News
News
9/20/2004
12:24 PM
Connect Directly
RSS
E-Mail
50%
50%

More Security Attacks Motivated By Greed, Symantec Reports

Study shows increase in profit-motivated attacks, while overall daily attack volume declines.

There's good news and bad news on the security front. Internet security company Symantec Corp. on Monday released its Internet Security Threat Report, which provides a six-month snapshot of security events the vendor monitored for the first six months of 2004. The report is derived from the monitoring of 20,000 security devices, such as intrusion-detection systems and firewalls, in 180 countries, from Symantec's managed-security-services and DeepSight Threat Management System clients.

First the good news: The report shows an overall decline in the average daily volume of attacks. For the period of July through December 2003, Symantec calculated a daily attack rate of 12.6. From January through June 2004, the daily attack rate was 10.6. Symantec attributes the drop to a decline in Internet-based worm attacks during the first half of this year compared with other periods.

That's the end of the good news. Now for the bad news.

"We're seeing an increase in profit-motivated attacks," says Vincent Weafer, senior director of Symantec's virus research team. That could be why the security company is reporting that attacks aimed at E-commerce sites rose from 4% of overall attacks to 16%. Other trends that point to attacks for profit include the increase in phishing scams and spyware designed to pilfer user names, passwords, and financial information, Weafer says.

Another serious threat is the growth of so-called bot networks, or computers infected with malicious code that can take over the machines and use them to launch attacks on other computers. At the beginning of this year, the company monitored nearly 2,000 such networks. That figure jumped to 30,000 by June. On one day, the company saw a spike of 75,000 bot-infected computers. These bot networks are often used to launch massive distributed denial-of-service attacks that crush networks under a swarm of bogus traffic.

Other highlights of Symantec's report include:

• The January 2003 SQL Slammer worm lives on. About 15% of Internet-connected systems launching attacks did so with SQL Slammer-related attacks.

• The average time from the public disclosure of a software vulnerability to the release of attack tools designed to exploit it is 5.8 days.

• During the first half of 2004, roughly 48 new software vulnerabilities were disclosed each week.

• Symantec says that 70% of the new vulnerabilities disclosed are considered "easy to exploit."

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.