Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Threat Report: Shift Toward Attacks on Desktops

News Release

Symantec Internet Security Threat Report Identifies Shift Toward Focused Attacks On Desktops

Threats Increasingly Motivated by Profit and Desire to Perpetrate Criminal Acts

Symantec Corp. (Nasdaq: SYMC) today released its eighth volume of the Internet Security Threat Report, one of the most comprehensive sources of internet threat data in the world. The semi-annual report, covering the six-month period from January 1 to June 30, 2005, identified new methods of using malicious code for financial gain with increasing frequency to target desktops rather than enterprise perimeters.

The report also found a rise in the exposure of confidential information. Such threats can result in significant financial loss, particularly if credit card information or banking details are exposed. Moreover, these concerns are more worrisome as online shopping and internet banking continue to increase in popularity. During the first half of 2005, malicious code that exposed confidential information represented 74 percent of the top 50 malicious code samples reported to Symantec, up from 54 percent in the previous six months.

“Attackers are moving away from large, multipurpose attacks on network perimeters and toward smaller, more targeted attacks directed at web and client-side applications,” said Richard Batchelar, country manager, Symantec New Zealand. “As the threat landscape continues to change, users need to be diligent in keeping systems up-to-date with security patches and security solutions.”

Additionally, bot networks and custom bot code were available for purchase or rent; Symantec observed an average of 10,352 active bot network computers per day, an increase of more than 140 percent from the previous reporting period’s 4,348 bot computers. As the financial rewards increase, attackers will likely develop more sophisticated and stealthier malicious code that will be implemented in bot features and bot networks, some of which could attempt to disable antivirus, firewalls and other security measures.

Modular malicious code – malicious code that has limited functionality initially but then downloads additional functionality once a system has been infected – is also increasing. The shift toward modular malicious code is significant as it indicates that attackers may be attempting to avoid detection and attempting to compromise a system further by opening back doors on an infected system or visiting web sites where further malicious code can be retrieved and placed on the target system.

The report also found that phishing attacks continue to proliferate. The volume of phishing messages grew from an average of 2.99 million messages a day to 5.70 million. One out of every 125 e-mail messages scanned by Symantec Brightmail AntiSpam was a phishing attempt, an increase of 100 percent from the last half of 2004. Symantec Brightmail AntiSpam antifraud filters were blocking more than 40 million phishing attempts per week on average, up from approximately 21 million per week at the beginning of January.

Additional key findings include the following:

- Symantec observed that denial-of-service attacks grew from an average of 119 per day to 927 per day during the first half of 2005 – a 680 percent increase over the previous reporting period. The most frequently targeted industry was education, followed by small business and financial services.

- The time between the disclosure of a vulnerability and the release of associated exploit code decreased from 6.4 days to 6.0 days. In addition, an average of 54 days elapsed between the appearance of a vulnerability and the release of an associated patch by the affected vendor. This means that, on average, 48 days elapsed between the release of an exploit and the release of an associated patch; during this time, systems are either vulnerable or administrators are forced to create their own workarounds to protect against exploitation.

- During the first half of 2005, Symantec documented 1,862 new vulnerabilities – the highest number ever recorded in the Internet Security Threat Report. Ninety-seven percent of these vulnerabilities were classified as moderate or high in severity, and 59 percent of all vulnerabilities were found in web application technologies, marking an increase of 59 percent over the previous reporting period and a 109 percent increase over the first six months of 2004.

- A growing number of Win32 viruses and worm variants were also reported during the first half of 2005. Symantec documented 10,866 new Win32 virus and worm variants, an increase of 48 percent over the previous reporting period and 142 percent over the first half of 2004.

- Adware, spyware and spam continue to propagate, according to the report. Eight of the top 10 adware programs were installed through web browsers. Of the top 10 adware programs reported, five hijacked browsers. Six of the top 10 spyware programs were bundled with other programs and six were installed through web browsers. Symantec also observed that spam made up 61 percent of all
e-mail traffic and that 51 percent of all spam received worldwide originated in the United States.

