News
News
12/7/2005
04:20 PM
Connect Directly
RSS
E-Mail
50%
50%

Symantec Warns Of '06 Security Threat

The new year could usher in a steep rise in targeted attacks, as would-be hackers move away from headline-grabbing viruses to focus on lower-profile, profit-motivated attacks targeting the most vulnerable users.

A number of security vendors have published reports or press releases that identify the top security trends for 2006. These companies all have charted a steep rise in targeted attacks over the past year as would-be hackers move away from headline-grabbing, far-reaching attacks to more profit-motivated ones targeted at a narrower range of victims.

In an interview this week with VARBusiness, Symantec's senior director of security response Vincent Weafer said that while widespread worm and virus outbreaks aren't totally a thing of the past, they are being overshadowed by these new threats.

"We're seeing a significant decrease in global events and moving toward low-volume, low-profile attacks that are based on profit," he said.

He noted that Symantec has identified a 700 percent increase in bot-nets over the past year, along with a 143 percent rise in the amount of malicious code traveling across the Internet, and a doubling of phishing attacks during the same period. These are the instances -- only recently getting more publicity -- of infiltrators trying to dupe people into giving away personal information, such as social-security numbers and passwords to banking or credit-card sites.

Weafer said this new trend is especially troubling because it targets the most vulnerable users and is not yet seen as that big a deal by many users.

"Because we're not seeing this on the news the way we do with attacks like the Sober or Zotob worms, there is apathy and a general lack of interest about it," he said. "But the attacks are being targeted more and more at SMBs, and they're broadening beyond financial institutions to target e-commerce transactions like shipping and wire transfers, because these organizations have less established security practices than banks or credit-card companies." He added that emerging technologies such as wireless and peer-to-peer messaging applications are increasingly vulnerable.

Although strict and focused enforcement of security policies always has been critical, greater attention to security policies has never been more crucial than it is now. This is because things like spyware and adware simply have become an unavoidable part of the Internet user's daily life, so following your organization's usage policies to the letter is as good a defense as any technology a vendor is likely to develop.

"A lot of smaller companies struggle with deciding what's allowed and not allowed on their networks," Weafer said. "Adware and spyware programs are often just a nuisance, but they can eventually become the equivalent of a malicious virus because they're designed to be difficult if not impossible to get off your machines."

He said the trend toward smaller, more targeted attacks provides an opportunity for VARs to provide much-need services to their clients.

"Users need constant education; this is not a static landscape," Weafer said. "There's an opportunity there for resellers to provide new tools and services, and a large part of what we do is to work with partners to get the message out."

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.