Symantec explores Future of the Internet at Cyber Symposium

By admin | February 23, 2011 | 2 Comments 

admin

symblogphoto2

This evening, the first Symantec Cyber Symposium will see academics, security professionals and industry thinkers gather in London for a thought-provoking discussion about the future of the internet. We’ll be looking at the online world and the associated security challenges that will shape the thinking of business decision makers, governments and consumers in years to come.

What factors will determine the way in which the internet evolves? How might our use of it – at home, in business, or even on our body – change? How will the potential threat landscape shape the way we use it in the future?  And what will the implications be for personal privacy, commercial and national interests, which are some of the considerations that are so pivotal in society today?

I’m excited to be hosting the event, and look forward to debating some of the above. We are also welcoming some great guest speakers, including:

  • Dr. Chris Hankin, Director for the Institute for Security Science and Technology at Imperial College London, discussing issues on protecting the enterprise in the future
  • Derek Wyatt, a former MP, presenting ideas on policing international frontiers
  • Professor Richard J. Aldrich, Professor of International Security, University of Warwick, talking about extending the frontier of the internet into the human body

To date, the internet has fundamentally enhanced the way we communicate and socialise. It has made our lives easier, both at home and at work, and it’s changing all the time. By the end of this decade, the online world will look very different than today’s and only by understanding the internet’s potential evolution and the threats that may emerge, can we continue to reap its benefits in years to come.

- Ilias Chantzos, Director of Government Relations, Symantec

Safari – be careful in the Internet wild

By abigail_lovell | April 21, 2010 | Leave a Comment 

abigail_lovell

ISTR3

The launch of the Internet Security Threat Report has been keeping Symantec’s security experts busy. Articles about the report are everywhere from the BBC to the Independent, Computing to V3, even Vatican Radio in Rome!

There’s clearly lots of interesting information in the report. Some stats that I found particularly interesting is that vulnerabilities of browser-based applications are the fastest-rising information security flaws. During 2009, Mozilla Firefox was the most targeted browser platform, whereas Google Chrome and Apple’s Safari took the longest to gain protection after a flaw was identified.

From the report, we see that the average window of exposure for Internet Explorer in 2009 was less than one day, based on a sample set of 28 patched vulnerabilities. For Safari, the average window of exposure was 13 days, but the maximum time it took for Apple to patch a vulnerability in 2009 was 145 days.

Browser vulnerabilities are a serious security concern due to their role in online fraud and in the propagation of malicious code, spyware, and adware. They are particularly prone because they are exposed to a greater amount of potentially untrusted or hostile content than most other applications. There is an increased reliance on browsers and their plug-ins as the internet becomes integral to business and leisure activities, so it is important that when a vulnerability is identified, they are patched right away.

Abigail Lovell

Criminals rack up more than 100 potential attacks a second on the world’s computers, reveals Symantec report

By Greg Day, EMEA Security CTO for Symantec | April 20, 2010 | Leave a Comment 

Greg Day, EMEA Security CTO for Symantec

ISTR4 (3)Symantec today released its new Internet Security Threat (ISTR) report, highlighting key trends in cybercrime – and what a year 2009 has been. The web saw two very prominent Cyber attacks – Conficker in the opening months of the year and Hydraq at the very end – and Symantec’s ISTR reveals continued growth in both the volume and sophistication of cybercrime threats.

In fact, Symantec blocked an average of 100 potential attacks per second in 2009.

The full report can be viewed online here, but we’ve outlined the key findings below in an easy to digest form. Over the course of the week we will be investigating in more detail some of the top findings, so for more in depth analysis, join us again tomorrow.

