Microsoft Corp. today released research showing an acceleration in the number of security attacks designed to steal personal information or trick people into providing it through social engineering. Microsoft's most recent Security Intelligence Report, a comprehensive analysis of the threat landscape, shows that attackers are increasingly targeting personal information to make a profit and are threatening to impact people's privacy. The report found that during the first half of 2007, 31.6 million phishing scams were detected, an increase of more than 150 percent over the previous six months. The study also shows a 500 percent increase in trojan downloaders and droppers, malicious code used to install files such as trojans, password stealers, keyboard loggers and other malware on users' systems. Two notable families of trojans detected and removed by the Microsoft Malicious Software Removal Tool are specifically targeted at stealing data and banking information.
Microsoft shows off security in Server 2008.
.Microsoft has been giving more details of the forthcoming Windows Server 2008, due for release on 27 February next year.
The code will be Microsoft's most secure yet, Microsoft's vice president of development for Windows Ben Fathi promised. It had been rigously checked and the compny wouldn't release it if it wasn't secure.
"Lest year we pulled three launches back because we weren't happy with the security of the product," he said.
"That effected our release cycle but it was the right thing to do for our customers."
The new operating system will include Windows Server Virtualisation, which is being built in for the first time. It allows virtualisation of servers in a single machine but keeps each virtual machine entirely separate to reduce security risks.
BitLocker, which encrypts the entire drive as a security measure, is being included. The technology was originally designed for laptops but Fathi said the demand for it in PCs was so strong Microsoft transitioned the technology.
"Once we had it in laptops our customers said wait a minute," he continued.
"We want to use this in branch offices, so if our server gets stolen the thieves can't get the data off there."
Servers are increasingly being targeted by criminals, as evidenced by the attack on First Response Finance, who then sell the personal information they contain on to criminal gangs or use themselves.
Microsoft is also building in Network Access Protection, which is its version of Cisco's Network Access Control. This sets security policies for machines allowed on a network and unless a new computer meets the criteria it is either kicked off the network or has reduced access.
Controls are also being included into the use of USB sticks and the data they can access, and a PKI management console is being added
McAfee Inc. exposes the psychological warfare used by cybercriminals; New research reveals the mind games used by cyber fraudsters to exploit human nature to gain money and personal information.