Internet Attacks Shift Focus to the Desktop
Symantec released yesterday its Internet Security Threat Report, for the first
6 months of the year, in which the company says Internet attackers are more
frequently targeting desktops rather than enterprise perimeters.
The report also found a rise in the exposure of confidential information. Such
threats can result in significant financial loss, particularly if credit card
information or banking details are exposed. During the first half of 2005, malicious
code that exposed confidential information represented 74 percent of the top
50 malicious code samples reported to Symantec, up from 54 percent in the previous
"Attackers are moving away from large, multipurpose attacks on network
perimeters and toward smaller, more targeted attacks directed at Web and client-side
applications," says Arthur Wong, vice president of Symantec Security Response
and Managed Security Services.
Symantec also observed an average of 10,352 active bot network computers per
day, an increase of more than 140 percent from the previous reporting period's
4,348 bot computers. As the financial rewards increase, attackers will likely
develop more sophisticated and stealthier malicious code that will be implemented
in bot features and bot networks, some of which could attempt to disable antivirus,
firewalls and other security measures, Symantec says.
Modular malicious code—malicious code that has limited functionality
initially but then downloads additional functionality once a system has been
infected—is also increasing. The shift toward modular malicious code is
significant because it indicates that attackers may be attempting to avoid detection
and attempting to compromise a system further by opening back doors on an infected
system or visiting Web sites where further malicious code can be retrieved and
placed on the target system.
The report also found that phishing attacks continue to proliferate. The volume
of phishing messages grew from an average of 2.99 million messages a day to
5.70 million. One out of every 125 e-mail messages scanned by Symantec Brightmail
AntiSpam was a phishing attempt, an increase of 100 percent from the last half
of 2004. Symantec Brightmail AntiSpam anti-fraud filters were blocking more
than 40 million phishing attempts per week on average, up from approximately
21 million per week.
Go to Symantec for more information.