- An analysis of future and emerging trends concluded that an increase in the number of attacks and threats directed at wireless networks is likely. In addition, voice over internet protocol (VoIP) threats are expected to emerge as more enterprises merge their data and voice networks.

About the Symantec Internet Security Threat Report

The Symantec Internet Security Threat Report provides analysis of network-based attacks, a review of known vulnerabilities and highlights of malicious code and additional security risk. The following resources give Symantec analysts an unparalleled pool of data with which to identify and analyse emerging trends in internet security activity:

- DeepSight Threat Management System and Managed Security Services – More than 24,000 sensors monitoring network activities in over 180 countries.

- Symantec’s antivirus solutions – More than 120 million client, server, and gateway systems that have deployed Symantec’s antivirus products provide reports on malicious code as well as spyware and adware.

- Vulnerability database – Covering more than 13,000 vulnerabilities affecting more than 30,000 technologies from more than 4,000 vendors, Symantec maintains one of the world’s most comprehensive databases of security vulnerabilities.

- BugTraq – Symantec operates BugTraq, one of the most popular forums for the disclosure and discussion of vulnerabilities on the internet with over 50,000 subscribers.

- Symantec Probe Network – A system of more than 2 million decoy accounts, attracting e-mail messages from 20 different countries around the world, allowing Symantec to gauge global spam and phishing activity.

About Symantec

Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

ENDS

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Reserve Bank: Policy Lessons From A Year Of Covid-19

The Reserve Bank of New Zealand – Te Pūtea Matua was in a sound position to continue to meet its mandate in the face of the COVID-19 induced economic shock. However, we must continue to transform so as to remain relevant and effective in addressing longer-term challenges, Reserve Bank Governor Adrian Orr said... More>>


Transport Industry Association: Feb 2021 New Vehicle Registrations Strongest On Record

Motor Industry Association Chief Executive David Crawford says that the February 2021 figures are the strongest for the month of February ever. Registrations of 12,358 were 8.0% up on February 2020. Year to date the market is up 7.1% (1,735 units) compared to the first two months of 2020... More>>

Paymark: Lockdown Equals Slowdown For Some

The three days of lockdown for Auckland earlier this month made a clear impression on our retail spending figures. While only Auckland moved into Level 3 lockdown, the impact was felt across the country, albeit at different levels. Looking at the ... More>>

Infrastructure Commission: Te Waihanga Releases Report On Water Infrastructure

The New Zealand Infrastructure Commission, Te Waihanga’s latest discussion document highlights the importance of current reforms in the water sector. Its State of Play discussion document about water infrastructure is one of a series looking at the ... More>>


OECD: Annual Inflation Picks Up To 1.5% In January 2021 While Euro Area Records Sharp Increase To 0.9%

Annual inflation in the OECD area picked up to 1.5% in January 2021, compared with 1.2% in December 2020. Following a rebound between December and January, the annual decline in energy prices was less pronounced in January (minus 3.9%) than in December... More>>


Hemp Industries Association: Could The Next Team NZ Boat Be Made Entirely Of Hemp?

With The America’s Cup due to start in a few days’ time, innovators from a very different sphere have been wondering how long it could be before New Zealand could be competing in a boat entirely built from hemp, with the crew eating high-energy, nutritious hemp-infused foods and wearing high-performance hemp kit..? More>>


ACT: Matariki Almost A Half Billion Dollar Tax On Business

“Official advice to the Government says an extra public holiday at Matariki could cost almost $450 million,” ACT Leader David Seymour can reveal. “This is a perfect example of the Prime Minister doing what’s popular versus what’s responsible. ... More>>

Genesis: Assessing 6,000 GWh Of Renewable Generation Options For Development By 2025

Genesis is assessing 6,000 GWh of renewable generation options for development after starting a closed RFP process with 11 partners. Those invited to participate offer a range of technologies as Genesis continues to execute its Future-gen strategy to ... More>>