Wednesday, March 08, 2006
CyberCrime - Switching Tactics
Technology Updates
New Internet Security Threat Report shows Cybercrime, Zombie PCs and Phishing threats on the rise
Tuesday, March 07, 2006 at 21:30 by Rich Kavanagh
Symantec today released its ninth volume of the Internet Security Threat Report, one of the most comprehensive sources of Internet threat data in the world. The semi-annual report, covering the six-month period from July 1, 2005 to Dec. 31, 2005, marks an increase in threats designed to facilitate cybercrime.
While past attacks were designed to destroy data, today's attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence. In the previous Internet Security Threat Report, Symantec cautioned that malicious code for profit was on the rise, and this trend continued during the second half of 2005. Malicious code threats that could reveal confidential information rose from 74% of the top 50 malicious code samples last period to 80% this period.
Arthur Wong, vice president, Symantec Security Response and Managed Security Services, said,
"Cybercrime represents today's greatest threat to consumers' digital lifestyle and to online businesses in general. The unparalleled insight this report provides into how cybercrime is happening and how it can be prevented enables Symantec to help protect the widest variety of customers in the world."
The report also details the growing trend of attackers using bot networks, targeted attacks on Web applications and Web browsers, and modular malicious code. Based on this and data from previous reporting periods, Symantec expects to see more diverse and sophisticated threats used for cybercrime as well as an increase in the theft of confidential, financial, and personal information for financial gain.
China experienced the largest increase of bot-infected computers, with 37% growth - 24 percentage points above the average increase - putting China behind only the U.S. in this category. The increase is likely related to China's rapid growth in broadband Internet connections. China also saw the largest overall increase in originating attacks; such attacks increased by 153% over the last period, marking 72 percentage points above the average increase. Bots may be an increasing source of this activity.
Phishing threats, which are attempts to deceive users into revealing confidential information, continued to increase during the last half of 2005 while focusing on smaller, regional targets. During the last half of 2005, 7.92 million daily phishing attempts were identified, an increase over the 5.70 million attempts per day in the previous reporting period. Symantec expects to see an increase in the number of phishing messages and malicious code distributed through instant messaging services in the future.
Symantec documented 1,895 new software vulnerabilities, the largest total recorded number of vulnerabilities since 1998. Of these, 97% were considered moderately or highly severe and 79% were considered easy to exploit.
Source taken from: http://itvibe.com/news/3978/
New Internet Security Threat Report shows Cybercrime, Zombie PCs and Phishing threats on the rise
Tuesday, March 07, 2006 at 21:30 by Rich Kavanagh
Symantec today released its ninth volume of the Internet Security Threat Report, one of the most comprehensive sources of Internet threat data in the world. The semi-annual report, covering the six-month period from July 1, 2005 to Dec. 31, 2005, marks an increase in threats designed to facilitate cybercrime.
While past attacks were designed to destroy data, today's attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence. In the previous Internet Security Threat Report, Symantec cautioned that malicious code for profit was on the rise, and this trend continued during the second half of 2005. Malicious code threats that could reveal confidential information rose from 74% of the top 50 malicious code samples last period to 80% this period.
Arthur Wong, vice president, Symantec Security Response and Managed Security Services, said,
"Cybercrime represents today's greatest threat to consumers' digital lifestyle and to online businesses in general. The unparalleled insight this report provides into how cybercrime is happening and how it can be prevented enables Symantec to help protect the widest variety of customers in the world."
The report also details the growing trend of attackers using bot networks, targeted attacks on Web applications and Web browsers, and modular malicious code. Based on this and data from previous reporting periods, Symantec expects to see more diverse and sophisticated threats used for cybercrime as well as an increase in the theft of confidential, financial, and personal information for financial gain.
China experienced the largest increase of bot-infected computers, with 37% growth - 24 percentage points above the average increase - putting China behind only the U.S. in this category. The increase is likely related to China's rapid growth in broadband Internet connections. China also saw the largest overall increase in originating attacks; such attacks increased by 153% over the last period, marking 72 percentage points above the average increase. Bots may be an increasing source of this activity.
Phishing threats, which are attempts to deceive users into revealing confidential information, continued to increase during the last half of 2005 while focusing on smaller, regional targets. During the last half of 2005, 7.92 million daily phishing attempts were identified, an increase over the 5.70 million attempts per day in the previous reporting period. Symantec expects to see an increase in the number of phishing messages and malicious code distributed through instant messaging services in the future.
Symantec documented 1,895 new software vulnerabilities, the largest total recorded number of vulnerabilities since 1998. Of these, 97% were considered moderately or highly severe and 79% were considered easy to exploit.
Source taken from: http://itvibe.com/news/3978/
# posted by David Low @ 9:11 AM 