Key ISTR findings:

  • An increase in the number of targeted threats focused on enterprises. Given the potential for monetary gain from compromised corporate intellectual property, cybercriminals have turned their attention toward enterprises. The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to create socially engineered attacks on key individuals within targeted companies.  Hydraq gained a great deal of notoriety at the beginning of 2010, but was only the latest in a long line of such targeted attacks including Shadow Network in 2009 and Ghostnet in 2008.
  • Attack toolkits make cybercrime easier than ever. Cybercrime attack toolkits have lowered the bar to entry for new cybercriminals, making it easy for unskilled attackers to compromise computers and steal information. One such toolkit called Zeus (Zbot), which can be purchased for as little as $700, automates the process of creating customized malware capable of stealing personal information. Using kits like Zeus, attackers created literally millions of new malicious code variants in an effort to evade detection by security software.
  • Web-based attacks continued to grow unabated. Today’s attackers are using social engineering techniques to lure unsuspecting users to malicious websites.  These websites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files.  In particular, 2009 saw dramatic growth in the number of Web-based attacks targeted at PDF viewers; this accounted for 49 percent of observed Web-based attacks. This is a sizeable increase from the 11 percent reported in 2008.

  • Malicious activity takes root in emerging countries. The report saw firm signs that malicious activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam and Russia. In 2009, these countries moved up the rankings as a source and target of malicious activity by cybercriminals. The findings from the report suggest that government crackdowns in developed countries have led cybercriminals to launch their attacks from the developing world, where they are less likely to be prosecuted.

Dominic Cook

Credit card dumping on the rise

By Greg Day, EMEA Security CTO for Symantec | April 8, 2010 | Leave a Comment 

Greg Day, EMEA Security CTO for Symantec

Card Security

At Symantec we’ve noted a worrying increase in so-called “credit card dumps” on offer in the criminal underworld over the past year. Dumps, which are copies of the information stored on the magnetic stripe of the original card, are usually obtained via electronic “skimming devices” fitted to the credit card machine or bank teller.

The devices often take the form of an additional card reader that is placed over the original and records any data that passes through it.

Skimming devices can be combined with a doctored keypad that is placed over the real one or a small video camera that records the PIN code entered for each card. Newer versions even contain a GSM module that will send the encrypted dumps back to the attacker. Video footage from surveillance cameras has shown that scammers can install the fake keypad and card reader in under five seconds.

Once the criminals have the information, they have the card number and can clone the credit card. The clones can be almost indistinguishable from authentic cards, often including holograms and embossed gold numbers. If the criminals have recorded the PIN codes, the cards can be used at any ATM to withdraw cash.

Spotting a skimming device is not easy as the devices are highly sophisticated and usually match the look and feel of the credit card or teller machine.

People should look out for any attached keypads or strange looking card slots. Often they are fixed point mounted and create a small overlap that just looks a bit odd and wiggles a bit.

This type of thievery is not confined to the developed economies and travellers should be particularly wary when abroad. For example, thousands of football fans will be travelling to South Africa in a couple of months for the 2010 World Cup. While the country is a developing economy, it has a highly sophisticated and modern banking infrastructure and credit card fraudsters to match it.

Credit card skimming can happen virtually anywhere so while enjoying what South Africa has to offer over and above the World Cup, it is important for travellers to pay special attention to what happens to with bank or credit cards, wherever they are used.

For more information on Internet scams relating to the 2010 Soccer World Cup, visit www.2010netthreat.com.

Candid Wüest, senior threat researcher at Symantec

Symantec helps the House of Lords tackle cyber warfare

By Greg Day, EMEA Security CTO for Symantec | March 19, 2010 | Leave a Comment 

Greg Day, EMEA Security CTO for Symantec

cyberwarfareYesterday the House of Lords released its report examining how to protect Europe against large-scale cyber-attacks. The publication of the report follows a committee meeting on the topic last year in which Symantec’s Director of Government Relations EMEA & APJ, Ilias Chantzos, was one of two cyber security experts invited to give evidence.

The report’s findings have been welcomed by Symantec, in particular the recommendation for an EU-wide approach to address cyber related issues that don’t just affect the UK. Ensuring industry and government are collaborating to address the issues will be crucial to success of such an initiative.

