Criminals rack up more than 100 potential attacks a second on the world’s computers, reveals Symantec report

By Greg Day, EMEA Security CTO for Symantec | April 20, 2010 | Leave a Comment 

Greg Day, EMEA Security CTO for Symantec

ISTR4 (3)Symantec today released its new Internet Security Threat (ISTR) report, highlighting key trends in cybercrime – and what a year 2009 has been. The web saw two very prominent Cyber attacks – Conficker in the opening months of the year and Hydraq at the very end – and Symantec’s ISTR reveals continued growth in both the volume and sophistication of cybercrime threats.

In fact, Symantec blocked an average of 100 potential attacks per second in 2009.

The full report can be viewed online here, but we’ve outlined the key findings below in an easy to digest form. Over the course of the week we will be investigating in more detail some of the top findings, so for more in depth analysis, join us again tomorrow.

Key ISTR findings:

  • An increase in the number of targeted threats focused on enterprises. Given the potential for monetary gain from compromised corporate intellectual property, cybercriminals have turned their attention toward enterprises. The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to create socially engineered attacks on key individuals within targeted companies.  Hydraq gained a great deal of notoriety at the beginning of 2010, but was only the latest in a long line of such targeted attacks including Shadow Network in 2009 and Ghostnet in 2008.
  • Attack toolkits make cybercrime easier than ever. Cybercrime attack toolkits have lowered the bar to entry for new cybercriminals, making it easy for unskilled attackers to compromise computers and steal information. One such toolkit called Zeus (Zbot), which can be purchased for as little as $700, automates the process of creating customized malware capable of stealing personal information. Using kits like Zeus, attackers created literally millions of new malicious code variants in an effort to evade detection by security software.
  • Web-based attacks continued to grow unabated. Today’s attackers are using social engineering techniques to lure unsuspecting users to malicious websites.  These websites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files.  In particular, 2009 saw dramatic growth in the number of Web-based attacks targeted at PDF viewers; this accounted for 49 percent of observed Web-based attacks. This is a sizeable increase from the 11 percent reported in 2008.

  • Malicious activity takes root in emerging countries. The report saw firm signs that malicious activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam and Russia. In 2009, these countries moved up the rankings as a source and target of malicious activity by cybercriminals. The findings from the report suggest that government crackdowns in developed countries have led cybercriminals to launch their attacks from the developing world, where they are less likely to be prosecuted.

Dominic Cook

Identity & Privacy Forum 2009

By Guy Bunker | May 14, 2009 | 1 Comment 

Guy Bunker

I’m speaking later this week at the Identity and Privacy Forum in London. The agenda for the two days will no doubt be very thought provoking. I’m talking on Data Sharing and some of the issues we have with keeping the data safe. See you there.

idplogo

National Identity Fraud Prevention Week

By Guy Bunker | October 6, 2008 | 2 Comments 

Guy Bunker

This week is National Identity Fraud Prevention Week so with luck you will see items in the press about what you can do. The short answer is simple – guard sensitive and confidential information as if it were your own.

Remember, all information is of value to someone, so look after it and when you have finished with it, dispose of it properly. Shred old documentation, erase old disk drives, encrypt sensitive information that is leaving company premises (whether it is on a laptop, CD ROM or backup tape.)

Perhaps the best thing you can do is to get the CEO or Managing director to send an email out to everyone - reminding them about the risks and consequences of losing data. We shouldn’t need a week to remind us of the problems that data loss can create – this is something we need to think about everyday.

Do You Join… Or Not

By Guy Bunker | June 2, 2008 | 1 Comment 

Guy Bunker

I seem to have been inundated with requests to join a new ‘Business Social Networking’ service. It appears that a quite a few people I know have joined up… they have then had their address book savaged and emails sent to everyone they know. So… here’s the dilemma, do you sign up or not? I belong to one business social networking site already, do I really need another?

I think the answer is no – I don’t need another, especially as the one I belong to is well established and does what I need it to (basically keep email addresses up to date - people change jobs all the time, so keeping up with a valid address can be a real task.) Having said I don’t need to sign up to another service, I have joined this new one… why? Just so no-one else can join as ‘me’. I have posted my picture but that is all – and I didn’t let the system look through my address book!

Internet based reputation is just around the corner but it isn’t here yet – and when it does arrive it needs to be guaranteed and user friendly. In the mean time, if someone has put my details out on the web and I need to have an account to correct them, or to keep someone else from signing up as me, then I will. This isn’t foolproof, far from it, there are so many ‘free’ email providers, social websites and the like, if you want to be someone else, it is very easy to do, perhaps a little too easy?