RSS Alerts

Related Links

Related Stories

  • Symantec uncovers new type of Facebook trojan
    IT security vendor Symantec has uncovered a trojan that uses the Facebook social networking portal to communicate with a command and control (C&C) server
  • Search for security
    With more than 30 000 web pages being infected every day, search engine results could increasingly lead to malware infection. Kari Larsen asks what the search engines are doing to mitigate security threats, and how users can protect themselves.
  • What’s in store for 2010?
    The Noughties are behind us now, but memories of a decade of data breaches will continue to haunt the infosec professional. If only there was a way of knowing what the threat landscape would look like in the months to come. Well you’re in luck as Davey Winder has dusted off the crystal ball and spoken to a broad church of infosec professionals to get some informed predictions for 2010
  • Symantec develops pooled high-end cyberthreat analysis service
    Symantec has joined the growing ranks of IT security vendors that are offering their pooled information on the latest ITsec threats as a value-added outsourced option for major corporates.
  • Swine flu challenges information security
    The recent outbreak of swine flu has thrown up a number of topics related to information security ranging from secure sharing of data between health professionals, to spam / phishing and issues around remote working.

News

Symantec report observes surge in malicious code for 2008

15 April 2009

Security provider, Symantec, found that malicious code activity continued to grow at a record pace throughout 2008, with the most prominent target being confidential information, according to the Symantec Internet Security Threat Report Volume XIV.

The rise in malicious code threats last year saw Symantec create over 1.6 million new malicious code signatures, equating to over 60% of the total malicious code signatures ever created by Symantec. On average, the signatures helped to block over 245 million attempted malicious code attacks each month worldwide during 2008.

The report cites that web surfing continues to be the primary course of new infections in 2008, and reported that attackers are relying more on customised malicious code toolkits to develop and distribute their threats. Symantec also revealed that 90% of all detected threats during the study period were intended to steal confidential information.

Symantec observed a surge in keystroke-logging capability, used to harvest information such as online bank account details, as it was seen to make up 76% of threats to confidential information in 2008 compared with 72% in 2007.

The report from Symantec also indicates a thriving underground economy, as well as an increased resilience from malware authors against attempts to halt their activities. This can be seen in the example of the shutdown of two US-based botnet hosting outfits, which contributed to a significant decrease in active botnet activity during September and November 2008. Botnet operators however found alternative sites for hosting, and botnet infections once again rose to previously attained levels.

Also highlighted by Symantec were vulnerabilities in web application platforms. Sixty-three percent of vulnerabilities in 2008 affected web applications, marking an increase from 59% in 2007. Additionally, of the approximately 13 000 site-specific cross-site scripting vulnerabilities reported in 2008, just 3% had been fixed at the time the report was written.

Regarding web-based attacks, the top three origins of the threats were found to be the United States (38%), China (13%) and the Ukraine (12%). Six of the top 10 countries were from the Europe and Middle East Africa regions and accounted for 45% of the global total of web based attacks.

The report from Symantec reported a growth in phishing in 2008, hitting approximately 55 000, up 66% over 2007, while an increase of 192% was observed in spam, with the number of cases touching 349.6 billion in 2008.

Guy Bunker, chief scientist at Symantec noted the rise of vulnerabilities associated with browser plug-ins. “Whilst individuals and businesses might have some sort of defence for browsers, they often don’t for browser plug-ins.”

He also observed that “Credit cards are still number one in terms of what [criminals] are after. Bank accounts are number two. Number three is passwords. This indicates that cybercriminals are after information as a general sphere.”

Speculating on threats likely to grow this year, Bunker cites mobile devices. “Because of connectivity – it’s always on - and the value of transactions in online banking, it’s worth a fiver for a criminal to attack it. A lot of people are not thinking about mobile phones as a source of data loss.” He adds that Symantec are “seeing an increase in key-loggers.”
 

 

This article is featured in:
Application Security Data Loss Internet and Network Security Malware and Hardware Security Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water