After a decade
of untold havoc wrought by worms, viruses, Trojan horses and spam,
something curious is going on in the Internet’s netherworld: the volume
of attacks is beginning to fall off.

That’s not at all good news for government and industry security
experts, who say the declining number of spectacular attacks shows the
architects of Internet instability are adopting a clever new strategy
of heading undercover to avoid exposure, and forming into groups to
better accomplish their goal of stealing financial secrets.

have a significant cyber-risk in this country,” warned Andy Purdy,
acting director of the Department of Homeland Security’s cyber security

At a briefing for congressional aides on computer
threats this week, Purdy said he’s cautioned businesses that this isn’t
the time to relax security against cyber-criminals who are out for
their trade secrets and financial data. Even now, Purdy said, some
malevolent program may be worming its way into any company’s computer
system to lurk there and gather information.

“We have to raise
the bar (about security). This is the challenge,” Purdy said. Publicly
traded companies are already required by law to have cyber security
systems, and private companies need to improve their security
procedures as well, Purdy said.

Larry Johnson, special agent in
charge of the Secret Service’s criminal investigative division, warned
that recent Internet attacks are showing increasing professionalism and
going after large amounts money, like information on the 401K
retirement accounts Americans hold.

“That’s not surprising because that’s where people have most of their money,” Johnson said.

The criminals use programs that insert themselves into people’s
computers, then search for sensitive financial data or do other tasks
like recording keystrokes as computer users log on to their personal
accounts. The programs then automatically send what they find back to
their mother computers over the Internet, where criminals retrieve the
information and use it to close out bank or stock accounts.

Johnson said the Secret Service has 20 online undercover investigations
under way and urged computer users to take more care that their private
information is protected.

“Prevention is first and foremost.
Once the cow is out of the barn, it’s too late,” noting it often takes
individuals more than a year to straighten out their bank accounts and
credit ratings after their identity is stolen. Although the Secret
Service is best known publicly for guarding the president, the agency’s
other responsibilities involve investigating financial and credit card

Art Wong, director of security response for Symantec,
a security software concern, said traditional hacking and attacks using
worms and viruses are declining, but secretive attacks on computers
using malevolent programs, known as malware, are increasing. These
programs worm their way into computers either when surfers visit
certain Web sites, open their e-mail, or download games or other

“They are trying to slip under the radar. They do not
want to be detected,” Wong said. “I think this is more insidious than
we’ve seen in the past.”

He said most of the attacks are
originating in the United States, Canada, Korea, China and Germany, and
he cited one message offering to sell a malware program exploiting
vulnerabilities in commonly used operating software for $1,000.

Wong said many companies could protect themselves simply by following
industry “best practices” and ensure their computer systems are
protected against intrusions.

He said that over the next year,
he expects to see more attacks from organized criminal enterprises, who
are becoming more specialized.

“People think they are safer than in the past. But today the environment is more dangerous than ever,” Wong said.

Betsy Broder, an assistant director at the Federal Trade Commission,
said it’s clear from recent thefts of identities of tens of thousands
of people from data banks that criminals are moving to more
sophisticated ways of stealing people’s money.

“Instead of dumpster-diving for people’s identity, they’re trying to get the honey pot of data,” she said.

(Contact Lance Gay at GayL(at)