The year in security – a look back at 2005
Security companies widely predicted that this year would be epidemic-free as virus writers turned their hands to making fiscal gains rather than kudos.
This remained largely true: month on month the numbers of new viruses rose, yet we avoided anything like the Blaster and SoBig epidemics of 2003. Indeed, Sophos reported that November showed the highest monthly figure for new viruses on record. And paradoxically, it was that same month that saw pretty much the only large-scale epidemic of the year, in the form of another Sober variant.
In fact, Sober remained high in the collective security consciousness for a number of reasons. Bavarian police had been tracking the author, known to be German, for some time, and successfully predicted the release of a new variant in November.
Then in a stroke of alarming audacity, the author released a successive array of variants with messages claiming to be from the FBI, the UK’s NHCTU and the German police – at a time when he or she had aroused quite enough interest already, one would think.
The final twist in the Sober tale arose when one of these dropped into the inbox of a child pornography offender who, alarmed at the thought that the authorities were on to him, promptly turned up at the local cop shop and handed himself in.
2005 has also been a year in which Microsoft has stood out not so much for security problems, but rather for its ambitious drive into the security industry.
At the start of the year, Redmond had already racked up an antispyware acquisition in the form GIANT, had bought up Romanian antivirus outfit GeCAD, and wasn’t about to stop there. It quickly rebadged the antispyware technology and launched a beta, and followed that in February by buying up Sybari. This is a company specialising in front end security management, into which various antivirus engines can be plugged, one of which was to turn out to be Microsoft’s home-grown version built from its GeCAD buy.
Next on the shopping list was FrontBridge, a managed email security company, and this left Microsoft with a full arsenal to tackle the enterprise: whether in-house or managed, and able to cater for high-level demands such as the ability to comply with mandatory regulations like the Sarbanes-Oxley Act and other requirements for financial, governmental and other data-sensitive areas.
The final piece of Microsoft’s security jigsaw fell into place with the beta of its OneCare Live security solution for consumers.
2005 will also be remembered as a year that featured a high number of arrests. In January a Scottish man was arrested for his part in Denial of Service attack campaigns in the same week that the FBI arrested another man for an email scam conning people donating to appeals, following the tsunami disaster.
Days later, and Spanish authorities said they had collared a man who had infected computers with a virus that allowed him to spy on them through their webcams.
In May, Swedish authorities said they had caught a teenager in connection with the theft of Cisco source code.
The FBI was particularly active in July, with arrests of 419 email scammers as well as one Christopher Smith (aka ‘Rizler’), believed to be the man behind more than a billion spam mails sent to AOL accounts.