Symantec Internet Security Threat Report Tracks Notable Rise in
Cybercrime Activity
Eighty Percent of the Top 50 Malicious Code Samples Could
Reveal Confidential Information
CUPERTINO, Calif. - March 7, 2006 - Symantec Corp. (Nasdaq: SYMC)
today released its ninth volume of the Internet Security Threat
Report, one of the most comprehensive sources of Internet threat
data in the world. The semiannual report, covering the six-month
period from July 1, 2005 to Dec. 31, 2005, marks an increase in
threats designed to facilitate cybercrime.
While past attacks were designed to destroy data, todays attacks
are increasingly designed to silently steal data for profit without
doing noticeable damage that would alert a user to its presence. In
the previous Internet Security Threat Report, Symantec cautioned
that malicious code for profit was on the rise, and this trend
continued during the second half of 2005. Malicious code threats
that could reveal confidential information rose from 74 percent of
the top 50 malicious code samples last period to 80 percent this
period.
Laptop Battery Cybercrime represents todays greatest threat to consumers
digital lifestyle and to online
businesses in general, said
Arthur Wong, vice president, Symantec Security Response and
Managed Security Services. The unparalleled insight this report
provides into how cybercrime is happening and how it can be
prevented enables Symantec to help protect the widest variety of
customers in the world.
Computer Internet security is one of the web's hottest topics as identity theft, spyware infections, and virus attacks are all on the rise. Protect yourself by learning about the biggest computer Internet security threats and why your computer may be vulnerable. You may be surprised to learn that confidential information is often stored on your computer without your knowledge.
>
Thinkpad The report also details the growing trend of attackers using bot
networks, targeted attacks on Web applications and Web browsers,
and modular malicious code. Based on this and data from previous
reporting periods, Symantec expects to see more diverse and
sophisticated threats used for cybercrime as well as an increase in
the theft of confidential, financial, and personal information for
financial gain.
Computer internet security is one of the web's hottest topics as identity theft, spyware infections, and virus attacks are all on the rise. Learn about the biggest computer internet security threats and why your computer may be vulnerable.
Microsoft Crimeware Tools Expand Reach, Function
Õood security practices not only involve using a comprehensive security solution. Computer users also need to be educated about the threats they can run into while online and what the best practices are for staying safe and protecting their identity online. said Bill Rosenkrantz, director, Consumer Business Unit, Symantec Corp. ymantec is committed to educating the public about Internet safety and security, and we share the NCSA dedication to educating and protecting consumers online. .
Laptop Computers Cybercrime-related threats are gaining momentum through the use
of crimeware, software tools built with the purpose of committing
online scams and stealing information from consumers and
businesses. As Symantec noted in the previous Internet Security
Threat Report, attackers are moving away from large, multiple
purpose attacks against traditional security devices such as
firewalls and routers. Instead, they are focusing their efforts on
regional targets, desktops, and Web applications that may allow an
attacker to steal corporate, personal, financial, or confidential
information; this information could then be used for additional
criminal activity. Programs that provide attackers with
unauthorized control of a computer, known as bots, also contribute
to the rise in cybercrime threats. While the number of bot-infected
computers is 11 percent lower than last periodwith an average of
9,163 infected systems identified each day during the current
reporting periodbot networks are increasingly used for criminal
activities such as denial of service (DoS)-based extortion
attempts. Symantec estimates that this measurement is only
capturing a portion of global activity and that the actual
infection numbers are likely to be much higher. On average,
Symantec observed 1,402 DoS attacks per day, a 51 percent increase
over the previous reporting period. Symantec speculates that this
growth trend will continue as attackers leverage an increasing
number of Web-based application and browser vulnerabilities. In the
previous report, Symantec speculated that attacks directed at Web
applications would increase. During the current reporting period,
69 percent of the vulnerabilities reported to Symantec affected Web
application technologies, a 15 percent increase over the previous
period. Web application technologies, which rely on a browser for
their user interface, present an easier target for attackers due to
their availability over commonly allowed protocols such as HTTP.
Symantec has also seen an increase in modular malicious code, which
initially possesses limited functionality but is designed to update
itself with new, more damaging capabilities. Modular malicious
threats often expose confidential information that can then be used
in identity theft,
credit card fraud, or other
criminal financial activities. During the last six months of
2005, modular malicious code accounted for 88 percent of the top
50 malicious code samples reported to Symantec, up from 77
percent last period.
A Symantec Security Response Podcast featuring information from the latest Symantec Security Update for May 2006. The goal of this podcast is to help you better understand some of the threats and trends identified in the report and to help educate users on how to protect themselves. This update covers the top developments in vulnerabilities, attacks, top bot infected cities, malicious code, and spam in the Americas region during this period.
