Security: Web of deception Everyone sought gold in security in 2004. The average Internet attacker evolved from an online troublemaker to a calculating vandal, intent on profiting from compromising legions of PCs. Security companies to , and Microsoft to push out a massive security update for its popular Windows desktop operating system. Meanwhile, industry and the government formed working groups to decide how to improve the security of the Internet and software without ringing up a large bill for companies and consumers. The year also highlighted that the largest flaw in PC security remains the uneducated user. Phishing attacks, for example, . A phishing scam typically uses mass e-mails to lure unwitting victims to fake Web sites, where they're asked to input information such as credit card numbers. While analysts of the attacks to consumers, well-known businesses suffered from increased support costs and lost consumer confidence. An attack that has become much more common uses links to attract people to , which then attempt to compromise the victim's computer through found in browser software this year. One attack used a compromised advertising service to to commercial Web sites, which caused some visitors to those sites (among them, news site The Register) to become infected. The government and industry pondered how to solve the Internet's security problems, forming the National Cyber Security Partnership to brainstorm strategies. Groups called for a , , , and more enterprise security initiatives. For the most part, however, the government . However, the Bush administration did in 2004 to a whopping $85 billion, analysts said. Money well spent? Not necessarily, CNET News.com found out while researching our . Many government watchers fear that a great deal of the money is wasted on untested technologies--a problem that is hidden by blanket classifications that shield the spending. Moreover, Internet security has gotten short shrift in the U.S. Department of Homeland Security, a situation that some believe led to the in two years from the position of top cybersecurity official in the U.S. government. While critics in electronic voting systems, the machines performed acceptably in the November presidential election. While a host of glitches surfaced, none called into question the election results. Still, has underscored the need for meaningful auditing of the vote, either by paper audit trail or by other means. --Robert Lemos Bill Gates points to the silver lining in the MyDoom attacks and warns against complacency regarding non-Windows operating systems. January 27, 2004 The virulent program ranks as the Net's fastest-spreading virus, but security firms warn that the code left behind on PCs could cause more chaos than the initial infection. January 27, 2004 The Department of Homeland Security aims to inform two groups of citizens--tech experts and the average user--of potential online threats. January 28, 2004 CNET News.com has learned that the worm compromised millions of computers, far more than was previously thought. April 2, 2004 Security experts warn that a threat as damaging as worms is gaining control of large networks of computers. April 30, 2004 A worm starts spreading through the Internet using a vulnerability in a widely used component of the Windows operating system. May 1, 2004 The $5 million fund snags its first success with the arrest of a man in Germany who has confessed to the release of the Sasser worm. May 5, 2004 "Serious" flaws could let compromised servers take control of computers via Internet Explorer. June 25, 2004 Security researchers suggest that using Microsoft alternatives is one way to surf the Web worry-free. June 28, 2004 Microsoft hands XP Service Pack 2 to PC makers and says that for many customers, automatic updates are the way to go. August 6, 2004 Strategic conflicts, rampant confusion and election-year politics are slowing the war on terror. October 18, 2004 Federal agents and international allies arrest 28 suspects thought to have stolen credit card numbers and other financial information.October 28, 2004 Ready or not, here comes electronic voting.November 1, 2004 Rise in online identity fraud has companies on the hook: Educate customers or lose them.November 17, 2004 MyDoom sparks talks of security's future Security groups call for education, alert systems MSBlast not to blame for blackout, report says Worm warning intensifies Bulk of year's PC infections pinned to one man Microsoft's blast from the past U.S. cybersecurity chief resigns E-voting faces new scrutiny Report: Cost of phishing not so high Attackers strike using Web ads
Discuss: Year in review: Web of deception
Be respectful, keep it civil and stay on topic. We delete comments that violate our policy, which we encourage you to read. Discussion threads can be closed at any time at our discretion.