Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Growth Of Cybercrime Continues Despite Downturn

Cybercrime’s Financial And Geographic Growth Shows No Slowdown During The Global Economic Crisis

Symantec blocks an average of 100 potential attacks per second in 2009

Symantec Corp. (Nasdaq: SYMC) today released its new internet Security Threat Report volume XV, which highlights key trends in cybercrime from 1 January 2009 to 31 December 2009. In a year bookended by two very prominent cyber attacks – Conficker in the opening months of the year and Hydraq at the very end – Symantec’s Internet Security Threat Report reveals continued growth in both the volume and sophistication of cybercrime attacks.

“Attacks have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the world’s largest corporations and government entities,” said Stephen Trilling, senior vice president, Security Technology and Response, Symantec. “The scale of these attacks and the fact that they originate from across the world, makes this a truly international problem requiring the cooperation of both the private sector and world governments.”

Craig Scroggie, Symantec vice president Pacific region says that once again the most common propagation method for malicious code in the Asia Pacific region is file-sharing executables.

“In the Asia Pacific region, 90 percent of confidential information threats allowed remote access. This is a big increase on 2008 when 69 percent of confidential threats allowed remote access.

“The best way to protect yourself is to use internet security solutions that combine antivirus, firewall, intrusion detection and vulnerability management for maximum protection against malicious code and other threats. And make sure your security patches and virus definitions are up-to-date.”

Notable trends highlighted in this year’s report include:

An increase in the number of targeted threats focused on enterprises. Given the potential for monetary gain from compromised corporate intellectual property (IP), cybercriminals have turned their attention toward enterprises. The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to synthesise socially engineered attacks on key individuals within targeted companies. Hydraq gained a great deal of notoriety at the beginning of 2010, but was only the latest in a long line of such targeted attacks including Shadow Network in 2009 and Ghostnet in 2008.

Attack toolkits make cybercrime easier than ever. Cybercrime attack toolkits have lowered the bar to entry for new cybercriminals, making it easy for unskilled attackers to compromise computers and steal information. One such toolkit called Zeus (Zbot), which can be purchased for as little as US$700, automates the process of creating customised malware capable of stealing personal information. Using kits like Zeus, attackers created literally millions of new malicious code variants in an effort to evade detection by security software.

Web-based attacks continued to grow unabated. Today’s attackers leverage social engineering techniques to lure unsuspecting users to malicious websites. These websites then attack the victim’s web browser and vulnerable plug-ins normally used to view video or document files. In particular, 2009 saw dramatic growth in the number of web-based attacks targeted at PDF viewers; this accounted for 49 percent of observed web-based attacks. This is a sizeable increase from the 11 percent reported in 2008.

Malicious activity takes root in emerging countries. The report saw firm signs that malicious activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam and Russia. In 2009, these countries moved up the rankings as a source and target of malicious activity by cybercriminals. The findings from the report suggest that government crackdowns in developed countries have led cybercriminals to launch their attacks from the developing world, where they are less likely to be prosecuted.

Other ISTR Highlights:
Malicious code is more rampant than ever. In 2009, Symantec identified more than 240 million distinct new malicious programmes, a 100 percent increase over 2008.

Top threats. The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most frequently blocked by Symantec security software in 2009.

Downadup (Conficker) still very prevalent. It was estimated that Downadup was on more than 6.5 million PCs worldwide at the end of 2009. Thus far, machines still infected with Downadup/Conficker have not been utilised for any significant criminal activity, but the threat remains a viable one.

Compromised identity information continues to grow. Sixty percent of all data breaches that exposed identities were the result of hacking. In a sign that this issue is not limited to a few larger enterprises, the Symantec State of Enterprise Security Report 2010 reported that 75 percent of enterprises surveyed experienced some form of cyber attack in 2009.

Another turbulent year for spam. In 2009, spam made up 88 percent of all e-mail observed by Symantec, with a high of 90.4 percent in May and a low of 73.7 percent in February. Of the 107 billion spam messages distributed globally per day on average, 85 percent were from botnets. The 10 major bot networks, including Cutwail, Rustock and Mega-D now control at least 5 million compromised computers. Throughout 2009, Symantec saw botnet infected computers being advertised in the underground economy for as little as US$0.03 per computer.

Applying security patches continues to be a challenge for many users. The report found that maintaining a secure, patched system became more challenging than ever in 2009. Moreover, many users are failing to patch even very old vulnerabilities. For example, the Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness was published on 23August 2003, and fixes have been available since July 2, 2004, yet it was the second-most attacked web-based vulnerability in 2009.

Click to Tweet

In 2009, Symantec blocks an average of 100 potential attacks per second
Symantec releases new Threat Report: Cybercrime’s Growth Shows No Slowdown during Economic Crisis
Growth in threats focused on enterprises. Symantec finds attackers use personal info found on social sites
Toolkits make cybercrime easier than ever for unskilled cybercriminals to compromise PCs and steal info
Today’s attackers use social engineering techniques to lure users to malicious websites
Dramatic growth in targeted at PDF viewers, accounting for 49 percent of Web-based attacks in 2009
Malicious activity takes root in countries w/ emerging broadband infrastructure

Connect with Symantec

Symantec Security Response on Twitter
Symantec on Facebook


Symantec Internet Security Threat Report XV Microsite
Threat Landscape Overview on Slide Share
Symantec Security Response Blog
Industry Resources at
2010 State of Enterprise Security Report
2010 State of Enterprise Security on SlideShare


© Scoop Media

Business Headlines | Sci-Tech Headlines


Fuels Rushing In: Govt "Ready To Act" On Petrol Market Report

The Government will now take the Commerce Commission’s recommendations to Cabinet...
• A more transparent wholesale pricing regime • Greater contractual freedoms and fairer terms • Introducing an enforceable industry code of conduct • Improve transparency of premium grade fuel pricing... More>>


Reserve Bank Capital Review Decision: Increased Bank Capital Requirements

Governor Adrian Orr said the decisions to increase capital requirements are about making the banking system safer for all New Zealanders, and will ensure bank owners have a meaningful stake in their businesses. More>>


Aerospace: Christchurch Plan To Be NZ's Testbed

Christchurch aims to be at the centre of New Zealand’s burgeoning aerospace sector by 2025, according to the city’s aerospace strategic plan. More>>


EPA: Spill Sees Abatement Notice Served For Tamarind Taranaki

The notice was issued after a “sheen” on the sea surface was reported to regulators on Thursday 21 November, approximately 400 metres from the FPSO Umuroa. A survey commissioned by Tamarind has subsequently detected damage to the flowline connecting the Umuroa to the Tui 2H well. More>>

Taskforce Report: Changes Recommended For Winter Grazing

A Taskforce has made 11 recommendations to improve animal welfare in intensive winter grazing farm systems, the Minister of Agriculture Damien O’Connor confirmed today. More>>