Laptop Computer Additional Key Findings
Despite of this reality, we want people to rediscover the joys of the Internet. We want to encourage a positive, passionate attitude towards information, something we like to call Online Wellbeing. The solution The modern internet security solution has to provide a full protection against all the traditional threats, but it also has to offer deep protection, monitoring the very heart of the computer at all times, anticipating everything that might be a sign of danger in the computer and preventing any such activity, preferably without the need for user intervention.
Desktop Computer * China experienced the largest increase of bot-infected
computers, with 37 percent growth24 percentage points above the
average increaseputting China behind only the U.S. in this
category. The increase is likely related to Chinas rapid growth in
broadband Internet connections. China also saw the largest overall
increase in originating attacks; such attacks increased by 153
percent over the last period, marking 72 percentage points above
the average increase. Bots may be an increasing source of this
activity.
* Phishing threats, which are attempts to deceive users into
revealing confidential information, continued to increase during
the last half of 2005 while focusing on smaller, regional targets.
During the last half of 2005, 7.92 million daily phishing attempts
were identified, an increase over the 5.70 million attempts per day
in the previous reporting period. Symantec expects to see an
increase in the number of phishing messages and malicious code
distributed through instant messaging services in the future.
* Symantec documented 1,895 new software vulnerabilities, the
largest total recorded number of vulnerabilities since 1998. Of
these, 97 percent were considered moderately or highly severe and
79 percent were considered easy to exploit.
* To highlight the importance of applying operating system and
application patches quickly, Symantec assessed the time it took for
attackers to compromise newly installed operating systems in
standard deployments such as Web servers and desktops. Of the
servers, Windows 2000 Server with no patches had the shortest
average time to compromise, while patched Windows 2003 Web Edition
and both unpatched and patched RedHat Enterprise Linux 3 were not
compromised in the testing period. Of the desktops, Microsoft
Windows XP Professional with no patches had the shortest average
time to compromise, while the same desktop system with all patches
applied as well as SuSE Linux 9 Desktop were not compromised.
* With the increased volume of vulnerabilities discovered,
Symantec also monitored the speed that organizations were able to
patch vulnerable systems. During this reporting period, an average
of 6.8 days elapsed between the announcement of a vulnerability and
the release of associated exploit code, up from 6 days last period.
An average of 49 days elapsed between the disclosure of a
vulnerability and the release of a vendor-supplied patch.
Consequently, enterprises and consumers may be susceptible to
potential attack for 42 days, highlighting the need for users to
patch systems or take other protective measures as soon as
possible. Symantec expects that the commercialization of
vulnerability research will increase, with a growth in black market
forums and an increase in vulnerability information purchased for
criminal pursuits.
* Symantec documented a small increase in new Win32 virus and worm
variants with 10,992 this period versus 10,866 last period. This
trend is part of a noticeable decline in category 3 and 4 threats
(moderate and extremely serious) and a corresponding increase in
category 1 and 2 threats (low and very low). The number of new
Win32 virus and worm families also decreased by 39 percentfrom 170
new families in the first half of 2005 to 104 this period. This
suggests that malicious code developers may be choosing to modify
currently circulating source code rather than developing new
threats from scratch.
Notebooks About the Symantec Internet Security Threat
Report
Lenovo The Symantec Internet Security Threat Report provides analysis
of network-based attacks, a review of known vulnerabilities, and
highlights of malicious code and additional security risks.
Employing the Symantec Global Intelligence Network, Symantec
identifies and analyzes emerging trends in Internet security
activity. This unparalleled pool of data includes the
following:
Hard Drive * Symantec DeepSight Threat Management System and Symantec
Managed Security Services: more than 40,000 sensors monitor network
activity in more than 180 countries and comprehensively track
attack activity across the entire Internet
* Symantecs antivirus solutions: more than 120 million client,
server, and gateway systems that have deployed Symantecs antivirus
products provide reports on malicious code as well as spyware and
adware
* Vulnerability database: covering more than 13,000
vulnerabilities affecting more than 30,000 technologies from more
than 4,000 vendors, Symantec maintains one of the worlds most
comprehensive databases of security vulnerabilities
* BugTraq: one of the most popular forums for the disclosure and
discussion of vulnerabilities on the Internet, with more than
50,000 subscribers
* Symantec Probe Network: a system of more than two million decoy
accounts, attracting email messages from 20 different countries
around the world, allowing Symantec to gauge global spam and
phishing activity
Travelstar The full report is available for download from www.symantec.com
Broadcast media can download multimedia from
www.thenewsmarket.com/symantec.
Gateway About Symantec
Symantec is the world leader in providing solutions to help
individuals and enterprises assure the security, availability, and
integrity of their information. Headquartered in Cupertino, Calif.,
Symantec has operations in more than 40 countries. More information
is available at www.symantec.com.
Laptop Parts Source: Symantec
[ Comment, Edit or Article Submission ]
