Computerworld - 'Tis the season of gift-giving, good cheer and, according to the FBI and other security experts, an increase in cyberattacks.
Malicious hacker activity targeting e-commerce sites has been heating up for the holidays, the FBI's National Infrastructure Protection Center said in a report released earlier this month.
That should be no surprise. More people than ever are shopping online, said a report issued yesterday by Chicago-based Andersen Consulting, and a greater proportion of them -- 92% as opposed to 75% last year --- are successfully completing their online purchases.
Compared with a similar study Andersen did last year, it seems "that U.S. e-tailers learned from their mistakes last year," said Andersen associate partner Robert Mann in the report. Online retailers have improved fulfillment and smoothed out supply-chain snags, the report said.
It's the success of e-commerce sites that increases their chances of failure, said Ben Venzke, an intelligence director for IT security consulting firm iDefense in Fairfax, Va.
"A lot of media attention is paid to how much Christmas shopping is done online," Venzke said. "The effect is to call attention to those sites doing the largest dollar amounts of those sales. That becomes a motivating force for the entrepreneurial criminal."
The visibility of successful sites also means that "if somebody wants a lot of attention, a way to get it is to deface one of these highly visible sites. Shut down one of these sites, and you'll get yourself talked about," Venzke said.
As malicious cyberattacks intensify during this year's holiday season, holiday-related viruses and worms are the most likely culprits, but inattention and neglect run a close second, iDefense said. .
"E-commerce sites need to be alert for Trojan horses," Venzke said. "Some are designed to collect information such as passwords and e-mail them back" to the virus' creator, who then "can use them to break into databases containing credit-card information."
E-mail also presents an invitation to cybercrime. Nine holiday-related worms -- four in the wild -- have shown up since Nov. 10, the report said. Some carry date-activated payloads, most triggered for Dec. 25, Dec. 31 or Jan. 1, but others bear infected attachments purporting to be Christmas or Hanukkah cards.
Many IT departments are working with reduced staffs who are taking time off for the holidays, the report noted. IT staff "may not be as diligent in monitoring firewalls or intrusions, updating virus definitions and applying software patches," it said.
That's even more likely the case at those sites "notorious for being breeding grounds for the
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