Commenting on the need for public and private cooperation to tackle cyber warfare, Ilias Chantzos said, “One of the biggest problems with supposed acts of cyber warfare is where and when to use the term. It is very difficult to determine the origin of an internet-based attack, and almost impossible to pinpoint either the identity or motivation of its perpetrators: whether they’re a criminal, an activist or a government agent.

“For security agencies, following the trail of evidence left by alleged cyber warfare operations is made doubly complex by the fact that this evidence typically crosses international jurisdictions. Tackling this requires international co-operation, but the current levels of co-operation between nation states are often not able to police cybercrime, much less track covert activities.”

“Another problem is that government no longer controls most of the critical infrastructure; much of it is under the control of the private sector. It is in the interest of industry and government to better cooperate to tackle these issues.”

The full recommendations from the House of Lords report can be viewed here.

Dominic Cook

And the Academy Award for the most dangerous search term goes to…

By abigail_lovell | March 10, 2010 | Leave a Comment 

abigail_lovell

The team at Norton have been busy digging through the gossip since Sunday’s glamorous Oscar ceremony. They weren’t just looking for juicy rumours though; they’ve been looking for malware around the Academy Awards.

Cybercriminals often take advantage of public interest in both individual celebrities and world entertainment events, so it is no surprise that when the two combine, crooks get busy infecting websites. Norton found that around 50% of Oscar related internet search results lead to “poisoned” sites.

 Some of the most dangerous search terms (and the percentage of infected results) include:

  • “Oscar 2010 Winners” – 60% infected
  • “Music By Prudence” – 58% infected
  • “Kathryn Bigelow height” – 48% infected
  • “Sandra bullock Meryl Streep kiss” – 43% infected

Criminals predict public curiosity and infect pages that contain key words with malware. When a victim clicks through on links from search engines they inadvertently end up with their computer infected with a virus or inundated with pop-ups for fake, and in some cases dangerous, “anti-virus software.”
 
When searching for anything online, Oscar-related or not, it is important to be on guard. Make sure you have legitimate antivirus software that includes all the latest updates, and if you don’t, make sure you buy software from a reputable source.
 
Abigail Lovell

Photo by Flickr user Zadi Diaz, licensed under CC BY 2.0.

There’s One Born Every Day… Part II

By Guy Bunker | November 17, 2008 | 1 Comment 

Guy Bunker

So scams are rife and cyber-criminals do make money – but just how much would you give up to a Nigerian 419 scam? $400,000? OK, so its amazing to me that anyone falls for this anymore, but… the story outlines how the victim was drawn in, a little at a time, evidently to a point where they didn’t think they could give up sending money.

There is no such thing as a free lunch… if a deal looks too good to be true, then it is.

How Much For Your Name?

By Guy Bunker | October 15, 2008 | Leave a Comment 

Guy Bunker

Symantec recently conducted some consumer research where we asked people to put a monetary value on different pieces of their identity. In other words,  the vital information that we all use when making transactions on the Internet. 
 
Most people thought that their name was worth about a pound, and 89 per cent would happily share it with someone they didn’t know. But when it came to their date of birth, people were a little bit more wary. Only 23 per cent of people said they would share it with someone they didn’t know, and people tended to put a value of £100 on it.
As for other pieces of important information, bank and credit card details, passports and password information, most people valued these at £100 apiece. Only 1 per cent of people said they would share their bank details, passport or password information with someone they did not know.
In reality your personal information isn’t worth all that much to the cyber criminal, unless they’re dealing in bulk.   A recent Symantec Internet Security Threat Report found that UK bank account details are being sold in bulk on “cyber crime supermarket” style underground economies, for as little as £5 an account.

So, how much is your name worth? Unfortunately not a lot, the price has come down for the cyber-criminal, while the impact to you should your information be compromised has gone up.

You can get a complete copy of the findings and recomendations in our new online security guide (3MB).