Joe Stewart, Dell SecureWorks' director of malware research, presented research detailing the activities of two large cyber gangs, one based in Shanghai the other in Beijing, that have cracked into the networks of thousands of companies over the past half dozen years.
The attacks invariably begin by infecting the computer of one employee, then using that machine as a toehold to patiently probe deep into the company's network. The end game: to steal customer lists, patents, bidding proposals and other sensitive documents.
Each gang is made up of dozens of employees playing complementary roles in attacks that are "stealthy and persistent," says Stewart. "Even if they do get discovered and get kicked out of a network, they come back, targeting a different employee."
Another gang, analyzed by Dell SecureWorks' researcher Brett Stone-Gross, has been blasting out spam, designed to slip past spam filters. The messages carry instructions to click on a link to read bogus delivery invoices, airline reservations or cellphone bills. The link, however, takes the user to a web page that installs malicious software.
Stone-Gross said the gang currently has access to 678,000 infected PCs, some of which are used to carry out its lucrative specialty: orchestrating fraudulent wire transfers from online banking accounts.
Meanwhile, a different category of hackers is stepping up attacks, not on individual PCs, but on company websites. Website attacks now routinely occur thousands of times each, as criminals probe for ways to breach databases carrying usernames and passwords and other valuable data, says David Koretz, general manager of website security firm Mykonos, a division of Juniper Networks.
Some successful website hackers enjoy boasting —-by publically posting some, if not most, of the stolen data. That's happened recently with data stolen from online retailer Zappos, matchmaking site eHarmony, business social networking site LinkedIn and search giant Yahoo, Koretz says.
Experts say web attacks continue to escalate partly because powerful, easy-to-use hacking programs are widely available for free. What's more, opportunities for an intruder to take control of an individual's PC, or access and probe a company's network, are multiplying as society uses more Internet-delivered services and Internet-connected mobile devices.
"It's easier and safer for a criminal to steal money from an online bank account, rather than have to walk into a bank — or to steal intellectual property in an online setting, rather than have to send in a human spy," says Eddie Schwartz, chief security officer of security firm RSA, a division of EMC.