the internet community has reached a level where it is unclear what parts of the internet are not compromised.
The year 2006 also saw an increase in the number of vulnerabilities found in software by researchers and exploited by criminals. Microsoft, for example had to fix 97 critical security holes, which could be easily used by hackers to attack a system. The number of such fixes was 37 in 2005.
