Symantec's Top 10 Internet Security Trends - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
11/16/2007
03:35 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Symantec's Top 10 Internet Security Trends

Data breaches, Vista, spam, and the professionalization of cybercrime top the security firm's list of the year's security perils.

With the end of 2007 approaching, security companies are looking ahead to 2008. McAfee planned to release its predictions about upcoming risk trends on Friday and Symantec has sent members of the media its assessment of the year to date and of the computer security perils people will be dealing with next year.

Topping Symantec's list of 2007 security trends is data breaches. Given that Symantec said earlier this month that it has agreed to purchase data-leak prevention company Vontu for $350 million, this isn't entirely surprising. Symantec is making a significant bet that there's money to be made plugging holes in corporate firewalls, as are competitors like Cisco, Trend Micro, and Websense, all of which have made similar acquisitions.

It's not hard to understand why: According to a 2006 study by the Ponemon Institute, data breaches cost an average of $4.7 million per incident and are predicted to cost even more in the future. That's not the sort of outlay any IT pro wants to own.

"Data breaches are indicative of an underlying trend: a movement away from hobbyist attacks... to targeted financially motivated attacks," said Amrit Williams, CTO of enterprise security company BigFix and a former IT security analyst for Gartner. "When you have a motivation that's driven by financial gain, the goal is to be quiet. You don't want to be seen. What the attackers are after is not to bring systems down. They're after the information itself."

Symantec's number two security trend for 2007 is Windows Vista, which has seen 16 security patches since its introduction. Both Symantec and McAfee foresee more attention being paid to Vista by malware writers as Vista adoption continues.

Third on Symantec's list is spam, which reached record levels in 2007, according to the company. That may seem improbable given the vast sea of spam in which we've been swimming for the past few years, but spammers' fortunes are buoyed by their ever-rising tide of unwanted messages. Thus, we now have to contend with spam in new bulky flavors -- image spam, PDF spam, MP3 spam, and greeting card spam -- that strains server resources even further.

A tasty irony: Offline, the mafia has long been involved with garbage collection; online, the cyber mafia is in the business of garbage generation and it's the security industry that makes a killing cleaning up.

And, as Williams and others have said, it is a business. Symantec claims that a member of the Fujacks cybercrime gang once boasted, "This is a better money-making industry than real estate."

To sustain that business and improve margins, cybercriminals are creating professional attack kits. That's the fourth-ranked trend on Symantec's list. "Forty-two percent of phishing Web sites observed in the first half of the year were associated with three phishing toolkits," according to Symantec. Kits like WebAttacker and MPack make malicious expertise available globally in an instant, with the only requirements being a download, some IT savvy, and contempt for the law.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll