THE NEGATIVE INFLUENCE OF HARMFUL PROGRAMS AND SPAM
At the initial stage of network technologies development, a the damage from virus and other types of computer attacks was comparatively low owing to the insignificant dependence of the Russian economy on information technologies. Now, as a result of continuously increasing number of attacks, the creation of mechanisms for their automation as well as the considerable dependence of citizens, business and public authorities on means of electronic access and information exchange, the damage from carrying out attacks against infocommunication systems comes to enormous sums.
As Internet technologies are developed and introduced into infocommunication system, the Internet, as well as corporate Intranets, are more and more being actively used to carry out destructive activity. By penetrating a company’s or organization’s network, a malicious program can perform various destructive actions, from information deletion and theft to a complete shutdown of system operation. And the unauthorized distribution of e-mail messages (spam) considered as a type of attacks via the Internet can cause a no less damage as well.
As Computer Economics Company reports, a damage from viruses and other malicious programs was $14.5 billions worldwide last year. The situation associated with the distribution of computer viruses is constantly getting worse. In accordance with information of the ICSA Labs Company, the number of "infected" computers increased from 1% to 10.5% between 1996 and 2002. Information recovery expenditures almost doubled last year. According to estimates of the Yandex Company, about 60% of mail messages are spam. Internet users spend much time and money to obtain and read spam. According to estimates of Rambler Internet Holding, the loss to Russian Internet users from downloading spam exceeds $200 millions per year. Private Internet users of Russia alone pay a total "spam tax" of about $120 million annually. This amount is six times greater than that allocated for the "Electronic Russia" Program in 2002. A trend toward an increase in the share of spam worldwide is being noted. If in 2001 spam occupied only 8% of total e-mail traffic and cost 10 billions euros, in 2002 for the first time in the history of e-mail the spam proportion in total message traffic exceeded 40%. By 2007, according to a forecast of the Radicati Group Company, the proportion of spam will be 70% of total e-mail volume. According to data of Western experts (CNews Analytics), the number of hacker attacks against Russia increased considerably in November, 2002, which made it the 10th most attacked country that month, although never before or since had Russia appeared even in the top twenty of the most attacked countries of 2002. The number of computer attacks from the beginning of 2003 to April 16, 2003 was 143. At the beginning of April the number of attacks conducted against Russian infocommunications tended to decrease. However, some growth in the number of security violations is expected in summer, which is associated with the vacation season and, as a result, a decrease in attention toward information safety by organizations.
The low level of information security in the majority of systems connected to a global network has become a critical problem nowadays. Among the factors directly affecting a level of infocommunication system’s security a special place is occupied by commercial software (SW), when the variety of options provided and the fast appearance of the product on the market are most often outweigh its security. Errors in such SW are continuously detected by developers, hackers and independent research groups. Distribution of commercial products on the global scale means that as soon as a vulnerability is detected, a hacker can exploit it on hundreds of thousands or even millions of systems on which the product with unresolved security problems is installed. An insufficient level of user experience frequently does not allow the Sw to be upgraded independently and the system vulnerabilities eliminated. Consequently, the system can easily be exposed to attacks of criminals and subsequently used as a starting point for the implementation of attacks against more protected systems or to be used for masking the real attacker’s origin.