Symantec Biannual Internet Security Threat Report

Dominic White

 
Random Entry: Work Opportunities
< New Exploit Framework | Amazon Interview >

Symantec Biannual Internet Security Threat Report

Symantec released their security threat report yesterday, they also provided a webcast. The summary is that there are an "increase in attacks against web applications, threats to Windows, severe/easy-to-exploit vulnerabilities [and] Phishing Scams."

Summary below.

Key Findings

  • More malware trying to break confidentiality:

Between July 1 and Dec. 31, 2004, malicious code created to expose confidential information represented 54 percent of the top 50 malicious code samples received by Symantec, up from 44 percent in the first six months of the year and 36 percent in the second half of 2003.

  • 366% Increase in phishing attacks:

By the end of December 2004, Symantec Brightmail AntiSpam antifraud filters were blocking an average of 33 million phishing attempts per week, up from an average of 9 million per week in July 2004. This represents an increase of over 366 percent.

  • More web based attacks, thanks johnny:

Nearly 48 percent of all vulnerabilities documented between July 1 and Dec. 31, 2004 were Web application vulnerabilities, a significant increase from the 39 percent documented in the previous six-month period.

  • More Windows malware:

From July 1 to Dec. 31, 2004, Symantec documented more than 7,360 new Windows 32 virus and worm variants. This represents an increase of 64 percent over the previous six-month period. As of Dec. 31, 2004, the total number of documented Windows 32 threats and their variants was approaching 17,500.

  • More vulnerabilities and exploits:

Between July 1 and Dec. 31, 2004, Symantec documented more than 1,403 new vulnerabilities, which translates into more than 54 new vulnerabilities per week or almost eight new vulnerabilities per day.

  • More severe and easy-to-use exploits:

Of these, 97 percent were considered moderately or highly severe, which means that successful exploitation of the vulnerability could result in a partial or complete compromise of the targeted system. Furthermore, 70 percent were considered easy to exploit, which means that either no custom code is required to exploit the vulnerability or that such code is publicly available.

  • More remote exploits:

Compounding this problem is that nearly 80 percent of all documented vulnerabilities in this reporting period are remotely exploitable.

Other Interesting Notes

  • SQL Slammer is still the most common attack (used by 22% of all attackers)!
  • The average time between vuln annoncement and exploit release is 6.4 days.
  • Mozilla browsers have had more vulnerabilities announced in the last 6-months than IE.
  • There is a large increase in mobile platform malware.
  • There is a 77% spam growth with 1.2 billion spam messages per week making up 60% of all e-mail traffic.
  • Symantec recons bots, botnets, virii, worms, trojans, spyware and multimedia embedded content attacks will increase.

Tuesday, March 22. 2005
Posted by Dominic White in Security
Comments (0) | Trackbacks (0)

Last modified on 2005-03-22 13:29
 

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

No comments

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA