Symantec: Internet Security Attacks Up
Security vendor Symantec has published a bi-annual report that shows an increase in the number of Web attacks, severe and easy to exploit vulnerabilities, phishing scams and threats to Windows. According to the report, businesses are now averaging 13.6 security incidents per day, up from 10.6 earlier in the year.
Symantec analyzed trends in security risks and Internet attacks from July 1, 2004 to Dec. 31, 2004.
The report stated that there has been a 64 percent increase in Windows worms and viruses, and an average of 45 new remotely executed vulnerabilities per week. 97 percent of these attacks were considered to be moderately high or severe, and approximately 70 percent were easy to exploit without custom coding or with code that can be found in public forums.
The most common Internet attack was the Microsoft SQL Server Resolution Service Stack Overflow Attack, which has held that position for three reporting periods; the second most common was the TCP SYN Flood Denial of Service attack.
The report also said maliciously coded applications are becoming more frequently designed to obtain confidential information and there has been an increase of over 366 percent in phishing attempts reported by Symantec Brightmail AntiSpam filters. In addition, hackers are favoring attacks on Web applications because they can bypass perimeter security.
Symantec found that Trojans that steal confidential information accounted for 33 percent of the top 50 attacks. Symantec software is now blocking roughly 33 million phishing attempts per week, up from 9 million in July 2004.
Web applications were cited as a serious concern because of the potential that hackers could obtain personal information without breaking into any servers.
The time between the disclosure of vulnerabilities and the emergence of attacks has lessened, with malicious exploit code now being publicized within a timeframe of 6.4 days.
Symantec warns that malicious code will begin targeting mobile devices -- especially Bluetooth-enabled devices -- more frequently; 'bot' networks associated with criminal activity will expand; client-side attacks using viruses and worms to propagate will become more common; attacks will be embedded in audio and video images; and spyware and adware will continue to rise despite new laws seeking to curb the practice.