November 24 Deemed Black Monday

A group of researchers is warning that the most dangerous day to be online this year will be next Monday, Nov. 24 -- just in time for the online holiday shopping season. But other researchers argue that singling out one day as the most treacherous could be dangerous.

PC Tools predicted Nov. 24 would be the most active day for malware threats after analyzing worldwide virus data on more 500,000 machines and data from last year's holiday season.

Still, other security researchers say focusing on one day is neither realistic nor helpful. "The very real danger is that people will think that it is more important to take computer security more seriously next Monday than, say, tomorrow or next Wednesday," says Graham Cluley, senior technology consultant with Sophos. "Indeed, if stories like this became widespread, wouldn't it be in the interest of hackers to launch their attack on a day when they believed people would be more relaxed about their PC's security? I don't think it's very scientific to look at last year's data and extrapolate that it will reflect 2008 with such precision."

But Kurt Baumgartner, vice president of behavioral threat research for PC Tools, says pointing to a specific day helps raise security awareness. "Singling out a particular day may seem excessive, but we can inform ourselves on what we may expect based on last year's online malware," he says. "We are not suggesting that users give up on attending to computer security the rest of the year. We wouldn't suggest that they leave their front door open the rest of the year, either."

And while spam and malware typically surge during the holiday season, this year may actually be a little less active than in years past, says Roger Thompson, chief research officer at AVG Technologies. No one should be especially worried about Nov. 24, he adds, although the bad guys will be targeting holiday activities. "I'll predict a little less spam this year," Thompson says, mainly due to the shutdown of the notorious McColo Web hosting service, which was used by some of the world's biggest botnets and spammers.

"And at least one of the major botnets seems to have had its C&C hijacked by white hats, which means that some large number of bots is sitting idle," he says. But the reprieve is likely to be only temporary, he says, while these bad guys relocate and retrench.

Even if fewer bots are active next week and during the coming holiday season, there will be plenty of consumer activity online, which means lots of targets for the bad guys. A recent report found that 40 percent of 18- to 24 year-olds plan to conduct online shopping for up to five hours from their desks at work. And that same group appears to be less concerned with the security of their work PCs, according to the report.

The global financial crisis adds another dimension to the threat, too: "I'm sure the hackers will be ready to take advantage this holiday season, and are probably more capable than ever of sending out millions of campaigns to separate people from their hard-earned cash," Sophos' Cluley says. "In this time of credit crunch, it's going to be more important than ever to keep hold of every cent and not fall for the cybercriminals' schemes."

Cybercrime is basically recession-proof, according to Darren Mott, supervisory special agent for the FBI's Cyber Division, who noted that organized cybercrime is already capitalizing on the economic downturn. And with people spending more time at home as they limit their spending, they are spending more time online.

Shoppers are also more eager for deals, so they're more likely to fall for scams, too. Paul Ferguson, advanced threats researcher for Trend Micro, says he doesn't have a crystal ball to pinpoint exactly when malware activity will peak, but Trend typically sees an increase from Thanksgiving through New Year's Day.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message