Symantec Reports On Current Threat Trends

Symantec said that according to its data attackers are shifting their attacks from network infrastructures and system services toward end users. The findings, which cover the time period of January 2006 through June 2006, were revealed in the company's Internet Security Threat Report, Volume X, published semi-annually

"Since [our] first report, much has changed. Large Internet worms targeting everything and everyone
have given way to smaller, more targeted attacks focusing on fraud, data theft, and criminal activity.
The days of Web site defacements and low-level information gathering attacks are behind us. Today
we are seeing encrypted bot networks, remotely initiated database breaches, sophisticated phishing
scams, and customized malicious code targeting specific companies. As threats have evolved, so too
has the job of tracking and reporting on them," said Dean Turner, executive editor at Symantec.

Symantec's report is based on data collected from 40,000 network sensors in over 180 countries along with data about malicious code, spyware, and adware over 120 million systems that have deployed Symantec’s antivirus products. Highlights of the report show that hile Mozilla browsers (including the hugely popular Firefox browser) had 47 vulnerabilities reported while 38 were reported in Internet Explorer. Nevertheless, attacks against Internet Explorer account for 47 percent of all attacks targeted at Web browsers.

Among other noteable findings is that of the 2,249 new vulnerabilities documented by Symantec, 80 percent
were considered to be "easily exploitable," and 78 percent of those easily exploitable vulnerabilities affected Web applications. Another interesting trend includes the the observations of an average of 6,110 DoS attacks per day, most of which were targeted at Internet service providers.

Phishing is an ever-increasing problem so far. Symantec reports that they detected 157,477 unique phishing messages, which represents and an increase of 81 percent over the previous six months. Eight-four percent of those phishing messages were centered around the finanicial services industry.

In the realm of malicious code, the company said that bots accounted for 22 percent of the top malicious code reports and 30 of the top 50 malicious code exposed confidential information. The company also documented 6,784 new Windows-based viruses and worms.

"The current threat landscape is populated by lower profile, more targeted attacks, attacks that propagate
at a slower rate in order to avoid detection and thereby increase the likelihood of successful compromise [...] Previous editions of the Internet Security Threat Report have also remarked that attack activity has
shifted from being motivated by status for technical prowess to being motivated by financial gain. Many
of today's threats are designed to gather information that has some value to the attacker," a spokeperson for Symantec said.

A copy of Symantec's report is available online in PDF format.