US CERT: Malware Attacks on Feds Motivated by Money Not Terrorism

Malware attacks against federal agencies appear to be predominately motivated by financial gain rather than terrorism or espionage, according to the U.S. Computer Emergency Readiness Team at DHS.

Around 90 percent of malware incidents detected against U.S. government networks in the first half of 2010 were meant to steal money from unsuspecting users, rather than steal data, as is often believed to be the case.

“This statistic represents the dominance of financially motivated malware within the threat picture,” said Marita Fowler, section chief of the surface analysis group at U.S. CERT. “It is not that the federal government is being targeted by organized criminals; it is that we are a smaller portion of a larger global community impacted by this.”

One of the best ways to combat such attacks is through education, according to Fowler.

“There are plenty of malicious programs designed to steal information from users without their knowledge,” she said. “In these cases, security tools and mitigation strategies are needed to augment user awareness.”

Related posts:

1. DHS IG: US-CERT Needs Work
2. Indian Companies More Worried About Cyber Attacks than Terrorism
3. Government Subsidies for Malware Clean-up?
4. Gartner Group: Feds Must Take Operational Cybersecurity Role
5. Indian Center Develops Plan to Counter Cyber Terrorism