Symantec issues Net security threat report

The company has issued a internet security threat report which identifies more attacks now targeting e-commerce and web applications. The sixth bi-annual report provides analysis and discussion of trends in Internet attacks, vulnerabilities, and malicious code activity for the period of Jan. 1, 2004 to June 30, 2004.

The report states that Middle East leads the world as the source of Internet threats per capita. The USA is once again the source of the most attacks by volume, with 37 per cent of the global attacks originating from their shores, and only Turkey and Israel register in the top 20 of total volume of attacks at positions 17 and 18 respectively. However, when the attack per capita rates are examined, Israel ranks 3rd globally, followed by Egypt at 6th, Turkey 7th, Kuwait 15th and Oman 17th.

Isaac, said: “There are a number of criteria which could factor in these findings, such as the 600 per cent rise in bot networks globally which is a key area for discussion in this report. As ICT policies in the Middle East come to maturity, many countries have adopted ADSL and abandoned monopolistic practices in the telecom sector, bringing cheaper and faster Internet connectivity to homes and offices across the region. This is undoubtedly a benefit, but if these new users are not aware of the security risks that the Internet can pose then they can become the targets of criminals looking to set up bot networks. A bot network is a collection of machines invisibly infected by Trojans, which are remotely controlled to issue viruses or Internet threats in to the wild. Simple measures can clear Trojans from a user’s machine, such as a free virus scan available on the internet or a comprehensive firewall and anti-virus solution, banishing the Trojan and therefore disabling the criminals from remotely controlling their computer.”

This latest Internet Security Threat Report also demonstrates that exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gains. Software vulnerabilities and targeted attacks remain a primary area of concern for organisations and individuals. By publishing a comprehensive and accurate update on Internet threat activity, Symantec is providing the information security community the information needed to effectively secure systems now and in the future.

e-Commerce was the single most targeted industry, with nearly 16 percent of attacks against it. This represents a 400-percentage increase from the four percent reported during the previous six months. Also, attacks against Web Application Technologies are increasingly popular: Web application technologies are appealing targets for attacks because of their widespread deployment within organizations and the relative ease with which they can be exploited. Web applications allow attackers to gain access to the target system simply by penetrating one end-user’s computer, bypassing traditional perimeter security measures. Nearly 82 per cent of documented Web application vulnerabilities were classified as easy to exploit, thereby representing a significant threat to an organisation’s infrastructure and critical information assets, added Issac.