2007 was first and foremost the year of the Storm Worm, as described in a separate BullGuard newsletter story. But apart from this notorious Trojan that infected between 15 and 50 million PCs during the year, 2007 also raised a lot of other computer security issues.
Sweden’s largest bank, Nordea, announced in January that it had suffered the biggest Internet fraud in history. Over 8 million kronor ($1,2m) had disappeared in three months as a result of tailor-made trojans launched by Russian criminals and more than 250 customers became victims.
In February, hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic in one of the most significant hacking attacks since 2002, and in March American retailer TK Maxx admitted that hackers had stolen credit and debit card details belonging to over 45 million customers in an attack on the company’s computer systems.
In November, the NATO countries finalised the organisation?s first policy covering cyber attacks on member states’ critical national infrastructure after hacking campaigns against Estonia in May, and Whitehall and the Pentagon in October.
The year also saw a sharp increase in the use by criminals of non-operating-system exploits. Common desktop applications such as Adobe Reader, Apple Quicktime, and Real Player became favorite targets of criminal hackers, while other Web attacks focused on the increased use of social networking sites like Facebook and MySpace.
Attackers also focused on instant messaging. According to experts, in 2007 there were 10 high-severity instant messaging risks, compared to none in 2006.
Online gaming was another common target for attacks as virtual objects in games gained in value. According to experts, the number of password-stealing Trojans that targeted online games in 2007 grew faster than the number of Trojans that targeted banks. This was supported by the news of a Dutch 17-year-old who became the first European being arrested for stealing virtual objects after stealing virtual property from the 3D cartoon world Habbo Hotel.
Microsoft released 69 security bulletins in 2007, nine fewer than 2006’s total but 14 more than in 2005.